exploittesstv2_2[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

exploittesstv2_2.zip
Size

931KB
MD5

7c74870c9d4863c6ec49f5380467d7e7
SHA1

55d52281a57a563ab673ab177c1d7aa9eaff8637
SHA256

627912f05a415d2e60cc1138f5b5b1fdf71f08224125d824fe639905c8a58b74
SHA512

160bc1d00401dcf71e4bc0dfe4083e38a98aba7f464d2ed9d000a1505a7b636152493ecf5f7d9006acadec11a0c306dac55419638631220ffc52de7c1442a24b
SSDEEP

24576:L+oBGArJH32SytcNnzfKdnXO7A677Hq51ek2ul/SuB29nkBj21v:bQAr5mwNnruX+7M129kBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/api.dll
unpack001/exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/bin/in.bin
unpack001/exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/bin/injector.exe
unpack001/exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/exploittesstv2.exe
unpack001/exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.exe

Files

exploittesstv2_2.zip
.zip
exploittesstv2 (1)/exploittesstv2/.vs/exploittesstv2/FileContentIndex/4bbae472-993f-4cb1-b484-1fd8830cea6c.vsidx
exploittesstv2 (1)/exploittesstv2/.vs/exploittesstv2/v17/.suo
exploittesstv2 (1)/exploittesstv2/.vs/exploittesstv2/v17/DocumentLayout.json
exploittesstv2 (1)/exploittesstv2/exploittesstv2.sln
exploittesstv2 (1)/exploittesstv2/exploittesstv2/App.config
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Form1.Designer.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Form1.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Form1.resx
.vbs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Program.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Properties/AssemblyInfo.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Properties/Resources.Designer.cs
.vbs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Properties/Resources.resx
.vbs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Properties/Settings.Designer.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/Properties/Settings.settings
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/api.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\VisualApps\CeleryAPI\CeleryAPI\obj\Debug\CeleryAPI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/bin/in.bin
.dll windows:6 windows x64 arch:x64

fe78118d64d767d704fee2343d26ea59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeaps
HeapWalk
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler
memcpy

api-ms-win-crt-string-l1-1-0

tolower
strlen

api-ms-win-crt-convert-l1-1-0

_ui64toa_s
_gcvt_s
_itoa_s
_itoa

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
exit
_initialize_narrow_environment
_cexit
_configure_narrow_argv
_execute_onexit_table
_seh_filter_dll
_initterm_e
_initterm

Exports

Exports

celerycmd
icallback
init
test

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/bin/injector.exe
.exe windows:6 windows x64 arch:x64

32a832ab43a8e8ab30ef0bf83732a6d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Javan\Desktop\Projects\Release\CeleryInject.pdb

Imports

kernel32

WriteProcessMemory
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
lstrcpynW
lstrcatW
lstrlenW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
K32EnumProcessModules
K32GetModuleFileNameExW
K32QueryWorkingSetEx
GetCurrentProcess
LocalAlloc
LocalFree
ReadProcessMemory
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualQueryEx
OpenProcess
lstrcmpiW
Process32FirstW
Process32NextW
VirtualProtectEx
VirtualAllocEx
ResumeThread
SuspendThread
OpenThread
GetLastError
CloseHandle
GetTempPathW
GetFileAttributesW
lstrlenA
Sleep
TerminateProcess
InitializeSListHead
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

FindWindowA
FindWindowW

advapi32

LookupPrivilegeValueA
SetSecurityDescriptorDacl
SetKernelObjectSecurity
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessDeniedAce
OpenProcessToken

msvcp140

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bios_base@std@@QEBA_NXZ
?rdstate@ios_base@std@@QEBAHXZ
?fail@ios_base@std@@QEBA_NXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@AEAD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

urlmon

URLOpenBlockingStreamA

ntdll

NtQueryInformationProcess
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

shlwapi

PathRemoveFileSpecW

vcruntime140

memmove
memchr
memcmp
__std_exception_destroy
__std_exception_copy
_purecall
strchr
__C_specific_handler
__current_exception_context
memset
_CxxThrowException
__current_exception
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

system
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_invalid_parameter_noinfo_noreturn
_set_app_type
_seh_filter_exe
_errno
_cexit
terminate
_crt_atexit
exit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_register_onexit_function

api-ms-win-crt-string-l1-1-0

isupper
islower
strncat
strnlen
strspn
_memicmp
isspace
strpbrk
toupper
strncpy
strncmp
iscntrl
tolower
isalpha
isalnum
isgraph
ispunct
isxdigit
isdigit
strcspn

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s
__acrt_iob_func
ungetc
__stdio_common_vfprintf
_set_fmode
fwrite
_fseeki64
__p__commode
fsetpos
fread
__stdio_common_vfwprintf
_get_stream_buffer_pointers
fputc
fgetpos
fgetc
setvbuf
fflush
__stdio_common_vsnprintf_s
fclose

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-convert-l1-1-0

strtoull
strtoul
strtod
atoi

api-ms-win-crt-filesystem-l1-1-0

_wstat64
_unlock_file
_lock_file

api-ms-win-crt-time-l1-1-0

_difftime64
strftime
_localtime64_s
clock
_gmtime64_s
_time64

api-ms-win-crt-math-l1-1-0

_dsign
tanh
tan
frexp
modf
sqrt
sinh
floorf
sin
pow
log2
log10
log
fmod
floor
exp
cosh
cos
ceil
atan2
__setusermatherr
ldexp
atan
asin
ceilf
round
acos

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 674KB - Virtual size: 674KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/bin/ver.txt
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/exploittesstv2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kesha\source\repos\exploittesstv2\exploittesstv2\obj\Debug\exploittesstv2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/exploittesstv2.exe.config
exploittesstv2 (1)/exploittesstv2/exploittesstv2/bin/Debug/exploittesstv2.pdb
exploittesstv2 (1)/exploittesstv2/exploittesstv2/exploittesstv2.csproj
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/DesignTimeResolveAssemblyReferences.cache
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.Form1.resources
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.Properties.Resources.resources
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.csproj.AssemblyReference.cache
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.csproj.CoreCompileInputs.cache
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.csproj.FileListAbsolute.txt
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.csproj.GenerateResource.cache
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kesha\source\repos\exploittesstv2\exploittesstv2\obj\Debug\exploittesstv2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exploittesstv2 (1)/exploittesstv2/exploittesstv2/obj/Debug/exploittesstv2.pdb

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 19KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 932B

.reloc Size: 512B - Virtual size: 12B

fe78118d64d767d704fee2343d26ea59

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 8KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 40B

32a832ab43a8e8ab30ef0bf83732a6d0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

msvcp140

urlmon

ntdll

shlwapi

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 674KB - Virtual size: 674KB

.data Size: 100KB - Virtual size: 106KB

.pdata Size: 130KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 6KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

.text
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 932B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 8KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 40B

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 674KB - Virtual size: 674KB

.data
Size: 100KB - Virtual size: 106KB

.pdata
Size: 130KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B