D:\UGit\minibrowserforwegame\pdb\sandbox\minibrowser_exe.pdb
Static task
static1
Behavioral task
behavioral1
Sample
1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f.exe
Resource
win10v2004-20240412-en
General
-
Target
1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f
-
Size
2.8MB
-
MD5
d38c1fa6b4b147c6705a0d07c7857b2d
-
SHA1
f3046f3c949c84e16d8f7d69d4643a3517b63a3c
-
SHA256
1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f
-
SHA512
f48e432b6f7fd1f964f66fa5e4b79b2ca2fb41cfbc281bbb2ca97b06423a5c98db69e3e48495ad5b166daf83c59f602f575e3f32c82146abd2a7e9969eda4a20
-
SSDEEP
24576:P+i2Cj1FNz5rTNZHksJ9Z7TcnxQShV0kSEnviJEhWT8opsHP1Mools3DPAh25Hvv:P2CRFx5fPMLPdWT8cueokSDPAc5Hvg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f
Files
-
1122adf96efd8724a1f0a034db68e5a902683154e00bbb5d2df7b2e5ca71909f.exe windows:5 windows x86 arch:x86
ef9ef616cbaf0fa216cdd4babb90883e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
libcef
cef_write_json
cef_api_hash
cef_value_create
cef_binary_value_create
cef_dictionary_value_create
cef_list_value_create
cef_v8value_create_null
cef_v8value_create_bool
cef_v8value_create_int
cef_v8value_create_double
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_array
cef_v8value_create_function
cef_process_message_create
cef_browser_host_create_browser
cef_v8context_get_current_context
cef_string_map_alloc
cef_string_map_free
cef_command_line_create
cef_command_line_get_global
cef_cookie_manager_get_global_manager
cef_stream_reader_create_for_data
cef_string_multimap_alloc
cef_string_multimap_free
cef_request_create
cef_post_data_create
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_enable_highdpi_support
cef_quit_message_loop
cef_run_message_loop
cef_shutdown
cef_initialize
cef_execute_process
cef_register_extension
cef_post_task
cef_currently_on
cef_string_list_free
cef_string_list_alloc
cef_string_userfree_utf16_free
cef_log
cef_parse_json
cef_uridecode
cef_uriencode
cef_base64decode
cef_base64encode
cef_get_extensions_for_mime_type
cef_get_mime_type
cef_format_url_for_security_display
cef_create_url
cef_parse_url
cef_string_utf16_set
cef_clear_cross_origin_whitelist
cef_parse_jsonand_return_error
cef_remove_cross_origin_whitelist_entry
cef_add_cross_origin_whitelist_entry
cef_post_data_element_create
cef_get_current_platform_thread_id
cef_time_to_timet
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_to_utf16
cef_string_utf16_clear
cef_string_utf8_clear
advapi32
RegOpenKeyExA
RegQueryValueExA
SetEntriesInAclW
GetSecurityInfo
GetSidSubAuthority
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RevertToSelf
RegDisablePredefinedCache
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
OpenProcessToken
GetAce
SetKernelObjectSecurity
GetKernelObjectSecurity
DuplicateTokenEx
ConvertSidToStringSidW
SystemFunction036
FreeSid
ImpersonateLoggedOnUser
MapGenericMask
GetNamedSecurityInfoW
IsValidSid
EqualSid
AccessCheck
CreateProcessAsUserW
GetTokenInformation
SetThreadToken
CreateRestrictedToken
DuplicateToken
LookupPrivilegeValueW
CopySid
CreateWellKnownSid
InitializeSid
dbghelp
SymGetLineFromAddr64
SymFromAddr
SymSetSearchPathW
SymGetSearchPathW
SymInitialize
SymSetOptions
SymCleanup
gdi32
GetDeviceCaps
kernel32
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
GetStdHandle
GetACP
SetStdHandle
ExitProcess
GetConsoleMode
GetConsoleCP
GetFullPathNameA
GetDriveTypeW
RtlUnwind
ExitThread
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetLastError
SetLastError
RaiseException
FreeLibrary
GetProcAddress
LoadLibraryW
GetCommandLineW
OutputDebugStringA
GetVersionExW
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DeleteCriticalSection
GetEnvironmentVariableW
RtlCaptureContext
GetCurrentProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
IsDebuggerPresent
WaitForMultipleObjects
CloseHandle
DuplicateHandle
CreateEventW
CreateProcessW
OutputDebugStringW
CreateFileW
SearchPathW
GetFileAttributesW
ExpandEnvironmentStringsW
WaitForSingleObject
GetLocalTime
FindResourceW
LoadResource
SizeofResource
LocalFree
LockResource
FindResourceExW
FindClose
WriteFile
FindNextFileW
GetPrivateProfileStringW
LocalAlloc
OpenProcess
VirtualProtect
InterlockedCompareExchange
VirtualAlloc
GetCurrentThread
FlushInstructionCache
VirtualQuery
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetModuleHandleA
HeapSetInformation
SetProcessDEPPolicy
VirtualQueryEx
VirtualAllocEx
GetCurrentDirectoryW
GetTickCount
CreateIoCompletionPort
CreateThread
ResetEvent
GetQueuedCompletionStatus
WriteConsoleW
SetEvent
RegisterWaitForSingleObject
TerminateJobObject
PostQueuedCompletionStatus
SetInformationJobObject
TerminateProcess
GetUserDefaultLangID
GetUserDefaultLCID
GetUserDefaultLocaleName
EnumSystemLocalesEx
GetProductInfo
GetNativeSystemInfo
IsWow64Process
ProcessIdToSessionId
LoadLibraryExW
Sleep
GetThreadId
SetThreadPriority
GetThreadPriority
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeCriticalSection
UnregisterWaitEx
GetFileType
SetHandleInformation
AssignProcessToJobObject
WriteProcessMemory
CreateFileMappingW
MapViewOfFile
GetCurrentProcessorNumber
SetThreadAffinityMask
VirtualFree
GetProcessHandleCount
GetProcessHeaps
SignalObjectAndWait
QueryDosDeviceW
GetLongPathNameW
VirtualProtectEx
VirtualFreeEx
ReadProcessMemory
GetModuleHandleExW
GetSystemTimeAsFileTime
QueryPerformanceFrequency
QueryPerformanceCounter
RtlCaptureStackBackTrace
TlsGetValue
AcquireSRWLockExclusive
UnmapViewOfFile
CreateNamedPipeW
CreateRemoteThread
CreateJobObjectW
QueryInformationJobObject
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
CreateMutexW
ReadFile
SetCurrentDirectoryW
TlsAlloc
TlsFree
TlsSetValue
SetFilePointerEx
FlushFileBuffers
lstrlenW
DebugBreak
FindFirstFileExW
GetSystemDirectoryW
GetModuleHandleExA
QueryDepthSList
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
SwitchToThread
WaitForSingleObjectEx
GetStringTypeW
DeviceIoControl
UnregisterWait
GetTimeZoneInformation
ole32
CoTaskMemFree
oleaut32
SysFreeString
SysAllocStringLen
SysAllocString
shell32
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderPathW
shlwapi
PathCombineW
PathFileExistsW
PathRemoveFileSpecW
StrStrIW
PathAppendW
user32
CreateWindowStationW
SetProcessWindowStation
CreateDesktopW
GetProcessWindowStation
GetThreadDesktop
GetUserObjectInformationW
CloseWindowStation
CloseDesktop
GetWindowThreadProcessId
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsWindowVisible
SetWindowPos
ShowWindow
DestroyWindow
WindowFromPoint
ScreenToClient
GetCursorPos
GetSystemMetrics
GetDoubleClickTime
GetMessageTime
TrackMouseEvent
MessageBoxW
ReleaseDC
GetDC
GetKeyState
GetPropA
IsWindow
SetWindowLongW
GetWindowLongW
CreateWindowExW
RegisterClassExW
DefWindowProcW
RegisterWindowMessageW
PostMessageW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
winmm
timeGetTime
netapi32
NetApiBufferFree
NetWkstaTransportEnum
Netbios
Exports
Exports
GetHandleVerifier
IsSandboxedProcess
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 408KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 21KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 125KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE