2024-01-23_f25204b61d5e9e78aa5daa321268dec7_polyvice

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_f25204b61d5e9e78aa5daa321268dec7_polyvice
Size

1.4MB
MD5

f25204b61d5e9e78aa5daa321268dec7
SHA1

74a008f9220806fb404002b84c2598a835ccccdc
SHA256

9fbb741ddfa4567c6e298e6dc04542eaf752ac119ae460cb655c8a92212d2be7
SHA512

070eea5fd3a3742483792d1bd1d4313810b66957ad07ffa701cda88d43d9915b0515e36e57d5f807a5168c3f208f345dcfe01b985b01cbf71f6ebc1e31472f68
SSDEEP

24576:chUXqT80yr8xiIUPfqTb6DynzGwpCp+1TVw2/5bxH3MThGH:chkqT8F5PfqTb6Dynkm+2/5bxH8T8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-23_f25204b61d5e9e78aa5daa321268dec7_polyvice

Files

2024-01-23_f25204b61d5e9e78aa5daa321268dec7_polyvice
.exe windows:4 windows x64 arch:x64

c13b1151443ffd1a886d2550729f0081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcairo-2

cairo_arc
cairo_clip
cairo_create
cairo_destroy
cairo_fill
cairo_fill_preserve
cairo_get_current_point
cairo_get_line_width
cairo_get_target
cairo_image_surface_create
cairo_image_surface_get_height
cairo_image_surface_get_width
cairo_line_to
cairo_move_to
cairo_new_path
cairo_paint
cairo_pdf_surface_add_outline
cairo_pdf_surface_create
cairo_pdf_surface_set_page_label
cairo_pdf_surface_set_size
cairo_ps_surface_create
cairo_ps_surface_set_eps
cairo_ps_surface_set_size
cairo_recording_surface_create
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rel_line_to
cairo_rel_move_to
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_set_dash
cairo_set_line_width
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_status_to_string
cairo_stroke
cairo_surface_destroy
cairo_surface_finish
cairo_surface_get_type
cairo_surface_reference
cairo_surface_show_page
cairo_surface_status
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_svg_surface_create
cairo_tag_begin
cairo_tag_end
cairo_translate

libgobject-2.0-0

g_object_unref
g_type_check_instance_cast

libgsl-25

gsl_cdf_ugaussian_Pinv
gsl_histogram_bins
gsl_histogram_clone
gsl_histogram_free
gsl_histogram_get
gsl_histogram_get_range
gsl_histogram_max
gsl_histogram_max_val
gsl_histogram_min
gsl_histogram_sum
gsl_ran_gaussian_pdf
gsl_vector_alloc
gsl_vector_free
gsl_vector_memcpy
gsl_vector_minmax

libiconv-2

libiconv
libiconv_close
libiconv_open

libintl-8

libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

libpango-1.0-0

pango_attr_font_desc_new
pango_attr_list_insert
pango_attr_list_new
pango_attr_list_unref
pango_attr_rise_new
pango_attr_scale_new
pango_attr_underline_new
pango_font_description_copy
pango_font_description_equal
pango_font_description_free
pango_font_description_from_string
pango_font_description_get_set_fields
pango_font_description_set_absolute_size
pango_font_description_set_size
pango_font_description_set_style
pango_font_description_set_weight
pango_layout_get_baseline
pango_layout_get_iter
pango_layout_get_size
pango_layout_iter_free
pango_layout_iter_get_line_extents
pango_layout_iter_get_line_yrange
pango_layout_iter_next_line
pango_layout_new
pango_layout_set_alignment
pango_layout_set_attributes
pango_layout_set_font_description
pango_layout_set_markup
pango_layout_set_text
pango_layout_set_width
pango_layout_set_wrap
pango_parse_markup

libpangocairo-1.0-0

pango_cairo_context_set_resolution
pango_cairo_create_context
pango_cairo_create_layout
pango_cairo_show_layout

libxml2-2

xmlCreatePushParserCtxt
xmlDocGetRootElement
xmlFree
xmlFreeDoc
xmlFreeParserCtxt
xmlFreeTextWriter
xmlGetProp
xmlNewTextWriter
xmlNodeGetContent
xmlNodeListGetString
xmlOutputBufferCreateFile
xmlParseChunk
xmlReadMemory
xmlStrdup
xmlTextWriterEndDocument
xmlTextWriterEndElement
xmlTextWriterSetIndent
xmlTextWriterSetIndentString
xmlTextWriterStartDocument
xmlTextWriterStartElement
xmlTextWriterWriteAttribute
xmlTextWriterWriteElement
xmlTextWriterWriteFormatAttribute
xmlTextWriterWriteString

advapi32

CryptAcquireContextA
CryptGenRandom

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
FindClose
FindFirstFileA
GetACP
GetCurrentProcess
GetFileInformationByHandle
GetFileType
GetFullPathNameA
GetHandleInformation
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetProcAddress
GetStartupInfoA
GetTempPathA
GetThreadLocale
GetVersionExA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MoveFileExW
MultiByteToWideChar
PeekNamedPipe
SetUnhandledExceptionFilter
Sleep
TlsGetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_access
_acmdln
_amsg_exit
_assert
_cexit
_close
_commode
_dup2
_errno
_fdopen
_filelengthi64
_fileno
_fmode
_get_osfhandle
_getch
_getmaxstdio
_gmtime64
_initterm
_isatty
_localtime64
_lseeki64
_mkdir
_onexit
_open
_open_osfhandle
_pclose
_popen
_read
_rmdir
_setjmp
_setmaxstdio
_setmode
_stricmp
_strnicmp
_time64
_unlink
_wassert
_wfopen
_wopen
_write
_wstat64
_wunlink
abort
atoi
atol
calloc
clearerr
clock
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fputc
fputs
fread
free
fsetpos
ftell
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
putc
putchar
puts
qsort
raise
realloc
setlocale
setvbuf
signal
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
tolower
toupper
ungetc
vfprintf
wcslen
longjmp

Sections

.text
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 490KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c13b1151443ffd1a886d2550729f0081

Headers

File Characteristics

Imports

libcairo-2

libgobject-2.0-0

libgsl-25

libiconv-2

libintl-8

libpango-1.0-0

libpangocairo-1.0-0

libxml2-2

advapi32

kernel32

msvcrt

Sections

.text Size: 799KB - Virtual size: 798KB

.data Size: 38KB - Virtual size: 37KB

.rdata Size: 490KB - Virtual size: 490KB

.pdata Size: 39KB - Virtual size: 38KB

.xdata Size: 38KB - Virtual size: 38KB

.bss Size: - Virtual size: 12KB

.idata Size: 12KB - Virtual size: 11KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.text
Size: 799KB - Virtual size: 798KB

.data
Size: 38KB - Virtual size: 37KB

.rdata
Size: 490KB - Virtual size: 490KB

.pdata
Size: 39KB - Virtual size: 38KB

.xdata
Size: 38KB - Virtual size: 38KB

.bss
Size: - Virtual size: 12KB

.idata
Size: 12KB - Virtual size: 11KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B