F:\Projects\KrampUI\src-tauri\target\release\deps\krampui.pdb
Static task
static1
1 signatures
General
-
Target
KrampUI.exe
-
Size
14.8MB
-
MD5
114e02cc92a179bdca2efefe07941a66
-
SHA1
e6f4d0ab2ab8a8a0c7435ae179cccef338e85785
-
SHA256
9a7c85ebff734f2f16f9c47317d0d5c3f55e1a5007cc4b61ff2edac120869893
-
SHA512
545f96ab1fad3466e650c0a4b7727786aa6e8431c02006bd0300b9658c4fba8f2bbb7dbf57b7144efb7a0081e94352ba9d206ddc681fc72ca73978fbd3762f6f
-
SSDEEP
196608:/nsg82wOsM9EwgLeq8blPy8ZBRpCQ2ZUlx4UcJ4wKPXX/0q:/nsg82wOsM9EVArbCrKGvKPXX/0q
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource KrampUI.exe
Files
-
KrampUI.exe.exe windows:6 windows x64 arch:x64
b63ed5557f1185d48dd8d75626cafa1f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
ntdll
NtQueryInformationProcess
NtCancelIoFileEx
RtlNtStatusToDosError
RtlGetNtVersionNumbers
NtQuerySystemInformation
RtlUnwindEx
RtlPcToFileHeader
NtDeviceIoControlFile
NtCreateFile
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
NtReadFile
NtWriteFile
RtlGetVersion
kernel32
K32GetPerformanceInfo
CreateMutexA
WaitForSingleObjectEx
GetTempPathW
GetSystemTimeAsFileTime
SleepConditionVariableSRW
TryAcquireSRWLockExclusive
LoadLibraryExA
GetProcAddress
FreeLibrary
GetCurrentThread
GetLastError
CreateThread
CreateEventW
WaitForSingleObject
WriteConsoleW
UpdateProcThreadAttribute
FormatMessageW
ReleaseSRWLockShared
AcquireSRWLockShared
InitializeProcThreadAttributeList
GetModuleHandleA
CreateProcessW
lstrlenW
GetWindowsDirectoryW
GetUserDefaultLocaleName
GetSystemDirectoryW
LoadLibraryA
GlobalUnlock
WaitForMultipleObjects
ReadFileEx
CreateNamedPipeW
GlobalLock
GlobalSize
GetFullPathNameW
GlobalAlloc
ExitProcess
GlobalFree
GlobalMemoryStatusEx
MultiByteToWideChar
CancelIo
CopyFileExW
GetFinalPathNameByHandleW
RemoveDirectoryW
MoveFileExW
GetUserDefaultUILanguage
LCIDToLocaleName
DeleteFileW
LoadLibraryW
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
FindNextFileW
ReleaseMutex
HeapReAlloc
QueryPerformanceFrequency
WakeConditionVariable
WakeAllConditionVariable
GetProcessId
TerminateProcess
SleepEx
WriteFileEx
GetStdHandle
SetFilePointerEx
SetFileInformationByHandle
GetCommandLineW
SetEnvironmentVariableW
GetEnvironmentStringsW
GetCurrentDirectoryW
SetLastError
QueryPerformanceCounter
SetWaitableTimer
CreateWaitableTimerExW
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
DeleteProcThreadAttributeList
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcessId
WideCharToMultiByte
GetFileInformationByHandle
SetFileCompletionNotificationModes
GetOverlappedResult
ReadFile
PostQueuedCompletionStatus
GetQueuedCompletionStatusEx
CreateIoCompletionPort
SetHandleInformation
GetSystemInfo
ReadProcessMemory
GetFileAttributesW
GetModuleFileNameW
OutputDebugStringA
OutputDebugStringW
VirtualQueryEx
GetExitCodeProcess
GetProcessIoCounters
LoadLibraryExW
TlsFree
GetEnvironmentVariableW
GetSystemTimes
GetProcessTimes
Sleep
GetCurrentProcess
DuplicateHandle
CreatePipe
LocalFree
HeapAlloc
OpenProcess
HeapFree
GetProcessHeap
GetCurrentThreadId
CreateFileW
FindClose
GetModuleHandleW
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
RaiseException
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
user32
ShowWindow
SetWindowLongW
SendMessageW
DestroyIcon
DestroyAcceleratorTable
GetKeyboardLayout
CheckMenuItem
CreateAcceleratorTableW
EnableMenuItem
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
RegisterWindowMessageA
RegisterClassExW
RegisterHotKey
EnumChildWindows
GetMessageA
RegisterClipboardFormatW
GetClipCursor
CloseClipboard
GetRawInputData
GetDC
SetClipboardData
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
UnregisterHotKey
MapVirtualKeyExW
ClipCursor
ShowCursor
GetKeyState
ToUnicodeEx
EnumDisplayMonitors
MonitorFromPoint
GetWindowRect
AdjustWindowRectEx
GetMenu
SystemParametersInfoA
PostQuitMessage
RedrawWindow
GetClientRect
IsProcessDPIAware
SetWindowTextW
GetWindowTextLengthW
GetSystemMenu
GetWindowTextW
SetForegroundWindow
SetMenu
SendInput
CreateIcon
GetKeyboardState
SetWindowDisplayAffinity
IsIconic
GetAsyncKeyState
VkKeyScanW
GetCursorPos
ReleaseCapture
PostMessageW
SetMenuItemInfoW
CreateMenu
ClientToScreen
SetWindowPos
InvalidateRgn
SetCursorPos
GetActiveWindow
CreateWindowExW
IsWindow
GetSystemMetrics
RegisterTouchWindow
GetForegroundWindow
DestroyWindow
DispatchMessageA
GetMessageW
GetAncestor
SetWindowPlacement
GetWindowPlacement
ChangeDisplaySettingsExW
MapVirtualKeyW
GetUpdateRect
ValidateRect
GetMonitorInfoW
MonitorFromWindow
IsWindowVisible
SetCursor
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
TrackMouseEvent
MonitorFromRect
LoadCursorW
GetWindowLongW
AppendMenuW
FlashWindowEx
DefWindowProcW
PostThreadMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetWindowLongPtrW
gdi32
GetDeviceCaps
DeleteObject
CreateRectRgn
dwmapi
DwmEnableBlurBehindWindow
ole32
CoCreateInstance
OleInitialize
RegisterDragDrop
RevokeDragDrop
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
comctl32
DefSubclassProc
RemoveWindowSubclass
TaskDialogIndirect
SetWindowSubclass
shell32
CommandLineToArgvW
SHCreateItemFromParsingName
SHAppBarMessage
ShellExecuteW
SHGetKnownFolderPath
DragQueryFileW
DragFinish
advapi32
RegGetValueW
CopySid
GetLengthSid
IsValidSid
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
EventRegister
EventSetInformation
EventWriteTransfer
EventUnregister
SystemFunction036
GetTokenInformation
OpenProcessToken
psapi
GetModuleFileNameExW
GetProcessMemoryInfo
pdh
PdhRemoveCounter
PdhCollectQueryData
PdhCloseQuery
PdhOpenQueryA
PdhAddEnglishCounterW
PdhGetFormattedCounterValue
powrprof
CallNtPowerInformation
oleaut32
SetErrorInfo
SysFreeString
GetErrorInfo
SysStringLen
secur32
FreeContextBuffer
AcceptSecurityContext
FreeCredentialsHandle
ApplyControlToken
QueryContextAttributesW
AcquireCredentialsHandleA
InitializeSecurityContextW
DeleteSecurityContext
DecryptMessage
EncryptMessage
uxtheme
SetWindowTheme
bcrypt
BCryptGenRandom
ws2_32
send
WSASend
ioctlsocket
WSAIoctl
WSAGetLastError
closesocket
shutdown
bind
setsockopt
WSAStartup
WSASocketW
getsockname
getpeername
WSACleanup
recv
getaddrinfo
freeaddrinfo
connect
getsockopt
crypt32
CertFreeCertificateChain
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertDuplicateCertificateChain
CertDuplicateStore
CertCloseStore
CertOpenStore
CertAddCertificateContextToStore
CertFreeCertificateContext
api-ms-win-crt-math-l1-1-0
trunc
round
floor
pow
__setusermatherr
api-ms-win-crt-heap-l1-1-0
calloc
malloc
_set_new_mode
free
_callnewh
api-ms-win-crt-string-l1-1-0
wcsncmp
strlen
_wcsicmp
strcpy_s
wcslen
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_initialize_onexit_table
terminate
_seh_filter_exe
abort
strerror
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_crt_atexit
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
api-ms-win-crt-convert-l1-1-0
wcstol
_ultow_s
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__p__commode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 5.5MB - Virtual size: 5.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9.0MB - Virtual size: 9.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 308KB - Virtual size: 308KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ