G:\P4\NEW__SVN\1\trunk\xrd654v\p4pc\Master\p4pc.pdb
Static task
static1
1 signatures
General
-
Target
P4G.exe
-
Size
7.5MB
-
MD5
490cb4c96243a9016be51ee4b95f88ec
-
SHA1
6d770cb15fa272d8522ff8fc2af0fea2cd60697d
-
SHA256
045df0f213fd65fd2477a7a394bbfb2e2e717b451adb5433995abf728019dfda
-
SHA512
f58fa85e2884826c807c1155831b1ac4baaf3dece5cd265133c3989ba3336c688eca88c681a93497291a76538a52837913ee0d5b01c1c64d47db1f4961d12feb
-
SSDEEP
196608:gaxKdY+s6gn+K4qpCkzaxBGD/WxevHf9WmnEQJNu5H2:g5dY+FgTFDuZ2
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource P4G.exe
Files
-
P4G.exe.exe windows:5 windows x86 arch:x86
ea3c8f86ed60ce86d4e32b888960d97d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
user32
MessageBoxW
PostThreadMessageW
GetQueueStatus
GetSystemMetrics
DefWindowProcW
RegisterWindowMessageW
GetFocus
SetWindowPos
CreateWindowExW
SendMessageW
MsgWaitForMultipleObjects
MessageBoxA
FindWindowW
GetWindowRect
GetKeyboardLayout
ShowCursor
GetCursorPos
SetCursorPos
GetParent
MapVirtualKeyExA
GetKeyNameTextW
GetClientRect
GetForegroundWindow
ClientToScreen
ToAsciiEx
MapVirtualKeyW
SendInput
LoadImageW
UpdateWindow
SetRect
SetWindowLongW
ClipCursor
LoadCursorW
TranslateMessage
AdjustWindowRect
PeekMessageW
GetMonitorInfoW
SetTimer
DispatchMessageW
ShowWindow
RegisterClassExW
kernel32
ReadFile
SleepEx
DeleteCriticalSection
CreateFileW
UnmapViewOfFile
GetFileSize
CreateThread
CreateFileMappingW
MapViewOfFile
WriteFile
SetFilePointer
GetFileAttributesW
IsDBCSLeadByte
QueryPerformanceFrequency
QueryPerformanceCounter
SetEvent
ResetEvent
WaitForMultipleObjects
GetLastError
Sleep
DebugBreak
OutputDebugStringA
FindFirstFileW
ReleaseSemaphore
FindClose
CreateMutexA
ExitThread
ResumeThread
GetExitCodeThread
GetFileAttributesA
GlobalMemoryStatusEx
CreateDirectoryA
GetCurrentThreadId
CreateSemaphoreA
CreateEventA
GetTickCount
IsDebuggerPresent
GetModuleHandleA
GetDiskFreeSpaceExA
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
WideCharToMultiByte
SetThreadExecutionState
UnhandledExceptionFilter
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
ExpandEnvironmentStringsA
PeekNamedPipe
GetFileType
GetStdHandle
EnterCriticalSection
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
GetLocalTime
FormatMessageA
VerifyVersionInfoA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
InitializeCriticalSectionEx
SetLastError
GetTickCount64
CloseHandle
ReleaseMutex
lstrlenA
ExitProcess
CreateEventW
GetModuleHandleW
GetProcAddress
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
LocalFree
DuplicateHandle
CreateSemaphoreW
GetSystemInfo
GetVersionExW
GetThreadPriority
GetCurrentThread
MulDiv
LoadLibraryW
FreeLibrary
lstrcmpW
VirtualFree
VirtualAlloc
CreateDirectoryW
ole32
CoTaskMemAlloc
CoSetProxyBlanket
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateGuid
steam_api
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallResult
SteamAPI_SetMiniDumpComment
SteamAPI_RunCallbacks
SteamAPI_Init
SteamAPI_RegisterCallback
SteamAPI_Shutdown
SteamAPI_UnregisterCallback
SteamInternal_FindOrCreateUserInterface
SteamAPI_GetHSteamUser
SteamInternal_ContextInit
SteamAPI_RestartAppIfNecessary
SteamAPI_WriteMiniDump
advapi32
CryptAcquireContextA
RegOpenKeyExW
RegCloseKey
CryptEncrypt
RegOpenKeyExA
RegQueryValueExA
CryptImportKey
CryptReleaseContext
CryptGenRandom
CryptDestroyKey
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
RegQueryValueExW
winmm
timeSetEvent
timeEndPeriod
timeGetTime
timeBeginPeriod
timeKillEvent
d3d11
D3D11CreateDeviceAndSwapChain
d3dx11_43
D3DX11SaveTextureToFileA
D3DX11CreateTextureFromMemory
D3DX11CreateThreadPump
dxgi
CreateDXGIFactory
d3dcompiler_43
D3DReflect
msvcp140
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flags@ios_base@std@@QBEHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Xlength_error@std@@YAXPBD@Z
_Thrd_sleep
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
_Mbrtowc
?_Xbad_alloc@std@@YAXXZ
_Xtime_get_ticks
?_W_Getmonths@_Locinfo@std@@QBEPBGXZ
?_W_Getdays@_Locinfo@std@@QBEPBGXZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
wmvcore
WMCreateReader
vcruntime140
_except_handler4_common
__std_exception_copy
memset
_CxxThrowException
__std_exception_destroy
__std_type_info_destroy_list
strchr
wcsstr
_purecall
strrchr
__std_terminate
_set_se_translator
__CxxFrameHandler3
strstr
memcpy
memmove
memchr
longjmp
_setjmp3
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vswscanf
__p__commode
fclose
fseek
fwrite
fputc
fflush
feof
ftell
ferror
_read
_write
fopen
_open
__stdio_common_vsscanf
fputs
_set_fmode
__stdio_common_vsprintf_s
__stdio_common_vswprintf_s
__stdio_common_vfprintf
fread
fgets
fopen_s
__stdio_common_vsprintf
__acrt_iob_func
_close
__stdio_common_vswprintf
_lseeki64
api-ms-win-crt-string-l1-1-0
strncmp
strncpy
strtok
_wcsupr
isdigit
strncat
strcpy_s
strnlen
_strdup
isgraph
isprint
islower
isupper
wcscpy_s
_wcsicmp
isalpha
isxdigit
strpbrk
tolower
isspace
strcat_s
_stricmp
isalnum
api-ms-win-crt-utility-l1-1-0
srand
qsort
api-ms-win-crt-convert-l1-1-0
_wtoi
mbstowcs_s
atoi
strtol
atof
strtoul
strtoll
wcstombs_s
atol
mbstowcs
api-ms-win-crt-runtime-l1-1-0
_initialize_wide_environment
_initterm
exit
_initterm_e
_exit
_seh_filter_exe
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_set_app_type
_controlfp_s
_cexit
terminate
_configure_narrow_argv
_seh_filter_dll
_errno
_c_exit
_wassert
_get_wide_winmain_command_line
strerror
__sys_nerr
_getpid
_register_thread_local_exe_atexit_callback
_beginthreadex
_configure_wide_argv
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
_wsetlocale
setlocale
api-ms-win-crt-filesystem-l1-1-0
_stat64
_findclose
_fstat64
_wfindnext64i32
_wfindfirst64i32
api-ms-win-crt-heap-l1-1-0
malloc
free
calloc
_set_new_mode
_callnewh
realloc
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64
_gmtime64_s
strftime
_mktime64
api-ms-win-crt-multibyte-l1-1-0
_mbspbrk
_mbsnbcpy
_mbschr
_mbsicmp
api-ms-win-crt-math-l1-1-0
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_CIfmod
_libm_sse2_log10_precise
_libm_sse2_pow_precise
_except1
_libm_sse2_sin_precise
_libm_sse2_cos_precise
frexp
modf
_libm_sse2_sqrt_precise
_CIatan2
_libm_sse2_tan_precise
ceil
__setusermatherr
floor
x3daudio1_7
X3DAudioInitialize
X3DAudioCalculate
dinput8
DirectInput8Create
gdi32
GetStockObject
shell32
SHGetFolderPathW
oleaut32
SysAllocString
SysFreeString
GetErrorInfo
VariantInit
VariantClear
CreateErrorInfo
SetErrorInfo
VariantChangeType
ws2_32
ntohl
WSAIoctl
ioctlsocket
WSAStartup
ntohs
htons
WSACleanup
WSAGetLastError
__WSAFDIsSet
select
sendto
WSASetLastError
recvfrom
recv
send
bind
gethostname
htonl
setsockopt
getaddrinfo
freeaddrinfo
closesocket
connect
getpeername
getsockname
listen
socket
getsockopt
accept
crypt32
CertFreeCertificateContext
wldap32
ord79
ord33
ord143
ord32
ord30
ord211
ord60
ord50
ord46
ord26
ord22
ord41
ord200
ord35
ord27
ord301
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
??0CAsyncReader@@QAE@PA_WPAUIUnknown@@PAVCAsyncStream@@PAJ@Z
??1CAsyncReader@@UAE@XZ
?CreateInstance@WMFDemuxFilter@@SGPAVCUnknown@@PAUIUnknown@@PAJ@Z
?GetPin@CAsyncReader@@UAEPAVCBasePin@@H@Z
?GetPinCount@CAsyncReader@@UAEHXZ
png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_current_pass_number
png_get_current_row_number
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_name
png_get_io_chunk_type
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_alpha_mode
png_set_alpha_mode_fixed
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_16
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_scale_16
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_sig_cmp
png_start_read_image
png_warning
Sections
.text Size: 5.3MB - Virtual size: 5.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 450KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.2MB - Virtual size: 533.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.msvcjmc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 265KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 331KB - Virtual size: 332KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ