2ecb1bc36332b1f1ca5e2e374e8c99172e3ada834d78ba0aa62a5a477b2e65d3

Sharing

Copy URL Twitter E-mail

General

Target

2ecb1bc36332b1f1ca5e2e374e8c99172e3ada834d78ba0aa62a5a477b2e65d3
Size

498KB
MD5

146fcee9a827cd0c278ee36cd3c487d8
SHA1

e7e0baef3d762cf7f5ddd79c4f6b40b1838e71f7
SHA256

2ecb1bc36332b1f1ca5e2e374e8c99172e3ada834d78ba0aa62a5a477b2e65d3
SHA512

e1f8a0d1bf7b4210a03d96f7397c5f6cdfb1fc92de2a5361a4d945dab71775d922985a9c9127b40ab0b845bcf34c576287f2dcc33721c2fa0d4364fab603fc84
SSDEEP

12288:5ZvoPssUlcaKlM16REH/16YKnzXImuIRcxSkiDtY/lrQ9OjY:5JGsZQM4O6Znz3uscS29Qkk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ecb1bc36332b1f1ca5e2e374e8c99172e3ada834d78ba0aa62a5a477b2e65d3

Files

2ecb1bc36332b1f1ca5e2e374e8c99172e3ada834d78ba0aa62a5a477b2e65d3
.exe windows:6 windows x64 arch:x64

84ab8afebd5e7d8ccba94581a51d9040

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Admin\source\repos\spoofer_lol\x64\Release\spoofer_lol.pdb

Imports

kernel32

CloseHandle
GetLastError
GetCurrentProcess
IsDebuggerPresent
FormatMessageA
LocalFree
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
GetModuleHandleW
CreateDirectoryW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr
__std_terminate
__std_exception_copy
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset
memcpy
memcmp
__std_exception_destroy
memmove

api-ms-win-crt-heap-l1-1-0

_set_new_mode
_callnewh
malloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
_set_fmode
__p__commode

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_register_thread_local_exe_atexit_callback
_crt_atexit
__p___argv
__p___argc
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_set_app_type
_seh_filter_exe
system
terminate
_cexit
_c_exit

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-string-l1-1-0

iswxdigit

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

84ab8afebd5e7d8ccba94581a51d9040

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 1.1MB - Virtual size: 4.5MB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1.1MB - Virtual size: 4.5MB