Static task
static1
General
-
Target
DBDTools.exe
-
Size
8.7MB
-
MD5
67a038adfe230921da05cd992d67b5fa
-
SHA1
d7c4b21ae1b9c4e9f450512929c0ec4d0c1b6c23
-
SHA256
7f46432937fdf934bb957122c956f9d130ce26b50a9b4b2ffd7f6aca05f6edf1
-
SHA512
b19055c04f8534f36bfc4505ea8f9e69f86712752f2c83ca35b5a32354e1d8df92f8230b145a44d9e293098773024555a05bfc183aaf26615074e4aa6a20d911
-
SSDEEP
196608:KuYBLA3NE4WsZd3ZWZiUA3zhZkvvb8P/eK4fH3G:Kv+N2S3iALvef
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource DBDTools.exe
Files
-
DBDTools.exe.exe windows:6 windows x64 arch:x64
2ef163e33fc7fd9ba2d7b60d3228fb1e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
WaitForSingleObjectEx
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
CloseClipboard
advapi32
CryptAcquireContextA
shell32
ShellExecuteA
oleaut32
SafeArrayAccessData
mscoree
CLRCreateInstance
msvcp140
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
imm32
ImmGetContext
d3d9
Direct3DCreate9
normaliz
IdnToAscii
wldap32
ord27
crypt32
CertGetCertificateChain
ws2_32
closesocket
rpcrt4
UuidToStringA
psapi
GetModuleInformation
userenv
UnloadUserProfile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_terminate
api-ms-win-crt-stdio-l1-1-0
fgets
api-ms-win-crt-runtime-l1-1-0
_resetstkoflw
api-ms-win-crt-string-l1-1-0
_strdup
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
_callnewh
api-ms-win-crt-convert-l1-1-0
strtol
api-ms-win-crt-locale-l1-1-0
setlocale
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
api-ms-win-crt-math-l1-1-0
acosf
api-ms-win-crt-time-l1-1-0
_time64
Sections
x3fu30lr Size: - Virtual size: 658KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
zy0vc9mi Size: - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.cock Size: - Virtual size: 4.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dk639hoa Size: - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
me5evttd Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
6eks24j4 Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
v9ieduyw Size: 8.6MB - Virtual size: 8.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
v3ymlg05 Size: 126KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ