rust-pe-mapper[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

rust-pe-mapper.exe
Size

10.6MB
MD5

677ed209efde24b5b98233fd7032ee54
SHA1

5fa27bfdffb39361cd5c56f2bbcf229691d2613f
SHA256

69a500c45fc7e61940dca4a148c6b4e55a6c5ca7ed36fc95ae39a034c24fac4c
SHA512

8c52a46382d033383c2317d2c0d4ace7afe35b51aed82c7c954846fd4d43928b5b74c8f6b83a767593ebed92b7212934915932999094200834ba5467f11dfed2
SSDEEP

49152:vUtjytfEc1zXuFpABO7L8Ef9eLxDHSuHObsLpG5fz/HYM8iPL6wjByclJsWP61C2:vMc1ziQyu5u8iPLvBWKpSErDAlJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rust-pe-mapper.exe

Files

rust-pe-mapper.exe
.exe windows:6 windows x64 arch:x64

50705b66022ac39f31564caddcfa1301

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DuplicateHandle
GetEnvironmentVariableW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetLastError
RtlLookupFunctionEntry
RtlCaptureContext
GetStdHandle
GetCurrentProcessId
GetCurrentThread
AcquireSRWLockExclusive
WriteFileEx
SleepEx
ReadFileEx
GetExitCodeProcess
HeapFree
TryAcquireSRWLockExclusive
QueryPerformanceCounter
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
CreateMutexA
GetModuleHandleA
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
GetConsoleMode
ReleaseSRWLockShared
ReleaseMutex
GetModuleHandleW
GetModuleFileNameW
GetFullPathNameW
FreeEnvironmentStringsW
CreateNamedPipeW
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
ReleaseSRWLockExclusive
MultiByteToWideChar
WriteConsoleW
CreateThread
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
GetTempPathW
GetCurrentThreadId
WaitForSingleObject
FormatMessageW
InitializeSListHead
RtlVirtualUnwind
IsDebuggerPresent
HeapAlloc
UnhandledExceptionFilter
GetLastError
GetProcessHeap
SetUnhandledExceptionFilter
FreeLibrary
LoadLibraryExA
CloseHandle
LoadLibraryA
GetProcAddress
GetCurrentProcess
IsProcessorFeaturePresent

dbghelp

SymLoadModuleExW
SymFromNameW
SymInitializeW
SymSetOptions

oleaut32

SysStringLen
SysFreeString
GetErrorInfo

advapi32

SystemFunction036

ntdll

RtlNtStatusToDosError
NtReadFile
NtWriteFile

bcrypt

BCryptGenRandom

vcruntime140

__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
memmove
memcmp
memset
memcpy
__CxxFrameHandler3

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_set_app_type
terminate
_seh_filter_exe
_initterm_e
exit
_exit
__p___argc
__p___argv
_cexit
_c_exit
_register_onexit_function
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_crt_atexit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50705b66022ac39f31564caddcfa1301

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

dbghelp

oleaut32

advapi32

ntdll

bcrypt

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 361KB - Virtual size: 361KB

.rdata Size: 10.3MB - Virtual size: 10.3MB

.data Size: 512B - Virtual size: 856B

.pdata Size: 13KB - Virtual size: 12KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 361KB - Virtual size: 361KB

.rdata
Size: 10.3MB - Virtual size: 10.3MB

.data
Size: 512B - Virtual size: 856B

.pdata
Size: 13KB - Virtual size: 12KB

.reloc
Size: 3KB - Virtual size: 2KB