D:\a\edgen\edgen\target\x86_64-pc-windows-msvc\release\deps\edgen.pdb
Static task
static1
1 signatures
General
-
Target
Edgen.exe
-
Size
21.9MB
-
MD5
9f55a88e71cdaec7ea6701184a996651
-
SHA1
2d8d6abb373caef2b6fe423e83c7091e63f8df90
-
SHA256
edeed0722679948f14ef9b5da64a57ce34da28bcf97d3be1f0b9e1dd81a1cd37
-
SHA512
900dacf362c9de38eb8fd9a7da4c0d1a89b17ad1b19170aa130a4313e05d76feeb144c5dbef03d1e4ae445875da76512f5dbb88630ceb8cdb2f0ce9b02d5b231
-
SSDEEP
196608:ofQaJNU7lo/O/13zeHP5MM8JxedB6a1/+r:ofHJNU7lA6DeHPV8JxedBb12r
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Edgen.exe
Files
-
Edgen.exe.exe windows:6 windows x64 arch:x64
387be7531a8acea66bad6d855795748d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
VirtualLock
VirtualUnlock
FormatMessageA
CreateFileMappingA
CreateFileW
SetConsoleCtrlHandler
DuplicateHandle
GetLogicalProcessorInformation
GetCurrentProcessId
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
SetHandleInformation
QueryPerformanceFrequency
ReadFile
GetOverlappedResult
QueryPerformanceCounter
SetFileCompletionNotificationModes
WaitForSingleObjectEx
CancelIo
SleepConditionVariableSRW
SetFileTime
GetModuleHandleA
GetFileInformationByHandleEx
ReleaseSRWLockShared
AcquireSRWLockShared
AcquireSRWLockExclusive
FreeEnvironmentStringsW
DeleteProcThreadAttributeList
CompareStringOrdinal
AddVectoredExceptionHandler
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
RtlCaptureContext
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetProcessWorkingSetSize
GetFileInformationByHandle
GetCommandLineW
SetFilePointerEx
GetEnvironmentVariableW
WriteFileEx
SleepEx
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
WakeAllConditionVariable
WakeConditionVariable
HeapReAlloc
ReleaseMutex
FindNextFileW
FindClose
CreateDirectoryW
FindFirstFileW
DeleteFileW
CreateSymbolicLinkW
CreateHardLinkW
GetFinalPathNameByHandleW
CreateEventW
LoadLibraryExW
ExitProcess
CreateNamedPipeW
ReadFileEx
WaitForMultipleObjects
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
MultiByteToWideChar
WriteConsoleW
GetCurrentThread
GetSystemTimeAsFileTime
GetTempPathW
CreateMutexA
OutputDebugStringW
OutputDebugStringA
GetModuleFileNameW
GetFileAttributesW
UnmapViewOfFile
MoveFileExW
FillConsoleOutputAttribute
SetProcessWorkingSetSize
MapViewOfFile
GetFullPathNameW
GetSystemInfo
SetFileAttributesW
FillConsoleOutputCharacterA
SetConsoleCursorPosition
SetConsoleMode
LoadLibraryW
LCIDToLocaleName
GetUserDefaultUILanguage
FormatMessageW
WaitForSingleObject
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
GetConsoleMode
lstrlenW
TryAcquireSRWLockExclusive
CreateThread
Sleep
GetModuleHandleW
GetConsoleScreenBufferInfo
GetStdHandle
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
LocalFree
GetCurrentThreadId
CloseHandle
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
RtlPcToFileHeader
RaiseException
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ReleaseSRWLockExclusive
SetFileInformationByHandle
user32
RegisterClassW
CreateWindowExW
IsWindow
ValidateRect
GetUpdateRect
SetWindowPlacement
PeekMessageW
ChangeDisplaySettingsExW
DefWindowProcW
PostThreadMessageW
DispatchMessageW
TranslateMessage
DispatchMessageA
GetMessageA
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
ToUnicodeEx
GetRawInputData
VkKeyScanW
MapVirtualKeyExW
GetKeyState
GetAsyncKeyState
GetKeyboardState
GetWindowTextW
GetWindowTextLengthW
GetAncestor
MonitorFromPoint
EnumDisplayMonitors
IsProcessDPIAware
GetDC
GetWindowLongW
SystemParametersInfoA
IsWindowVisible
AdjustWindowRectEx
GetWindowRect
CreateIcon
GetKeyboardLayout
GetWindowLongPtrW
SetWindowDisplayAffinity
GetMenu
ShowCursor
ClipCursor
GetClipCursor
GetSystemMenu
SetWindowLongW
DestroyIcon
TrackPopupMenu
SetForegroundWindow
GetMessageW
SendMessageW
MapVirtualKeyW
PostQuitMessage
SendInput
ShowWindow
AppendMenuW
CreatePopupMenu
CreateMenu
CheckMenuItem
SetMenuItemInfoW
EnableMenuItem
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
RegisterWindowMessageA
RegisterClassExW
DestroyWindow
SetCursor
EnumChildWindows
LoadCursorW
InvalidateRgn
SetWindowPos
SetCursorPos
GetForegroundWindow
ClientToScreen
FlashWindowEx
GetActiveWindow
IsIconic
SetMenu
ReleaseCapture
GetCursorPos
GetWindowPlacement
PostMessageW
GetClientRect
RedrawWindow
RegisterTouchWindow
GetSystemMetrics
GetMonitorInfoW
MonitorFromWindow
SetWindowTextW
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
TrackMouseEvent
MonitorFromRect
comctl32
RemoveWindowSubclass
DefSubclassProc
SetWindowSubclass
TaskDialogIndirect
ole32
RevokeDragDrop
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
shell32
SHGetKnownFolderPath
Shell_NotifyIconW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage
Shell_NotifyIconGetRect
gdi32
GetDeviceCaps
DeleteObject
CreateRectRgn
dwmapi
DwmEnableBlurBehindWindow
oleaut32
SetErrorInfo
SysFreeString
SysStringLen
GetErrorInfo
uxtheme
SetWindowTheme
advapi32
EventRegister
EventSetInformation
EventWriteTransfer
EventUnregister
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegGetValueW
SystemFunction036
ws2_32
ioctlsocket
listen
accept
getsockname
getpeername
getsockopt
WSADuplicateSocketW
shutdown
recv
WSARecv
send
bind
setsockopt
WSAIoctl
WSAGetLastError
socket
WSAStartup
WSASocketW
freeaddrinfo
getaddrinfo
select
closesocket
connect
WSASend
WSACleanup
secur32
DeleteSecurityContext
FreeCredentialsHandle
AcquireCredentialsHandleA
QueryContextAttributesW
InitializeSecurityContextW
AcceptSecurityContext
FreeContextBuffer
EncryptMessage
ApplyControlToken
DecryptMessage
crypt32
CertOpenStore
CertFreeCertificateChain
CertDuplicateCertificateContext
CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateChain
CertDuplicateStore
CertAddCertificateContextToStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
ntdll
RtlNtStatusToDosError
NtCancelIoFileEx
NtReadFile
NtDeviceIoControlFile
NtCreateFile
NtWriteFile
bcrypt
BCryptGenRandom
api-ms-win-crt-math-l1-1-0
log2
sinf
ceilf
atan
exp2f
pow
cos
truncf
logf
exp
expf
ceil
sin
roundf
floorf
__setusermatherr
sqrtf
log2f
fmaxf
fminf
round
exp2
trunc
floor
cosf
tanhf
log10
powf
log
api-ms-win-crt-string-l1-1-0
strcmp
strlen
wcsncmp
isspace
ispunct
strncpy
_wcsicmp
wcslen
strcpy_s
api-ms-win-crt-convert-l1-1-0
strtol
_ultow_s
atoi
wcstol
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_initialize_onexit_table
strerror
_invalid_parameter_noinfo_noreturn
abort
_crt_atexit
_set_app_type
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_seh_filter_exe
_exit
_errno
__p___argc
__p___argv
_cexit
_beginthreadex
_wassert
terminate
_c_exit
_register_thread_local_exe_atexit_callback
api-ms-win-crt-heap-l1-1-0
_set_new_mode
realloc
_aligned_malloc
_aligned_free
_callnewh
malloc
free
calloc
api-ms-win-crt-stdio-l1-1-0
__p__commode
__stdio_common_vsprintf_s
_get_osfhandle
_ftelli64
__stdio_common_vsprintf
fputs
_fileno
__stdio_common_vfprintf
ferror
_set_fmode
fopen
ungetc
fputc
setvbuf
fseek
fwrite
fgetpos
_fseeki64
fsetpos
fgetc
fread
fflush
fclose
_get_stream_buffer_pointers
__acrt_iob_func
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
msvcp140
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Thrd_join
_Thrd_hardware_concurrency
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exception@std@@YA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
_Strcoll
_Strxfrm
?_Xruntime_error@std@@YAXPEBD@Z
?id@?$collate@D@std@@2V0locale@2@A
??0_Locinfo@std@@QEAA@PEBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??1_Locinfo@std@@QEAA@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?tolower@?$ctype@D@std@@QEBADD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
Sections
.text Size: 14.4MB - Virtual size: 14.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6.7MB - Virtual size: 6.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 666KB - Virtual size: 666KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ