f88fb0d6653e562a8a913b17dc13e5c07de60c6f8816f457b320108b579170ee

Sharing

Copy URL Twitter E-mail

General

Target

f88fb0d6653e562a8a913b17dc13e5c07de60c6f8816f457b320108b579170ee
Size

71KB
MD5

7780f4c54e6bb2ce16ab6c229090508d
SHA1

2fd8549242f304976cb8360ce4665b48f4272f3a
SHA256

f88fb0d6653e562a8a913b17dc13e5c07de60c6f8816f457b320108b579170ee
SHA512

3365072266a2f353e7f863bc3b9f3c3d8759c886bc59713b899b2b7ff887ebdb0c3b1a1168ca03dc826ac0704a952f17f4ff23b39031354af04a96897eb6ac9e
SSDEEP

1536:M6NAO9esIXq9eFHUAf9HeIMTWmg9Ppki6EPAyVF:M6NAO9caMFHt1BWg9RkkBz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f88fb0d6653e562a8a913b17dc13e5c07de60c6f8816f457b320108b579170ee

Files

f88fb0d6653e562a8a913b17dc13e5c07de60c6f8816f457b320108b579170ee
.dll windows:6 windows x64 arch:x64

3107d4744fccf0260dd7bb9029115622

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

FactoryGameEGS-BuildSettings.pdb

Imports

vcruntime140

__current_exception_context
memcpy
__current_exception
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
terminate

kernel32

IsDebuggerPresent
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

?GetBranchName@BuildSettings@@YAPEB_WXZ
?GetBuildDate@BuildSettings@@YAPEB_WXZ
?GetBuildTime@BuildSettings@@YAPEB_WXZ
?GetBuildURL@BuildSettings@@YAPEB_WXZ
?GetBuildVersion@BuildSettings@@YAPEB_WXZ
?GetCompatibleChangelist@BuildSettings@@YAHXZ
?GetCurrentChangelist@BuildSettings@@YAHXZ
?IsLicenseeVersion@BuildSettings@@YA_NXZ
?IsPromotedBuild@BuildSettings@@YA_NXZ
?IsWithDebugInfo@BuildSettings@@YA_NXZ

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3107d4744fccf0260dd7bb9029115622

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 200B

.pdata Size: 512B - Virtual size: 504B

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 200B

.pdata
Size: 512B - Virtual size: 504B

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 512B - Virtual size: 40B