D:\a\velopack\velopack\src\Rust\target\i686-pc-windows-msvc\release\deps\setup.pdb
Static task
static1
1 signatures
General
-
Target
Assist-win-Setup.kGbwArIi.exe.part
-
Size
19.6MB
-
MD5
b2a9a4088a2b4c23f0db40b581eb20f4
-
SHA1
5bf5b003d02118d724580593488f5e24db8677e7
-
SHA256
013f7fe61807c38f91bcc73cad6ee5e98136551a7d8b10093b26b61b46635177
-
SHA512
8a6ad2114b6965acc4ed8542a791df898846144de472d5149512af7d1d2bcd09c91061078a1083552f82a001621212cdc52d772dd4f4e1aba9dc071c89826228
-
SSDEEP
393216:w8fl1A+LF4y41/2km9/xMym4c0zNXVQq2qkcAaoViICoyhd8owBlCsjcyI:w8NFQm7Fm4c0/2qk2OiXdttyI
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Assist-win-Setup.kGbwArIi.exe.part
Files
-
Assist-win-Setup.kGbwArIi.exe.part.exe windows:6 windows x86 arch:x86
45a3847720d75d596d00c9736f6fe6a0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
TryAcquireSRWLockExclusive
GetStdHandle
FlushFileBuffers
WaitForSingleObject
MultiByteToWideChar
WriteConsoleW
SetLastError
CreateWaitableTimerExW
SetWaitableTimer
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleW
FormatMessageW
GetCurrentDirectoryW
ReleaseMutex
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcessId
CreateMutexA
RtlCaptureContext
GetEnvironmentVariableW
GetModuleFileNameW
CreateFileW
GetFileInformationByHandle
HeapSize
SetFilePointerEx
FindNextFileW
CreateDirectoryW
FindFirstFileW
FindClose
LCMapStringW
CompareStringW
SetHandleInformation
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
GetProcAddress
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
CreateNamedPipeW
CreateThread
ReadFileEx
SleepEx
WriteFileEx
ExitProcess
GetExitCodeProcess
GetSystemTimeAsFileTime
AcquireSRWLockShared
ReleaseSRWLockShared
DeleteFileW
MoveFileExW
GetFileType
SystemTimeToFileTime
GetCPInfo
GetOEMCP
GetModuleHandleA
GetConsoleOutputCP
GetACP
IsValidCodePage
FindFirstFileExW
DecodePointer
GetCommandLineA
GetModuleHandleExW
WriteFile
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
DuplicateHandle
GetCurrentProcess
TlsSetValue
TlsGetValue
RaiseException
GetFullPathNameW
GetSystemInfo
UnmapViewOfFile
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
CreateFileMappingW
SleepConditionVariableSRW
SwitchToThread
WakeAllConditionVariable
SetFileInformationByHandle
GetCurrentThread
GetFileInformationByHandleEx
MulDiv
CloseHandle
GetTimeZoneInformationForYear
LoadLibraryExW
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
OpenProcess
SetConsoleMode
GetConsoleMode
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
lstrlenW
GetNativeSystemInfo
SetThreadStackGuarantee
AddVectoredExceptionHandler
MapViewOfFile
VirtualProtect
GetDiskFreeSpaceExW
GetProcessId
TerminateProcess
CopyFileExW
GetLastError
QueryFullProcessImageNameW
SetCurrentDirectoryW
CreateMutexW
SystemTimeToTzSpecificLocalTime
OutputDebugStringW
OutputDebugStringA
LoadLibraryExA
FreeLibrary
GetCommandLineW
ReleaseSRWLockExclusive
GlobalFree
GlobalAlloc
LocalFree
ExpandEnvironmentStringsW
VerifyVersionInfoW
InitializeProcThreadAttributeList
AcquireSRWLockExclusive
VerSetConditionMask
ntdll
NtReadFile
NtWriteFile
RtlInitUnicodeString
NtCreateFile
RtlNtStatusToDosError
bcrypt
BCryptGenRandom
advapi32
RegCloseKey
RegEnumKeyExW
RegGetValueW
RegQueryInfoKeyW
SystemFunction036
RegOpenKeyExW
RegQueryValueExW
RegSetKeyValueW
RegCreateKeyExW
crypt32
CertGetCertificateChain
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertDuplicateStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateChain
CertDuplicateCertificateChain
CertFreeCertificateContext
CertOpenStore
CertVerifyCertificateChainPolicy
ws2_32
send
ioctlsocket
getsockname
getpeername
WSASend
WSARecv
recv
setsockopt
freeaddrinfo
WSASocketW
WSACleanup
WSAStartup
WSAGetLastError
getaddrinfo
select
getsockopt
WSADuplicateSocketW
closesocket
connect
secur32
DeleteSecurityContext
QueryContextAttributesW
FreeContextBuffer
FreeCredentialsHandle
AcceptSecurityContext
EncryptMessage
DecryptMessage
InitializeSecurityContextW
AcquireCredentialsHandleA
user32
DispatchMessageW
GetMessageW
IsChild
TranslateMessage
GetWindow
AllowSetForegroundWindow
EndDialog
UpdateWindow
DestroyCursor
EndDeferWindowPos
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSystemMetrics
GetClassInfoExW
GetParent
IsDialogMessageW
GetWindowRect
LoadAcceleratorsW
LoadImageW
BeginDeferWindowPos
TranslateAcceleratorW
PostQuitMessage
GetAncestor
EnumChildWindows
RegisterClassExW
SetUserObjectInformationW
SetProcessDPIAware
GetWindowLongW
ReleaseDC
ShowWindow
InvalidateRect
SendMessageW
FillRect
EndPaint
GetDesktopWindow
BeginPaint
SetTimer
SetFocus
GetFocus
GetDC
GetClientRect
DefWindowProcW
LoadIconW
LoadCursorW
DestroyIcon
CreateDialogParamW
SetWindowLongW
DestroyAcceleratorTable
CreateWindowExW
SystemParametersInfoW
gdi32
DeleteDC
SetStretchBltMode
CreateBitmap
StretchBlt
BitBlt
DeleteObject
SelectObject
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleBitmap
CreateCompatibleDC
ole32
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
propsys
InitPropVariantFromStringVector
comctl32
TaskDialogIndirect
InitCommonControls
psapi
EnumProcesses
shell32
ShellExecuteW
SHGetKnownFolderPath
oleaut32
GetErrorInfo
SysFreeString
SysStringLen
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 836KB - Virtual size: 835KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 77KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ