H:\-desktop11-\a-graver-my-menu\mydesktop\MenuThunder\sourceImpulse168(3179)\Build\Release\Private.pdb
Static task
static1
1 signatures
General
-
Target
Private.dll
-
Size
4.8MB
-
MD5
8a8bf1579b81542684a7bba42a2e6169
-
SHA1
8fadf27fa456f216f66a7075ec36d4c72e08bbe4
-
SHA256
e4ae29754112e7616ba7c2fc5d5cb2d04ddf33784a1b3dec30dd42ea2daaaf58
-
SHA512
fc4145812b1d12baf8ceb8a1b44e0910886da86950fe0444fd39da4cdd5e7aced3b8a68d7f317f7a7c618ed9f6ea2d88f12631617b810dfa7e3fafad70207ffa
-
SSDEEP
49152:lpFfcrD/ar0+k3COO9ds2KxDACHnHMhNyIWD2dfVIIAxegcQHV59CgrKqFDTemRj:+Kr4pV1qgcKxKSemRb
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Private.dll
Files
-
Private.dll.dll windows:6 windows x64 arch:x64
7dd80b2cac63738c44b9d7fc5ef6eac1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
PeekNamedPipe
ReadFile
GetModuleFileNameW
lstrlenW
MultiByteToWideChar
GetTickCount64
GetPrivateProfileStringA
GlobalMemoryStatusEx
GetVolumeInformationW
GetComputerNameW
Sleep
WritePrivateProfileStringA
GlobalFree
VirtualProtect
GetModuleHandleA
ReadProcessMemory
VirtualQuery
GetProcAddress
GetModuleFileNameA
SetErrorMode
GetTickCount
FreeLibraryAndExitThread
IsDebuggerPresent
GetThreadContext
WaitForSingleObject
SetUnhandledExceptionFilter
LoadLibraryA
FindFirstFileA
FindNextFileA
FindClose
OpenProcess
VirtualProtectEx
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualFree
DisableThreadLibraryCalls
CreateDirectoryW
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
AllocConsole
SetConsoleTitleA
GetStdHandle
SetConsoleWindowInfo
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteFile
GetConsoleWindow
ConvertThreadToFiber
SwitchToFiber
CreateFiber
DeleteFiber
K32EnumProcessModules
K32GetModuleBaseNameA
QueryPerformanceCounter
VirtualAlloc
HeapCreate
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
SetThreadContext
FlushInstructionCache
Thread32First
Thread32Next
GetSystemInfo
CloseHandle
WaitNamedPipeW
GetLastError
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
CreateProcessW
GetExitCodeProcess
ReadConsoleW
CreateFileW
GetCurrentProcessId
IsBadReadPtr
CreateThread
K32GetModuleInformation
GetModuleHandleW
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
ExitProcess
ExitThread
RtlUnwind
WriteConsoleW
GetModuleHandleExW
GetFileType
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
FreeConsole
GetCurrentProcess
TlsGetValue
TlsAlloc
SetLastError
QueryPerformanceFrequency
FormatMessageA
WideCharToMultiByte
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
GetExitCodeThread
InitOnceBeginInitialize
InitOnceComplete
LocalFree
GetLocaleInfoEx
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetStringTypeW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
LCMapStringEx
GetSystemTimeAsFileTime
GetCPInfo
OutputDebugStringW
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
user32
FindWindowW
SetWindowLongPtrW
CallWindowProcW
GetKeyState
PostMessageW
FindWindowA
GetForegroundWindow
GetWindowRect
GetAsyncKeyState
CloseClipboard
GetClipboardData
OpenClipboard
SetWindowLongPtrA
DefWindowProcW
advapi32
RegSetValueExW
CryptReleaseContext
RegCloseKey
CryptGenRandom
RegCreateKeyExW
CryptAcquireContextA
shell32
SHGetFolderPathA
ShellExecuteW
winmm
timeGetTime
winhttp
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpWriteData
WinHttpSetOption
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpOpen
WinHttpReceiveResponse
WinHttpSetTimeouts
Sections
.text Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 675KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ