reliquary-archiver_v0[.]1[.]5[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

reliquary-archiver_v0.1.5.exe
Size

3.8MB
MD5

97891510e7fdcbb21ed15cb8d5d7ae80
SHA1

fa20621ab2423fbba46c5e94e8f7084a251b1317
SHA256

29e9017dc8ed8540f7b668ae8432b700d0ec6bfe64c74c1af452c6986076db34
SHA512

9cac7c832bacd8105c2b98f5ec9434b3d5c18fee68f9645f76e15e32b72a91c02687ec7628714046acaf0c283b09f3e2c684735edf5e2c8bc2b8582bc793385a
SSDEEP

49152:FgsABkpy4vrp+NUDfMhyBJ5X9Q85Gpre5G159wEG6jUCeok2gd7kENJYEWaIvCvC:QB41NJVRw+h2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
reliquary-archiver_v0.1.5.exe

Files

reliquary-archiver_v0.1.5.exe
.exe windows:6 windows x64 arch:x64

985ff8d4b9d27dc56a7343a1cf350233

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\SAVE\Documents\Code\reliquary-archiver\target\release\deps\reliquary_archiver.pdb

Imports

kernel32

GetCommandLineW
SetLastError
GetModuleFileNameW
GetLastError
CloseHandle
GetStdHandle
GetConsoleMode
WideCharToMultiByte
AddVectoredExceptionHandler
SetThreadStackGuarantee
HeapFree
HeapReAlloc
SetConsoleMode
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcessId
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetProcAddress
RtlLookupFunctionEntry
GetCurrentThread
RtlCaptureContext
SwitchToThread
ReleaseSRWLockShared
FormatMessageW
ReleaseSRWLockExclusive
GetModuleHandleA
TryAcquireSRWLockExclusive
WaitForSingleObject
MultiByteToWideChar
WriteConsoleW
QueryPerformanceFrequency
GetModuleHandleW
GetEnvironmentVariableW
GetFullPathNameW
CreateFileW
SetFileInformationByHandle
ReadConsoleW
SetHandleInformation
CreateThread
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
GetCurrentDirectoryW
RtlVirtualUnwind
GetFileType
GetFileInformationByHandleEx
CreateWaitableTimerExW
SetWaitableTimer
Sleep
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
AcquireSRWLockShared
AcquireSRWLockExclusive
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
TerminateProcess

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

wpcap

pcap_compile
pcap_freecode
pcap_geterr
pcap_setfilter
pcap_create
pcap_set_immediate_mode
pcap_set_promisc
pcap_activate
pcap_next_ex
pcap_findalldevs
pcap_open_offline
pcap_close
pcap_set_timeout
pcap_freealldevs

ntdll

NtReadFile
RtlNtStatusToDosError
NtWriteFile

ws2_32

listen
bind
accept
WSADuplicateSocketW
getsockopt
select
connect
send
ioctlsocket
getsockname
getpeername
getaddrinfo
WSARecv
recv
setsockopt
closesocket
WSASocketW
freeaddrinfo
WSACleanup
WSAStartup
WSAGetLastError
WSASend

vcruntime140

memcpy
__current_exception_context
__C_specific_handler
_CxxThrowException
memcmp
memset
memmove
__current_exception
__CxxFrameHandler3

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_cexit
_c_exit
_seh_filter_exe
_configure_narrow_argv
__p___argv
terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_get_initial_narrow_environment
_register_thread_local_exe_atexit_callback
_initterm
_initterm_e
__p___argc
exit
_exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

985ff8d4b9d27dc56a7343a1cf350233

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

bcrypt

advapi32

wpcap

ntdll

ws2_32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 5KB - Virtual size: 7KB

.pdata Size: 102KB - Virtual size: 102KB

.reloc Size: 31KB - Virtual size: 30KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 5KB - Virtual size: 7KB

.pdata
Size: 102KB - Virtual size: 102KB

.reloc
Size: 31KB - Virtual size: 30KB