starter.pdb
Static task
static1
1 signatures
General
-
Target
af39bd3ba6e91ac8afb41bec4be3f8bd32f10225f8052f6f627ad11013cfd56e
-
Size
303.1MB
-
MD5
7ffb03605b2ce3336de7a486aafb5792
-
SHA1
961e4d0dfa7a73a6d11b479c21720ed845156689
-
SHA256
af39bd3ba6e91ac8afb41bec4be3f8bd32f10225f8052f6f627ad11013cfd56e
-
SHA512
de39b826aa63752a0a57bdb5a997706006f829375fe19dd87ecbbf0c8b23e41dbdc2bd212eeb2b7e20db6b698a4dc2c1f71103893bf2e84c3ae76ca889387ed9
-
SSDEEP
6291456:hmfU9Mln/UpW1Fj2Zyrx6zn8dR7UzcC/oTUh98xp7qa86O9iqMHPg1aV90cpplwD:4fUyliWT2Ze6z8//qa86OWH8gppWD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource af39bd3ba6e91ac8afb41bec4be3f8bd32f10225f8052f6f627ad11013cfd56e
Files
-
af39bd3ba6e91ac8afb41bec4be3f8bd32f10225f8052f6f627ad11013cfd56e.exe windows:5 windows x86 arch:x86
3f64794de6e5ed3d8ea4cf58a9a149b7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
RtlUnwind
RtlAdjustPrivilege
NtQuerySystemInformation
RtlDowncaseUnicodeString
NtLoadDriver
RtlInitUnicodeString
kernel32
CreateDirectoryW
VirtualQuery
VirtualProtect
GetSystemInfo
DecodePointer
SetEndOfFile
WriteConsoleW
FlushFileBuffers
HeapReAlloc
HeapSize
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetFileType
GetStringTypeW
ReadFile
GetACP
GetStdHandle
CreateFileW
CloseHandle
DeviceIoControl
QueryPerformanceCounter
GetProcAddress
GetModuleHandleW
UnmapViewOfFile
RemoveDirectoryW
GetTickCount
GetUserDefaultLangID
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
MapViewOfFile
CreateFileMappingW
GetFileSizeEx
GetPrivateProfileStringW
GetLastError
LoadLibraryW
GetCurrentProcess
GetNativeSystemInfo
TerminateProcess
Sleep
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
GetWindowsDirectoryW
GetTempPathW
GetModuleFileNameW
FindFirstFileW
FindClose
FindNextFileW
GetFileAttributesW
LoadLibraryExA
SetFileAttributesW
DeleteFileW
MoveFileExW
WriteFile
GetVersionExW
SetLastError
CreateFileMappingA
GetFileSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
RaiseException
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
Sections
.text Size: 299KB - Virtual size: 299KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ