winnt32.pdb
Static task
static1
1 signatures
General
-
Target
WINNT32.EXE
-
Size
47KB
-
MD5
c81dc388fd807629b24f61e4c0a31f08
-
SHA1
c251d838701fdba1ac2574303a392defab50dba7
-
SHA256
752abf38aecf9426627c0eebfe760b1c39913de6d2de48931b46187b2016812b
-
SHA512
6a833557cf28a9def3a05161b62752dd9c9f463a08fa2a63313cfdee4583ff006eb679daf069558b3cf7389648fcf9c37833ee5566ffb31a66118bf973c332f3
-
SSDEEP
768:dQIrlMy1Adqn7H+m2J5zjpplUj+pX9FFbITTPsa/NDs1cM:dQIrwO92J5zDlIsXo4als1cM
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WINNT32.EXE
Files
-
WINNT32.EXE.exe windows:5 windows x86 arch:x86
Password: infected
f686522d7216c48d9698db254ed091cc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
PDB Paths
Imports
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
kernel32
CopyFileA
FindNextFileA
CreateDirectoryA
GetFileAttributesA
CloseHandle
FindFirstFileA
lstrcpyA
DeleteFileA
RemoveDirectoryA
lstrcatA
HeapAlloc
GetProcessHeap
lstrlenA
LocalFree
LocalAlloc
HeapFree
GetLastError
CreateProcessA
SetLastError
WritePrivateProfileStringA
Sleep
GetTickCount
GetWindowsDirectoryA
GetModuleFileNameA
GetDriveTypeA
GetModuleHandleA
GetCommandLineA
SetFileAttributesA
FindClose
SystemTimeToFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemTime
ExitProcess
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
lstrcpynA
GetPrivateProfileStringA
WaitForSingleObject
GetFullPathNameA
CreateEventA
GetVersion
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
InterlockedExchange
VirtualQuery
CreateFileA
SetFileTime
lstrcmpiA
gdi32
GetObjectA
DeleteObject
user32
CharNextA
MoveWindow
GetSystemMetrics
SystemParametersInfoA
GetClientRect
GetWindowRect
ClientToScreen
GetDesktopWindow
ScreenToClient
GetDlgItem
SendDlgItemMessageA
AdjustWindowRect
GetWindowLongA
SetWindowPos
LoadBitmapA
ShowCursor
SetCursor
LoadCursorA
CharUpperA
wsprintfA
DestroyWindow
CreateDialogParamA
MessageBoxA
LoadStringA
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
Sections
.text Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 180B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ