UnifyUI[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UnifyUI.zip
Size

2.6MB
MD5

e17ced7e615e3960d31b4e6518122bd1
SHA1

c7c21e9761c04c5c192d590a042cbb3ee7723ed7
SHA256

a658ba8d65fb44281e19b8ebda7fd0c5e1249116a07355331174a83abf2b0aac
SHA512

416fbb7df40138041d9e85c1d9c1c5e73d4f6891f35a46db2cac961aaff315f3ac42fa6ea2fe0d29ba2b4fd528e1e2ffc066db7dfab7aa2ad2954815456dbd7a
SSDEEP

49152:I/nkkT2OrOs3bWs8/ShlBhCNE+MSLdRaWVFEKd3T6scQ5c/5ywLMxJwdIsQ:9BZsrW6vfZgfTNV/qZdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/UnifyUI/API FOR SKIDS/Solara.dll
unpack001/UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/RiftMainUI.exe
unpack001/UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.exe

Files

UnifyUI.zip
.zip
UnifyUI/API FOR SKIDS/Solara.dll
.dll windows:6 windows x64 arch:x64

3f28a48c59c920d28b96c0d0ca61ca9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libcurl

curl_mime_free
curl_easy_cleanup
curl_easy_init
curl_free
curl_easy_escape
curl_easy_getinfo
curl_easy_perform
curl_easy_setopt
curl_version_info
curl_slist_free_all
curl_slist_append

kernel32

GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQueryEx
K32QueryWorkingSetEx
ReadProcessMemory
GetCurrentProcess
LocalAlloc
LocalFree
CloseHandle
WriteProcessMemory
VirtualAllocEx
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetExitCodeProcess
Sleep
AllocConsole
IsDebuggerPresent
GetStdHandle
GetLastError
QueryFullProcessImageNameW
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
EnterCriticalSection
WakeAllConditionVariable
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
AreFileApisANSI
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
SetConsoleTitleW
SetFileInformationByHandle
GetFileAttributesExW
CopyFileW
GetFileInformationByHandleEx
MultiByteToWideChar

user32

SendMessageA
OpenClipboard
SetClipboardData
CloseClipboard
FindWindowA
MessageBoxA
EmptyClipboard

advapi32

SetSecurityDescriptorDacl
AddAccessDeniedAce
InitializeAcl
FreeSid
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetKernelObjectSecurity

msvcp140

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_do_broadcast_at_thread_exit
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exceptions@std@@YAHXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Thrd_detach
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_C_error@std@@YAXH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memcmp
__C_specific_handler
memchr
memmove
_purecall
__std_exception_destroy
__std_exception_copy
__std_terminate
__current_exception
_CxxThrowException
__std_type_info_destroy_list
memset
__current_exception_context

api-ms-win-crt-stdio-l1-1-0

freopen_s
__stdio_common_vsprintf
ungetc
fputc
fflush
__acrt_iob_func
fgetc
fclose
_get_stream_buffer_pointers
fread
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_errno
_invalid_parameter_noinfo
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_beginthreadex

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-convert-l1-1-0

strtol
strtod
mbstowcs
strtoul
atoi
strtoll
strtoull

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-string-l1-1-0

tolower
strspn
strcmp
strcpy_s
strnlen

api-ms-win-crt-math-l1-1-0

atan2
ceil
cos
cosh
exp
fmod
log
log10
sin
asin
sqrt
tan
tanh
round
log2
ldexp
pow
atan
floor
sinh
_dsign
_dclass
acos

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

Exports

Exports

executeScript
inject

Sections

.text
Size: 813KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UnifyUI/Our UI/RiftMainUI - Copy/.vs/RiftMainUI/FileContentIndex/2a395173-0e34-47d8-be61-d93e69ccc6f1.vsidx
UnifyUI/Our UI/RiftMainUI - Copy/.vs/RiftMainUI/FileContentIndex/6a064a6c-2d5b-417e-b1c5-56e50a07aab2.vsidx
UnifyUI/Our UI/RiftMainUI - Copy/.vs/RiftMainUI/v17/.suo
UnifyUI/Our UI/RiftMainUI - Copy/.vs/RiftMainUI/v17/DocumentLayout.json
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI.sln
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/App.config
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Form1.Designer.cs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Form1.cs
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Form1.resx
.vbs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Program.cs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Properties/AssemblyInfo.cs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Properties/Resources.Designer.cs
.vbs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Properties/Resources.resx
.vbs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Properties/Settings.Designer.cs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/Properties/Settings.settings
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/RiftMainUI.csproj
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/Monaco.html
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/base.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/classfunc.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/debug.log
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/globalf.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/globalns.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/globalv.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/base/worker/workerMain.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/bat/bat.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/coffee/coffee.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/cpp/cpp.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/csharp/csharp.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/csp/csp.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/css/css.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/dockerfile/dockerfile.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/fsharp/fsharp.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/go/go.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/handlebars/handlebars.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/html/html.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/ini/ini.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/java/java.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/less/less.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/lua/lua.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/markdown/markdown.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/msdax/msdax.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/mysql/mysql.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/objective-c/objective-c.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/pgsql/pgsql.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/php/php.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/postiats/postiats.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/powershell/powershell.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/pug/pug.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/python/python.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/r/r.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/razor/razor.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/redis/redis.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/redshift/redshift.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/ruby/ruby.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/rust/rust.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/sb/sb.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/scss/scss.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/solidity/solidity.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/sql/sql.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/st/st.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/swift/swift.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/vb/vb.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/xml/xml.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/basic-languages/yaml/yaml.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/contrib/suggest/media/String_16x.svg
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/contrib/suggest/media/String_inverse_16x.svg
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.css
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.de.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.es.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.fr.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.it.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.ja.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.ko.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.ru.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.zh-cn.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/editor.main.nls.zh-tw.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/editor/standalone/browser/quickOpen/symbol-sprite.svg
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/css/cssMode.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/css/cssWorker.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/html/htmlMode.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/html/htmlWorker.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/json/jsonMode.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/json/jsonWorker.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/typescript/lib/typescriptServices.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/typescript/tsMode.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/language/typescript/tsWorker.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Monaco/vs/loader.js
.js
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/RiftMainUI.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\mathe\source\repos\RiftMainUI - Copy\RiftMainUI\obj\Debug\RiftMainUI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/RiftMainUI.exe.config
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/RiftMainUI.pdb
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/bin/Debug/Siticone.UI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

3a:93:0b:19:8f:29:72:9a:49:b0:8b:f3:6d:f8:17:ae
Certificate

Issuer

CN=Siticone Root CA

Not Before

05/02/2020, 06:42

Not After

22/10/2030, 17:00

Subject

CN=Siticone Technology

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0
Signer

Actual PE Digest

34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Ilham-PC\Documents\Visual Studio 2015\Projects\Siticone.UI\Build\Release\Siticone.UI.WinForms\Siticone.UI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/DesignTimeResolveAssemblyReferences.cache
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.Properties.Resources.resources
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.UnifyUI.resources
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.csproj.AssemblyReference.cache
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.csproj.CoreCompileInputs.cache
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.csproj.FileListAbsolute.txt
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.csproj.GenerateResource.cache
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\mathe\source\repos\RiftMainUI - Copy\RiftMainUI\obj\Debug\RiftMainUI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UnifyUI/Our UI/RiftMainUI - Copy/RiftMainUI/obj/Debug/RiftMainUI.pdb
UnifyUI/Our UI/note.txt
UnifyUI/README.txt

Sharing

General

Malware Config

Signatures

Files

3f28a48c59c920d28b96c0d0ca61ca9d

Headers

DLL Characteristics

File Characteristics

Imports

libcurl

kernel32

user32

advapi32

msvcp140

ntdll

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 813KB - Virtual size: 812KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 7KB - Virtual size: 9KB

.pdata Size: 24KB - Virtual size: 24KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 3KB - Virtual size: 2KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 11KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

3a:93:0b:19:8f:29:72:9a:49:b0:8b:f3:6d:f8:17:aeCertificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 1KB - Virtual size: 1KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 11KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 813KB - Virtual size: 812KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 7KB - Virtual size: 9KB

.pdata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

3a:93:0b:19:8f:29:72:9a:49:b0:8b:f3:6d:f8:17:ae
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B