C:\Jenkins\workspace\consumer-12-0-1-service\bin\Release\x64\ViprePPLSvc.pdb
Static task
static1
1 signatures
General
-
Target
baa50dbdb108e1769c5b0beff7462ea7deb8fd37782a49f0911619bc51d42105.bin
-
Size
3.3MB
-
MD5
b6680e15c4f36e7b75fc6676bc911667
-
SHA1
ac47aa570a47e035fc72e15573521f5ad93433fa
-
SHA256
baa50dbdb108e1769c5b0beff7462ea7deb8fd37782a49f0911619bc51d42105
-
SHA512
b3cedd9502b40014d31c3c47a639dce50fa6132f2c5ef444e2d56eef268d82c39d7251af40f3e3eda9b12fc410bbcc3ba034b6008acb156ff1b02fd4be0b888d
-
SSDEEP
49152:GR9xkSPZ/KeerFSJvQVdXbqYBNr5BC7+wNBVVp5HKEsHd6q5zF51Ol4P/fROAbRU:TFNrTQTVVoHV5zL3MArU2S
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource baa50dbdb108e1769c5b0beff7462ea7deb8fd37782a49f0911619bc51d42105.bin
Files
-
baa50dbdb108e1769c5b0beff7462ea7deb8fd37782a49f0911619bc51d42105.bin.exe windows:6 windows x64 arch:x64
b110cc94f957d8443640d5de2ee1f585
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
GetLocalTime
GetTimeZoneInformation
FileTimeToLocalFileTime
SetLastError
GetDriveTypeW
LocalFree
EnterCriticalSection
FileTimeToSystemTime
LeaveCriticalSection
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
WideCharToMultiByte
OutputDebugStringA
GetModuleHandleExW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrcmpA
GlobalGetAtomNameW
GlobalAddAtomW
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
LoadLibraryExW
lstrcmpiW
EncodePointer
CompareStringW
GetLocaleInfoW
GetUserDefaultUILanguage
GlobalFlags
lstrcmpW
SetThreadPriority
ResumeThread
GlobalDeleteAtom
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
FreeResource
GlobalFindAtomW
GetCurrentDirectoryW
VirtualProtect
lstrcpyW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
SearchPathW
GetUserDefaultLCID
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
OutputDebugStringW
LCMapStringW
GetStringTypeW
GetCPInfo
OpenEventW
RtlUnwindEx
RtlPcToFileHeader
GetStdHandle
GetFileType
WriteConsoleW
MoveFileExW
GetFileInformationByHandle
PeekNamedPipe
HeapQueryInformation
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
ExitProcess
GetACP
GetConsoleMode
SetFilePointerEx
GetConsoleCP
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetVersionExW
FreeLibrary
LoadLibraryW
GetCurrentProcess
GetCurrentThreadId
VerifyVersionInfoW
VerSetConditionMask
FindFirstFileExW
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetWindowsDirectoryW
GetFileSize
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindResourceExW
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
InstallELAMCertificateInfo
CreateFileW
Sleep
QueueUserWorkItem
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileW
CopyFileW
GetSystemDirectoryW
WaitForSingleObject
CreateEventW
CloseHandle
SetEvent
FormatMessageW
LocalAlloc
GetModuleHandleW
GetProcAddress
WaitForMultipleObjects
GetLastError
OpenProcess
InitializeSListHead
GetModuleFileNameW
user32
DestroyMenu
GetMenuItemInfoW
InflateRect
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetAsyncKeyState
MapDialogRect
IntersectRect
TrackMouseEvent
LoadImageW
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetWindowDC
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
EndDialog
SetScrollPos
SetFocus
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RealChildWindowFromPoint
GetWindow
GetClassNameW
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
SetWindowTextW
GetFocus
GetDlgCtrlID
CharUpperW
DestroyIcon
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
EnableWindow
SendMessageW
LoadCursorW
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
CheckDlgButton
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetNextDlgTabItem
CreateDialogIndirectParamW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
SystemParametersInfoW
CopyImage
GetScrollPos
FillRect
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetForegroundWindow
IsIconic
PostQuitMessage
PostMessageW
IsDialogMessageW
SetWindowLongW
GetUpdateRect
GetClassInfoW
advapi32
CryptReleaseContext
SetSecurityDescriptorDacl
MakeSelfRelativeSD
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
AddAccessAllowedAce
FreeSid
AllocateAndInitializeSid
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
NotifyServiceStatusChangeW
DeleteService
QueryServiceStatus
ControlService
OpenServiceW
CloseServiceHandle
ChangeServiceConfig2W
CreateServiceW
OpenSCManagerW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
SetServiceStatus
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathW
SHCreateDirectoryExW
ole32
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRun
OleLockRunning
CoUninitialize
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
oleaut32
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString
GetErrorInfo
VariantChangeType
VariantCopy
LoadTypeLi
SysStringLen
VarBstrFromDate
msimg32
TransparentBlt
AlphaBlend
shlwapi
PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
uxtheme
CloseThemeData
OpenThemeData
DrawThemeBackground
GetThemeColor
DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
IsAppThemed
GetWindowTheme
DrawThemeText
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
gdiplus
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePixelFormat
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundW
gdi32
MoveToEx
TextOutW
ExtTextOutW
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
DeleteObject
GetDeviceCaps
CreateDCW
SetViewportExtEx
CreateRectRgnIndirect
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
DPtoLP
SetRectRgn
PatBlt
CopyMetaFileW
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 788KB - Virtual size: 788KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 35KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TCW5$ Size: 304KB - Virtual size: 308KB
IMAGE_SCN_MEM_READ