C:\Users\pillo\Desktop\Free GUI client - RRL\x64\Release\test.pdb
Static task
static1
1 signatures
General
-
Target
pirates.dll
-
Size
555KB
-
MD5
df726561d628f5405dabb298a8513214
-
SHA1
c6d178972a449c1ef2c5dc05ffc2e9f54f09e69d
-
SHA256
e6bf8c6929e4838e3a647785dbe063594181bdf7dcbad68744eb24101bda7f2d
-
SHA512
a86d311fd5e802c1122697339855a5fc911d6e54c265998e47a19892d93a937eb204398d5bb710dbcadf182da0c59841797b148daff396b8d01ce8fc0fd2a659
-
SSDEEP
12288:9/3BNkFMVdLoMPsq/6+6XonitoSUdyjD:Fxpgks+aXonjHyjD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource pirates.dll
Files
-
pirates.dll.dll windows:6 windows x64 arch:x64
c03669d8485dc7091541deee7a898e31
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
CloseHandle
HeapAlloc
GetThreadContext
GetCurrentProcessId
FlushInstructionCache
SetThreadContext
OpenThread
SetConsoleTitleA
InitializeCriticalSectionEx
GetLastError
AttachConsole
HeapFree
DeleteCriticalSection
AllocConsole
VirtualFree
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
VirtualProtect
HeapCreate
GetCurrentProcess
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
user32
GetAsyncKeyState
ClientToScreen
CallWindowProcA
SetWindowLongPtrA
IsChild
GetCapture
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
ScreenToClient
LoadCursorA
GetKeyState
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?id@?$ctype@D@std@@2V0locale@2@A
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
_Xtime_get_ticks
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
d3dcompiler_43
D3DCompile
xinput1_3
ord2
ord4
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_type_info_destroy_list
memmove
memset
__std_exception_destroy
strstr
_CxxThrowException
__current_exception_context
memcpy
memcmp
memchr
__current_exception
__C_specific_handler
__std_terminate
__std_exception_copy
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_configure_narrow_argv
_wassert
_seh_filter_dll
_beginthreadex
terminate
api-ms-win-crt-stdio-l1-1-0
fflush
freopen
ftell
__stdio_common_vfprintf
fclose
__acrt_iob_func
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fseek
api-ms-win-crt-string-l1-1-0
strcmp
strncpy
tolower
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
free
malloc
_callnewh
api-ms-win-crt-time-l1-1-0
_ctime64
api-ms-win-crt-math-l1-1-0
ceilf
cosf
fmodf
sinf
sqrtf
floorf
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 73KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 166KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ