0244a7f21524ff2afeb41842d6d9bdf2d4da8740ae597460311fcafd98080d06

Sharing

Copy URL Twitter E-mail

General

Target

0244a7f21524ff2afeb41842d6d9bdf2d4da8740ae597460311fcafd98080d06
Size

35KB
MD5

2e7aea3f726625dfba4d42905e5e58d7
SHA1

e224c4cd90626b94ec337134be646a967650f604
SHA256

0244a7f21524ff2afeb41842d6d9bdf2d4da8740ae597460311fcafd98080d06
SHA512

25f239eeaffc3106ba8abd711573aa4f6f63a1818b012e8385c06899430f7cc7aea0d78087f377c9be021fcf4eec03b7ad36b168a76936fdad2e4382daf59658
SSDEEP

768:Dxzg7ozWCJzpV7Jr905Qb5GHsdHfEm/sR:toot/dG5Qb5GHsdHfEm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0244a7f21524ff2afeb41842d6d9bdf2d4da8740ae597460311fcafd98080d06

Files

0244a7f21524ff2afeb41842d6d9bdf2d4da8740ae597460311fcafd98080d06
.exe windows:6 windows x64 arch:x64

727cab720d3be649704515ee7cc5b2e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\projects\repos\cerbero.git\build\sources\msvc_x86_64\gstreamer-1.0-1.23.90\_builddir\tools\gst-launch-1.0.pdb

Imports

gstreamer-1.0-0

gst_util_get_timestamp
gst_element_query_duration
gst_element_query_position
gst_element_state_get_name
gst_parse_launchv
gst_pipeline_get_type
gst_value_serialize
gst_printerr
gst_print
gst_init_get_option_group
gst_bin_recalculate_latency
gst_bin_add
gst_element_add_property_deep_notify_watch
gst_element_set_state
gst_element_post_message
gst_deinit
gst_object_unref
gst_object_get_path_string
gst_mini_object_unref
gst_date_time_has_time
gst_date_time_get_year
gst_version_string
_gst_date_time_type
_gst_structure_type
_gst_caps_type
_gst_sample_type
_gst_tag_list_type
gst_debug_bin_to_dot_file_with_ts
gst_message_new_application
gst_element_send_event
gst_element_get_bus
gst_element_get_type
gst_element_factory_make
gst_bus_add_watch
gst_bus_set_sync_handler
gst_pad_get_type
gst_event_new_eos
gst_message_parse_property_notify
gst_message_parse_have_context
gst_message_parse_toc
gst_message_parse_progress
gst_message_parse_request_state
gst_object_get_type
gst_message_parse_new_clock
gst_message_parse_state_changed
gst_message_parse_buffering
gst_message_parse_tag
gst_message_parse_info
gst_message_parse_warning
gst_message_parse_error
gst_message_get_seqnum
gst_message_get_structure
gst_message_type_get_name
gst_context_get_structure
gst_context_get_context_type
gst_toc_entry_type_get_nick
gst_toc_entry_get_start_stop_times
gst_toc_entry_get_tags
gst_toc_entry_get_sub_entries
gst_toc_entry_get_entry_type
gst_toc_get_entries
gst_tag_list_get_sample_index
gst_tag_list_get_date_time_index
gst_tag_list_get_string_index
gst_tag_list_copy_value
gst_tag_list_get_value_index
gst_tag_list_foreach
gst_tag_list_get_tag_size
gst_tag_list_to_string
gst_tag_get_nick
gst_tag_get_type
gst_sample_get_caps
gst_sample_get_buffer
gst_buffer_get_size
gst_caps_to_string
gst_structure_to_string
gst_structure_get_string
gst_structure_has_name
gst_structure_new
gst_date_time_unref
gst_date_time_to_iso8601_string
gst_date_time_get_time_zone_offset
gst_date_time_get_second
gst_date_time_get_minute
gst_date_time_get_hour
gst_date_time_get_day
gst_date_time_get_month

glib-2.0-0

g_win32_get_command_line
g_assertion_message_expr
g_strv_length
g_strfreev
g_strconcat
g_strdup_printf
g_strdup
g_option_context_add_group
g_option_context_parse_strv
g_option_context_add_main_entries
g_option_context_free
g_option_context_new
g_print
g_log
g_source_remove
g_timeout_source_new
g_source_set_callback
g_source_destroy
g_source_attach
g_source_unref
g_main_loop_unref
g_main_loop_quit
g_main_loop_run
g_main_loop_new
g_clear_error
g_get_tmp_dir
g_get_prgname
g_set_prgname
g_snprintf
g_setenv
g_file_test
g_free
g_malloc0_n
g_list_foreach

intl-8

libintl_bindtextdomain
libintl_textdomain
libintl_gettext
libintl_bind_textdomain_codeset

gobject-2.0-0

g_value_get_boxed
g_signal_handler_disconnect
g_value_unset
g_type_check_value_holds
g_type_check_instance_is_a
g_value_dup_string
g_strdup_value_contents

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps

kernel32

GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetConsoleCtrlHandler

vcruntime140

memset
memcpy
__C_specific_handler
__current_exception_context
__current_exception
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argv
_set_app_type
_seh_filter_exe
_c_exit
_exit
exit
_cexit
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_register_thread_local_exe_atexit_callback
__p___argc

api-ms-win-crt-stdio-l1-1-0

_isatty
_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
setlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

727cab720d3be649704515ee7cc5b2e0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gstreamer-1.0-0

glib-2.0-0

intl-8

gobject-2.0-0

winmm

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 52B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 52B