C:\Users\ancient\Documents\GitHub\empty-clicker\empty\empty\output\release\empty.pdb
Static task
static1
1 signatures
General
-
Target
Empty.wtf.zip
-
Size
161KB
-
MD5
a4b1c96ef9cc774232afdf836eb163e5
-
SHA1
0776b9b81f91ecbac5303ee0a699edd6cd1f644f
-
SHA256
d215e788658d4832d979e1d8a996d4af45950ce3052dde07318c5a80a9454a48
-
SHA512
2338d1d9880e76dfd83efeaedc326bf35b568c36f406b4e43e831d6732e40622da567c74279ed1a31d5434a0de294edfc825b79f93bc91aa05ecf2ccf549f9fd
-
SSDEEP
3072:iq1zx7yUN7dCh0GTI6zrS8Hia1d1RbplLNLmqpyb//6msKtLZA6X:L1dmUqqGc6HS8HiK/RFNNLU/fBLqc
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack002/AnyDesk (EMPTY NEW).exe unpack002/AnyDesk (EMPTY OLD).exe
Files
-
Empty.wtf.zip.zip
-
Empty.wtf.rar.rar
-
AnyDesk (EMPTY NEW).exe.exe windows:6 windows x64 arch:x64
b27cc2b188afc86886f89ee087b86169
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
d3d9
Direct3DCreate9
kernel32
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetModuleHandleA
IsProcessorFeaturePresent
IsDebuggerPresent
CreateProcessA
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCurrentProcessId
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SetEvent
DeleteCriticalSection
MultiByteToWideChar
WinExec
CloseHandle
CreateThread
GetModuleFileNameA
LeaveCriticalSection
GetStartupInfoW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
TerminateProcess
user32
GetAsyncKeyState
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
DestroyWindow
SetWindowPos
GetSystemMetrics
ShowWindow
DefWindowProcA
CreateWindowExA
PeekMessageA
UnregisterClassA
PostQuitMessage
UpdateWindow
GetKeyState
LoadCursorA
GetWindowRect
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetMessageA
DispatchMessageA
CallNextHookEx
SetWindowsHookExA
MessageBoxA
UnhookWindowsHookEx
TranslateMessage
SendMessageA
FindWindowA
RegisterClassExA
msvcp140
_Xtime_get_ticks
_Query_perf_counter
_Thrd_sleep
_Query_perf_frequency
?_Xlength_error@std@@YAXPEBD@Z
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
_CxxThrowException
__current_exception_context
__current_exception
strstr
__std_terminate
__std_exception_copy
__std_exception_destroy
memchr
memcmp
memcpy
__C_specific_handler
memmove
api-ms-win-crt-heap-l1-1-0
free
_callnewh
malloc
_set_new_mode
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-runtime-l1-1-0
_exit
_initterm_e
_initterm
_c_exit
_set_app_type
_register_onexit_function
_seh_filter_exe
_initialize_onexit_table
_get_narrow_winmain_command_line
terminate
_crt_atexit
_cexit
_initialize_narrow_environment
exit
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
_set_fmode
ftell
__stdio_common_vsprintf
fclose
fseek
__p__commode
fwrite
_wfopen
fflush
fread
__stdio_common_vsscanf
api-ms-win-crt-string-l1-1-0
strncpy
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-math-l1-1-0
acosf
fmodf
cosf
ceilf
sinf
sqrtf
__setusermatherr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 215KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 176B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
AnyDesk (EMPTY OLD).exe.exe windows:6 windows x86 arch:x86
251c01289eb75fb9f6fad71b51f927b1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Latencyx\Desktop\programmer\C++\EmptyClicker\Debug\EmptyClicker.pdb
Imports
kernel32
GetStdHandle
CloseHandle
Sleep
TerminateProcess
CreateThread
CreateProcessA
OpenProcess
GetTickCount
GetModuleFileNameA
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleCursorInfo
SetConsoleCursorInfo
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleTitleA
CreateToolhelp32Snapshot
Process32First
Process32Next
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
RaiseException
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
user32
GetAsyncKeyState
GetKeyState
MessageBoxA
SendMessageA
FindWindowA
msvcp140d
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
?good@ios_base@std@@QBE_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
vcruntime140d
__vcrt_LoadLibraryExW
__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
_except_handler4_common
__std_type_info_destroy_list
_CxxThrowException
memcpy
memmove
__CxxFrameHandler3
memset
__std_exception_copy
__std_exception_destroy
ucrtbased
_set_new_mode
__p__commode
_free_dbg
_seh_filter_dll
_register_thread_local_exe_atexit_callback
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_controlfp_s
_wmakepath_s
_wsplitpath_s
wcscpy_s
_c_exit
_cexit
__p___argv
__p___argc
_set_fmode
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__setusermatherr
_set_app_type
_seh_filter_exe
_except1
_CrtDbgReportW
malloc
__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func
_CrtDbgReport
system
rand
exit
strlen
strcmp
_invalid_parameter
_configthreadlocale
_initialize_onexit_table
_callnewh
Sections
.textbss Size: - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 58KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 512B - Virtual size: 326B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ