c:\Were-Count\Press-Sat\Sugar\Mix\fill-Fast\Grass.pdb
Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
8e4dbad1fadad50adc35b44883093421.dll
Resource
win7-20231215-en
General
-
Target
8e4dbad1fadad50adc35b44883093421
-
Size
330KB
-
MD5
8e4dbad1fadad50adc35b44883093421
-
SHA1
b9203a206c512ffb4bc4190145b4bffc5d76a001
-
SHA256
ecc665fd1702211c3bbb17d92e91499583a875b458ea095be7cca9c22cac0ca9
-
SHA512
d17fdc238d7c1f6822f32f282a83b1d014b93dc05379951f8d25db224e835ef9c16f5c88f2c5a24de36fa6f950807efe03b7a348cae9d0c01197ad750c91a0df
-
SSDEEP
3072:jPCv3U++x74Xc9HSeBm+vZbSoCYll3e33+TaQaqi2zwSHtnBkHpaqc+kp1Rh/Nif:cI7WcRXFS8K/2zvkHpaqcb17/Nis59+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8e4dbad1fadad50adc35b44883093421
Files
-
8e4dbad1fadad50adc35b44883093421.dll windows:5 windows x86 arch:x86
a4a20590224675664c6c0ce0da016941
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
CreateProcessA
RemoveDirectoryA
SetFileAttributesA
Sleep
FreeLibrary
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GetEnvironmentVariableA
VirtualProtect
GetCurrentDirectoryA
GetWindowsDirectoryA
SetConsoleCP
GetSystemDirectoryA
SetConsoleOutputCP
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
CreateFileA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetLastError
HeapFree
GetCPInfo
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleW
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
HeapSize
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
InitializeCriticalSectionAndSpinCount
user32
MapWindowPoints
GetSystemMetrics
DestroyMenu
BeginPaint
EmptyClipboard
InvalidateRect
PostMessageA
ValidateRect
Exports
Exports
Colonysun
Eyeweight
Speechwar
Tiny
Sections
.text Size: 237KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 618KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ