D:\Projects\CPP\Potato-Injector\x64\Release\potatoInjector.pdb
Static task
static1
1 signatures
General
-
Target
potatoInjector_2.exe
-
Size
1023KB
-
MD5
7da976a33bc81eb2a7101b0ea3940d7f
-
SHA1
f20c9badde462319a0fea8f8889cfb8f8f9821f3
-
SHA256
a90443d44a1b9c6ddedc960868ff8b1e9d143b3c54824ac7fd03b551f6d81fe0
-
SHA512
5c36eaadc1c447862d4ba00b044e556327c3f5df5bd43a6e07ba6724fea9283cfd63a0e3232838f8813ada0c12d3e68aeb53f4523826b63b1ca2e026fa3a5e04
-
SSDEEP
24576:roD66BcCJ8941BNOy4jFT2/7htbSAMeBBTq2nCsW:roDVBcCJw41BNF4jB87nb0eBdq2nLW
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource potatoInjector_2.exe
Files
-
potatoInjector_2.exe.exe windows:6 windows x64 arch:x64
6ef4bdbb7e3a68cdf45aba1e3faf6fb9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
ole32
CoCreateInstance
CoUninitialize
CoInitialize
kernel32
Process32FirstW
CloseHandle
CreateProcessW
FreeConsole
GetModuleHandleW
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetSystemTimeAsFileTime
EnterCriticalSection
GetCurrentProcess
LeaveCriticalSection
InitializeCriticalSection
ResumeThread
GetSystemInfo
VirtualAllocEx
VirtualFreeEx
GetModuleFileNameW
GetFileAttributesW
LocalFree
CreateActCtxW
WriteFile
GetTempPathW
CreateFileW
UnmapViewOfFile
DeleteFileW
GetTempFileNameW
CreateFileMappingW
ReleaseActCtx
MapViewOfFile
ActivateActCtx
GetEnvironmentVariableW
GetSystemDirectoryW
DeactivateActCtx
GetSystemWow64DirectoryW
Module32FirstW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetNativeSystemInfo
WaitForSingleObject
DuplicateHandle
GetCurrentThread
ResetEvent
GetTickCount
DeviceIoControl
Thread32Next
Thread32First
GetCurrentThreadId
GetCurrentProcessId
ReadFile
CreateNamedPipeW
TerminateThread
CreateThread
GetExitCodeThread
Sleep
Process32NextW
IsWow64Process
WriteProcessMemory
VirtualProtectEx
GetThreadContext
ReadProcessMemory
CreateRemoteThread
SetThreadContext
VirtualQueryEx
LoadLibraryW
SuspendThread
GetThreadTimes
OpenThread
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
HeapSize
HeapReAlloc
GetFileSizeEx
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapAlloc
GetFileType
ReadConsoleW
GetConsoleMode
SetFilePointerEx
HeapFree
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
RtlUnwind
GlobalAlloc
MultiByteToWideChar
QueryPerformanceCounter
FreeLibrary
GetProcAddress
QueryPerformanceFrequency
LoadLibraryA
DeleteCriticalSection
DecodePointer
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
GetLastError
InitializeCriticalSectionEx
SetStdHandle
WriteConsoleW
SetEndOfFile
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
FormatMessageA
GetLocaleInfoEx
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFullPathNameW
AreFileApisANSI
GetFileInformationByHandleEx
GetStringTypeW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
WakeAllConditionVariable
SleepConditionVariableSRW
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
user32
SetCursorPos
ReleaseCapture
UnregisterClassW
GetCursorPos
wsprintfW
GetWindowLongW
DefWindowProcW
SetWindowPos
MessageBoxW
CreateWindowExW
RegisterClassExW
ShowWindow
DispatchMessageW
PeekMessageW
TranslateMessage
SetWindowLongW
PostQuitMessage
UpdateWindow
OpenClipboard
GetClientRect
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor
CloseClipboard
advapi32
RegEnumValueW
RegGetValueW
RegCreateKeyExW
RegCloseKey
RegOpenKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
OpenThreadToken
RegQueryValueExW
RegSetValueExW
oleaut32
SysFreeString
d3d9
Direct3DCreate9
shlwapi
SHDeleteKeyW
imm32
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmAssociateContextEx
ImmGetContext
ImmReleaseContext
Exports
Exports
??0Assembler@asmjit@@QEAA@PEAURuntime@1@@Z
??0CodeGen@asmjit@@QEAA@PEAURuntime@1@@Z
??0HostRuntime@asmjit@@QEAA@XZ
??0JitRuntime@asmjit@@QEAA@XZ
??0Runtime@asmjit@@QEAA@XZ
??0StaticRuntime@asmjit@@QEAA@PEAX_K@Z
??0VMemMgr@asmjit@@QEAA@PEAX@Z
??0X86Assembler@asmjit@@QEAA@PEAURuntime@1@I@Z
??0Zone@asmjit@@QEAA@_K@Z
??1Assembler@asmjit@@UEAA@XZ
??1CodeGen@asmjit@@UEAA@XZ
??1HostRuntime@asmjit@@UEAA@XZ
??1JitRuntime@asmjit@@UEAA@XZ
??1Runtime@asmjit@@UEAA@XZ
??1StaticRuntime@asmjit@@UEAA@XZ
??1VMemMgr@asmjit@@QEAA@XZ
??1X86Assembler@asmjit@@UEAA@XZ
??1Zone@asmjit@@QEAA@XZ
??_FVMemMgr@asmjit@@QEAAXXZ
?_alloc@Zone@asmjit@@QEAAPEAX_K@Z
?_emit@X86Assembler@asmjit@@UEAAIIAEBUOperand@2@000@Z
?_grow@Assembler@asmjit@@QEAAI_K@Z
?_grow@PodVectorBase@asmjit@@IEAAI_K0@Z
?_newLabel@Assembler@asmjit@@QEAAIPEAULabel@2@@Z
?_newLabelLink@Assembler@asmjit@@QEAAPEAULabelLink@2@XZ
?_nullData@PodVectorBase@asmjit@@2UPodVectorData@2@B
?_registerIndexedLabels@Assembler@asmjit@@QEAAI_K@Z
?_relocCode@X86Assembler@asmjit@@UEBA_KPEAX_K@Z
?_reserve@Assembler@asmjit@@QEAAI_K@Z
?_reserve@PodVectorBase@asmjit@@IEAAI_K0@Z
?_x86CondToCmovcc@asmjit@@3QBIB
?_x86CondToJcc@asmjit@@3QBIB
?_x86CondToSetcc@asmjit@@3QBIB
?_x86InstExtendedInfo@asmjit@@3QBUX86InstExtendedInfo@1@B
?_x86InstInfo@asmjit@@3QBUX86InstInfo@1@B
?_x86ReverseCond@asmjit@@3QBIB
?add@JitRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?add@StaticRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?align@X86Assembler@asmjit@@UEAAIII@Z
?alloc@VMemMgr@asmjit@@QEAAPEAX_KI@Z
?alloc@VMemUtil@asmjit@@SAPEAX_KPEA_KI@Z
?allocProcessMemory@VMemUtil@asmjit@@SAPEAXPEAX_KPEA_KI@Z
?allocZeroed@Zone@asmjit@@QEAAPEAX_K@Z
?bind@Assembler@asmjit@@UEAAIAEBULabel@2@@Z
?callCpuId@X86CpuUtil@asmjit@@SAXIIPEATX86CpuId@2@@Z
?detect@X86CpuUtil@asmjit@@SAXPEAUX86CpuInfo@2@@Z
?detectHwThreadsCount@CpuInfo@asmjit@@SAIXZ
?dup@Zone@asmjit@@QEAAPEAXPEBX_K@Z
?embed@Assembler@asmjit@@UEAAIPEBXI@Z
?embedLabel@X86Assembler@asmjit@@QEAAIAEBULabel@2@@Z
?emit@Assembler@asmjit@@QEAAII@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@_K@Z
?emit@Assembler@asmjit@@QEAAIIH@Z
?emit@Assembler@asmjit@@QEAAII_K@Z
?flush@HostRuntime@asmjit@@UEAAXPEAX_K@Z
?getCpuInfo@HostRuntime@asmjit@@UEAAPEBUCpuInfo@2@XZ
?getHost@CpuInfo@asmjit@@SAPEBU12@XZ
?getPageGranularity@VMemUtil@asmjit@@SA_KXZ
?getPageSize@VMemUtil@asmjit@@SA_KXZ
?getStackAlignment@HostRuntime@asmjit@@UEAAIXZ
?make@Assembler@asmjit@@UEAAPEAXXZ
?noOperand@asmjit@@3UOperand@1@B
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KAEBUX86Reg@2@IHI@Z
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KHI@Z
?release@JitRuntime@asmjit@@UEAAIPEAX@Z
?release@StaticRuntime@asmjit@@UEAAIPEAX@Z
?release@VMemMgr@asmjit@@QEAAIPEAX@Z
?release@VMemUtil@asmjit@@SAIPEAX_K@Z
?releaseProcessMemory@VMemUtil@asmjit@@SAIPEAX0_K@Z
?relocCode@Assembler@asmjit@@QEBA_KPEAX_K@Z
?reset@Assembler@asmjit@@QEAAX_N@Z
?reset@PodVectorBase@asmjit@@QEAAX_N@Z
?reset@VMemMgr@asmjit@@QEAAXXZ
?reset@Zone@asmjit@@QEAAX_N@Z
?sdup@Zone@asmjit@@QEAAPEADPEBD@Z
?setArch@X86Assembler@asmjit@@QEAAII@Z
?setError@CodeGen@asmjit@@QEAAIIPEBD@Z
?setErrorHandler@CodeGen@asmjit@@QEAAIPEAUErrorHandler@2@@Z
?sformat@Zone@asmjit@@QEAAPEADPEBDZZ
?shrink@VMemMgr@asmjit@@QEAAIPEAX_K@Z
?x86RegData@asmjit@@3UX86RegData@1@B
Sections
.text Size: 684KB - Virtual size: 684KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 295KB - Virtual size: 295KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ