d:\workspace\EasyUEFI\Output\x64\Release\BuildPE.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256
-
Size
3.8MB
-
MD5
44ccc92feb10da893fdbf0c55475bf23
-
SHA1
72c53e2fdf694d4fcff71b516f3796d3110c8837
-
SHA256
3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256
-
SHA512
a63bdd6eab0b765db07401c264799e3b6bf6ff310fb1b1395a140fac8f8ab7e92a04516f4154e09ff64f5e9e9d600f633ff00f697e4baef9c595bdec0d19696b
-
SSDEEP
49152:JAMS7qcSWnAmOPys2I2+k8LpIoRi3+RMKcmjSO3DHOgn3EkgzXk9GtlqjToIM7+O:SMvc3a2taComsxneX8oI++Pc
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256
Files
-
3229dae270c137f10b3cb69700333e2968de1a6b43d77dcad3b7e9349adb5256.dll windows:5 windows x64 arch:x64
e0dc19053168ef94484816975e89c3f5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
setupapi
SetupGetSourceFileLocationW
SetupFindNextLine
SetupFindFirstLineW
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupGetSourceInfoW
SetupFindNextMatchLineW
SetupGetStringFieldW
SetupDiDestroyDeviceInfoList
SetupCloseInfFile
SetupGetFieldCount
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupOpenInfFileW
shlwapi
SHCreateStreamOnFileEx
StrStrIW
PathFileExistsW
kernel32
FlushConsoleInputBuffer
GetDriveTypeW
FindFirstVolumeW
GetWindowsDirectoryW
LoadLibraryA
CopyFileW
GetSystemDirectoryW
GetVersionExW
GlobalMemoryStatus
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindFirstFileA
GetDriveTypeA
ResumeThread
ExitThread
GetSystemDirectoryA
GetModuleHandleA
DuplicateHandle
TlsSetValue
TlsGetValue
GetTickCount
WritePrivateProfileStringW
GetDiskFreeSpaceExW
FreeLibrary
GetProcAddress
LoadLibraryW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetVolumeInformationW
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
LocalFree
LocalAlloc
lstrcpynW
DefineDosDeviceW
GetFileAttributesW
DeviceIoControl
WriteFile
FlushFileBuffers
SetFileTime
GetStartupInfoW
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
SetFileValidData
SetFilePointer
FormatMessageW
lstrlenW
CreateFileW
ReleaseMutex
GetFullPathNameW
MoveFileExW
SetFilePointerEx
GetFileType
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetVolumePathNameW
SetLastError
HeapFree
GetProcessHeap
GetLocalTime
Sleep
GetFileInformationByHandle
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
CreateThread
GetACP
GetCPInfoExW
ExpandEnvironmentStringsW
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetSystemTimeAsFileTime
SetStdHandle
HeapReAlloc
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
RaiseException
RtlPcToFileHeader
GetNumberOfConsoleInputEvents
EncodePointer
DecodePointer
TlsAlloc
FlsGetValue
FlsFree
FlsAlloc
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetOEMCP
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
LCMapStringW
GetTimeZoneInformation
FatalAppExitA
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDateFormatA
GetTimeFormatA
SetConsoleCtrlHandler
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CreateFileA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
CompareStringA
lstrlenA
GetVersion
FindClose
FindFirstFileW
CloseHandle
ReadFile
GetCurrentThread
CreateProcessW
CreatePipe
GetModuleFileNameW
GetLongPathNameW
GetTempPathW
WaitForSingleObject
GetLastError
GetNativeSystemInfo
MoveFileW
FindVolumeClose
IsDBCSLeadByteEx
FindNextVolumeW
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
CreateMutexW
RtlUnwindEx
user32
GetDC
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
ReleaseDC
MessageBoxW
advapi32
RegUnLoadKeyW
RegGetValueW
RegCreateKeyExW
RegSetValueExW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptDuplicateHash
CryptCreateHash
CryptDecrypt
CryptImportKey
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
RegDeleteValueW
DecryptFileW
LookupAccountSidW
CreateWellKnownSid
BuildExplicitAccessWithNameW
SetEntriesInAclW
DeleteAce
GetAce
GetAclInformation
FreeSid
SetNamedSecurityInfoW
GetNamedSecurityInfoW
AllocateAndInitializeSid
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegLoadKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CloseEncryptedFileRaw
WriteEncryptedFileRaw
RegFlushKey
OpenEncryptedFileRawW
ReadEncryptedFileRaw
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryInfoKeyW
SetFileSecurityW
GetFileSecurityW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
shell32
SHFileOperationW
ShellExecuteExW
ole32
CoInitialize
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx
CoUninitialize
CoCreateGuid
oleaut32
VariantChangeType
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVectorEx
SysFreeString
SysAllocString
CreateErrorInfo
SetErrorInfo
GetErrorInfo
VariantCopy
VariantClear
VariantInit
msi
ord66
ord45
ord70
ord173
ord41
rpcrt4
UuidCreate
UuidToStringW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
crypt32
CryptStringToBinaryW
ws2_32
inet_addr
inet_ntoa
ioctlsocket
htonl
WSASetLastError
gethostbyaddr
getsockopt
connect
WSAStartup
WSAGetLastError
ntohs
__WSAFDIsSet
getservbyport
select
htons
getsockname
WSACleanup
recv
bind
socket
closesocket
gethostbyname
send
listen
getservbyname
gdi32
GetDIBits
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
DeleteObject
Exports
Exports
CreateBuildPE
UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
docbDefaultSAXHandlerInit
emptyExp
forbiddenExp
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
valuePop
valuePush
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufNodeDump
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCharGroup
xmlIsCombining
xmlIsCombiningGroup
xmlIsDigit
xmlIsDigitGroup
xmlIsExtender
xmlIsExtenderGroup
xmlIsID
xmlIsIdeographic
xmlIsIdeographicGroup
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsPubidChar_tab
xmlIsRef
xmlIsXHTML
xmlKeepBlanksDefault
xmlLastElementChild
xmlLineNumbersDefault
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 830KB - Virtual size: 830KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 166KB - Virtual size: 323KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 169KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ