5074d8944dc2278134d562a55b7c1bb0946f60adc972d53770db3912024a30e4

Sharing

Copy URL Twitter E-mail

General

Target

5074d8944dc2278134d562a55b7c1bb0946f60adc972d53770db3912024a30e4
Size

93KB
MD5

c463abe40544fffe8cf0c1d0904c6788
SHA1

fb70ef828a035fcbcfad9d8ac206535176563a7b
SHA256

5074d8944dc2278134d562a55b7c1bb0946f60adc972d53770db3912024a30e4
SHA512

7861db71e79d1882984c699a0fd438ed080f9d0fccaab6debb92943c917b87a18a3649660162f04dfa6117ce466810a2efb33527eeb12bdc63f010c830ef4a03
SSDEEP

1536:pih5G4CzviCMhSCooKhYxmVi/teTJr8X/sW38mVd09dlYcwG:05G4CuNhjon6EVi/tuh63PM2c5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5074d8944dc2278134d562a55b7c1bb0946f60adc972d53770db3912024a30e4

Files

5074d8944dc2278134d562a55b7c1bb0946f60adc972d53770db3912024a30e4
.dll windows:5 windows x64 arch:x64

9aa72fca3f593ca0d0fa59bc0ee1684e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\AFL&angr\my_winafl_fuzz\dynamorio\build64\api\bin\cbr.pdb

Imports

drmgr

drmgr_exit
drmgr_register_bb_instrumentation_event
drmgr_init

dynamorio

instrlist_preinsert
dr_redirect_execution
dr_get_mcontext
dr_insert_clean_call_ex
instrlist_meta_preinsert
decode_next_pc
dr_app_pc_as_jump_target
instr_create_0dst_1src
instr_create_0dst_0src
instr_convert_short_meta_jmp_to_long
instr_is_cbr
instr_is_cti_short
instr_set_translation
instr_set_target
instr_get_app_pc
instr_get_branch_target_pc
dr_get_isa_mode
dr_flush_region
dr_get_current_drcontext
dr_printf
dr_messagebox
dr_get_stdout_file
dr_flush_file
dr_global_free
dr_global_alloc
dr_abort
dr_set_client_name
opnd_create_instr
opnd_create_pc
opnd_create_immed_int
dr_register_exit_event
instr_set_meta_no_translation

kernel32

DeleteCriticalSection
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose

Exports

Exports

_DR_CLIENT_AVX512_CODE_IN_USE_
_USES_DR_VERSION_
dr_client_main

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa72fca3f593ca0d0fa59bc0ee1684e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

drmgr

dynamorio

kernel32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 6KB

.pdata Size: 3KB - Virtual size: 3KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 3KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB