T:\unity_szfq\artifacts\UnityCrashHandler\release_Win64_VS2019\UnityCrashHandler64.pdb
Static task
static1
Behavioral task
behavioral1
Sample
79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e.exe
Resource
win10v2004-20240226-en
General
-
Target
79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e
-
Size
1.2MB
-
MD5
92299290b32b83921c841afb3d0f2146
-
SHA1
6d4f2ed97e2be32b89f7cfb413b2fd18587fd0fd
-
SHA256
79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e
-
SHA512
3020a6e0cdcb8e0534f54acbe46e1d13b1af28916629545952b21f32f9ed34dd121206083b11e6477ad86408be4bb0f11f882fd2cb505acdf74f5878b14e1f21
-
SSDEEP
12288:gZdPOKcwk1EkEtjnwAxJBbQLKDrW5sTz9OoxskBGe4LWch:gZdPOKcwz9tzwAdULKDisTz0fXbh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e
Files
-
79a1ff4e474c9a1e76295230422d2134d5dddf00cb5d47b9dc092f5c736b2a2e.exe windows:6 windows x64 arch:x64
faa3abd941cf245dcb80eb6c4fe17816
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
user32
SetForegroundWindow
SetWindowTextW
InflateRect
UnionRect
GetDlgItem
LookupIconIdFromDirectoryEx
DialogBoxParamA
SendDlgItemMessageA
GetWindowLongA
SetWindowPos
EndDialog
AdjustWindowRect
SendMessageW
CreateIconFromResourceEx
OffsetRect
LoadImageA
GetIconInfo
kernel32
InterlockedPopEntrySList
DuplicateHandle
VirtualProtect
GetVersionExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapQueryInformation
HeapSize
HeapReAlloc
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapFree
HeapAlloc
FreeLibraryAndExitThread
GetConsoleOutputCP
GetConsoleMode
SetConsoleCtrlHandler
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
CloseHandle
RaiseException
GetCurrentThread
OpenThread
GetThreadTimes
GetModuleHandleA
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
WaitForSingleObjectEx
SwitchToThread
CreateThread
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
SuspendThread
ResumeThread
TlsGetValue
TlsSetValue
GetThreadContext
GetLastError
SetLastError
CreateEventW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
FlushFileBuffers
GetFileAttributesA
QueryDepthSList
ReadFile
SetFilePointerEx
WriteFile
GetEnvironmentVariableA
GetCurrentDirectoryA
OutputDebugStringA
GetSystemTime
ReadProcessMemory
VerSetConditionMask
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleW
WaitForSingleObject
LocalFree
FormatMessageW
VerifyVersionInfoW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
GetStdHandle
GetFileSize
GetTempPathW
SetEvent
WaitForMultipleObjectsEx
Sleep
TerminateProcess
GetExitCodeProcess
GetProcessId
GetThreadId
OpenProcess
CopyFileExW
AllocConsole
SetErrorMode
GetCommandLineW
InitializeCriticalSection
CreateEventA
TerminateThread
GetExitCodeThread
LoadLibraryExW
LoadResource
LockResource
SizeofResource
FindResourceA
EnumResourceNamesA
IsDebuggerPresent
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
TlsAlloc
TlsFree
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
RtlUnwindEx
RtlPcToFileHeader
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
DecodePointer
EncodePointer
GetTickCount
GetStringTypeW
UnregisterWaitEx
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
GetFileAttributesW
CreateProcessW
dbghelp
SymRegisterFunctionEntryCallback64
SymLoadModuleEx
shell32
CommandLineToArgvW
SHCreateDirectoryExW
ole32
CoCreateGuid
CoTaskMemFree
CoInitializeEx
psapi
GetModuleFileNameExW
advapi32
GetUserNameA
wininet
HttpSendRequestA
InternetOpenA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
HttpQueryInfoA
InternetCrackUrlA
gdi32
GetObjectA
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 523KB - Virtual size: 522KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 159KB - Virtual size: 158KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 472KB - Virtual size: 471KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ