C:\Users\iiwms\Downloads\ClaxsPastedInternal\ClaxsPastedInternal\x64\Release\UnrealEngine.pdb
Static task
static1
1 signatures
General
-
Target
davs internal.zip
-
Size
629KB
-
MD5
224069ee2eefd1214aea760978a81f43
-
SHA1
708c4ec8b4541d16ef5ed70734acf8b52b2ad068
-
SHA256
ee56777a5ea8d83d150ea72933852bffae4e952365ce24b6895a14446e09b929
-
SHA512
2a78d040a8ef9bf0c1f1858068b0d85afa14a0f63b3766392719d665162d57adc49d836c20b03ba2abbc8528a6bcc20ec6ed53eee7a88dda77b3f084a33e9024
-
SSDEEP
6144:zdgw77yTKV78j7ZG0Sx4x1VJswRYC8baxFIl+DJQATVbohlDOJh67V4CWWlI+8NG:zqsyT84i44wRrEl+DJLdo6az1mNRip
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/davs internal/injector.exe unpack001/davs internal/test.dll
Files
-
davs internal.zip.zip
-
davs internal/injector.exe.exe windows:6 windows x64 arch:x64
bbf2cfb65b8a13c12cef6b08e355075f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
kernel32
DeviceIoControl
CreateFileW
CloseHandle
ReadFile
VirtualFree
GetCurrentProcess
WriteFile
VirtualAlloc
LoadLibraryExA
Sleep
GetLastError
LoadLibraryA
DeleteFileW
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
GetFileSize
FreeLibrary
IsDebuggerPresent
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
QueryPerformanceCounter
WideCharToMultiByte
WaitForSingleObjectEx
GetCurrentThreadId
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
ReadConsoleW
HeapReAlloc
FindClose
RtlUnwind
user32
UnhookWindowsHookEx
FindWindowA
PostThreadMessageA
GetWindowThreadProcessId
SetWindowsHookExA
shell32
ShellExecuteW
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlImageNtHeader
Sections
.text Size: 207KB - Virtual size: 207KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 202KB - Virtual size: 209KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
davs internal/test.dll.dll windows:6 windows x64 arch:x64
7f29b44bae18c2cac761da7e31440a9d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__C_specific_handler
memset
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcpy
__std_type_info_destroy_list
api-ms-win-crt-math-l1-1-0
round
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_register_onexit_function
_execute_onexit_table
_initialize_narrow_environment
_initterm
_crt_atexit
_initterm_e
_cexit
_initialize_onexit_table
_seh_filter_dll
api-ms-win-crt-heap-l1-1-0
malloc
free
_callnewh
kernel32
IsProcessorFeaturePresent
EnterCriticalSection
CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sections
.text Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ