C:\Users\Fortn\OneDrive\Desktop\Desktop\ugly internal\ugly internal\x64\Release\test.pdb
Static task
static1
1 signatures
General
-
Target
v2 updated.zip
-
Size
679KB
-
MD5
f8916c4dd405d7293ff1a1f60310f661
-
SHA1
3d1eedf8532eeca76d044da3360fedd3fb0e2d58
-
SHA256
ee116ee85b884ee4adfe056d9354acc48e8b3935edb0d3411f7c4e27d8404731
-
SHA512
f0dbaf3707bdd87ebca278d98dafd1363fbeae56afed6e6d596d2cd309695f0553cff2baae89dbfc77b0b21fe9c1cc47fd3f352b86b05644d5c8d84fdf410a94
-
SSDEEP
6144:XDPio+L3G0Sx4x1VJswRYC8baxFIl+DJQATVbohyDOJh67V4CWWlI+8NyxNX2NnZ:XTmi44wRrEl+DJLdonaz1mNRicTB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/v2 updated/RzChromaSDK64.dll unpack001/v2 updated/if doesnt work/injector.exe unpack001/v2 updated/if doesnt work/test.dll
Files
-
v2 updated.zip.zip
-
v2 updated/RzChromaSDK64.dll.dll windows:6 windows x64 arch:x64
e75c717a9b521ffd4806c7d7e42d835d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
VirtualProtect
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlLookupFunctionEntry
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
__std_type_info_destroy_list
memset
_CxxThrowException
__C_specific_handler
__current_exception_context
__current_exception
__std_exception_destroy
__std_exception_copy
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf_s
api-ms-win-crt-math-l1-1-0
cosf
sinf
round
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
api-ms-win-crt-heap-l1-1-0
free
malloc
_callnewh
Sections
.text Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
v2 updated/if doesnt work/READ ME.txt
-
v2 updated/if doesnt work/injector.exe.exe windows:6 windows x64 arch:x64
bbf2cfb65b8a13c12cef6b08e355075f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
kernel32
DeviceIoControl
CreateFileW
CloseHandle
ReadFile
VirtualFree
GetCurrentProcess
WriteFile
VirtualAlloc
LoadLibraryExA
Sleep
GetLastError
LoadLibraryA
DeleteFileW
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
GetFileSize
FreeLibrary
IsDebuggerPresent
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
QueryPerformanceCounter
WideCharToMultiByte
WaitForSingleObjectEx
GetCurrentThreadId
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
ReadConsoleW
HeapReAlloc
FindClose
RtlUnwind
user32
UnhookWindowsHookEx
FindWindowA
PostThreadMessageA
GetWindowThreadProcessId
SetWindowsHookExA
shell32
ShellExecuteW
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlImageNtHeader
Sections
.text Size: 207KB - Virtual size: 207KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 202KB - Virtual size: 209KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
v2 updated/if doesnt work/test.dll.dll windows:6 windows x64 arch:x64
e75c717a9b521ffd4806c7d7e42d835d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Fortn\OneDrive\Desktop\Desktop\ugly internal\ugly internal\x64\Release\test.pdb
Imports
kernel32
VirtualProtect
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlLookupFunctionEntry
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
__std_type_info_destroy_list
memset
_CxxThrowException
__C_specific_handler
__current_exception_context
__current_exception
__std_exception_destroy
__std_exception_copy
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf_s
api-ms-win-crt-math-l1-1-0
cosf
sinf
round
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
api-ms-win-crt-heap-l1-1-0
free
malloc
_callnewh
Sections
.text Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ