E:\build\nw31_sdk_win64\node-webkit\src\outst\nw\initialexe\nw.exe.pdb
Static task
static1
1 signatures
General
-
Target
Translator++.exe
-
Size
1.8MB
-
MD5
406f14578265c0ab84da4904be9b6cf2
-
SHA1
5bcb6b00ccf21d48f4b9bc6ea0b42d52f9b733bb
-
SHA256
6044d92a20201df3cbaf45d5785ea4c738c341620f3088f84c566bcca067b558
-
SHA512
ff7ca4ac02edb518ea0947e4fa8b8f9cfa840da44af16e7be714ec919b57603e6053da57dcdb3a620b7abb28409a9dbf0b55c4079897964c860c06d2faec5246
-
SSDEEP
49152:Ns2/XILJn8+VfK+lYs5B3fcNnXIcI5HBTk:XgfNj
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Translator++.exe
Files
-
Translator++.exe.exe windows:5 windows x64 arch:x64
510f3e89f5af2b53ec0fad0f3ad5989b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
nw_elf
SignalChromeElf
GetInstallDetailsPayload
advapi32
ImpersonateNamedPipeClient
SetEntriesInAclW
GetSecurityInfo
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
SystemFunction036
GetSidSubAuthority
EventRegister
EventUnregister
EventWrite
RevertToSelf
RegDisablePredefinedCache
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
GetAce
SetKernelObjectSecurity
GetKernelObjectSecurity
DuplicateTokenEx
FreeSid
ImpersonateLoggedOnUser
MapGenericMask
GetNamedSecurityInfoW
IsValidSid
EqualSid
AccessCheck
CreateProcessAsUserW
SetThreadToken
CreateRestrictedToken
DuplicateToken
LookupPrivilegeValueW
CopySid
CreateWellKnownSid
InitializeSid
psapi
QueryWorkingSetEx
GetPerformanceInfo
GetProcessMemoryInfo
shell32
SHGetKnownFolderPath
CommandLineToArgvW
SHGetFolderPathW
shlwapi
PathMatchSpecW
user32
PeekMessageW
PostThreadMessageW
RegisterClassW
GetMessageW
SetProcessDPIAware
KillTimer
PostMessageW
GetUserObjectInformationW
CreateDesktopW
SetProcessWindowStation
GetThreadDesktop
CreateWindowStationW
GetProcessWindowStation
CloseWindowStation
CloseDesktop
SetTimer
wsprintfW
DefWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
CreateWindowExW
DestroyWindow
UnregisterClassW
RegisterClassExW
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjectsEx
GetQueueStatus
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
winmm
timeBeginPeriod
timeGetTime
timeEndPeriod
kernel32
GetSystemDefaultLCID
GetThreadLocale
GetThreadContext
Wow64GetThreadContext
SuspendThread
VirtualQueryEx
TransactNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
IsWow64Process
DisconnectNamedPipe
ConnectNamedPipe
GetFileInformationByHandleEx
GetVersion
SleepEx
SetFilePointer
GetThreadTimes
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
ResumeThread
ReadConsoleW
SetStdHandle
GetFullPathNameW
GetModuleHandleExW
GetConsoleMode
GetConsoleCP
PeekNamedPipe
GetDriveTypeW
GetACP
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
GetLocaleInfoW
LCMapStringW
EncodePointer
GetStringTypeW
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
SetFileTime
LoadLibraryExA
DebugBreak
lstrlenW
SearchPathW
CreateMutexW
CreateJobObjectW
CreateRemoteThread
CreateNamedPipeW
VirtualFreeEx
VirtualAllocEx
ReadProcessMemory
VirtualProtectEx
SignalObjectAndWait
GetProcessHeaps
GetProcessHandleCount
WriteProcessMemory
AssignProcessToJobObject
SetHandleInformation
ProcessIdToSessionId
GetUserDefaultLCID
TerminateJobObject
SetConsoleCtrlHandler
GetStdHandle
GetCurrentThreadId
GetModuleFileNameW
CreateEventW
GetLastError
SetLastError
GetCurrentProcess
DuplicateHandle
GetProcessId
WaitForSingleObject
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryExW
GetProcAddress
SetProcessShutdownParameters
VirtualAlloc
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetNativeSystemInfo
CreateSemaphoreW
ReleaseSemaphore
CloseHandle
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCommandLineW
LocalFree
GetModuleHandleW
DeleteFileW
OutputDebugStringA
WriteFile
CreateFileW
GetCurrentProcessId
GetLocalTime
GetTickCount
FormatMessageA
ReleaseSRWLockExclusive
LoadLibraryW
GetModuleHandleA
ExpandEnvironmentStringsW
OpenProcess
TerminateProcess
GetExitCodeProcess
SetFilePointerEx
ReadFile
GetFileSizeEx
SetEndOfFile
GetFileInformationByHandle
FlushFileBuffers
HeapCreate
HeapDestroy
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
VirtualQuery
GetCurrentThread
Sleep
IsDebuggerPresent
RaiseException
CreateThread
GetThreadId
SetThreadPriority
GetThreadPriority
GetSystemTimeAsFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
QueryThreadCycleTime
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
GetVersionExW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
ReplaceFileW
CreateDirectoryW
GetTempPathW
GetLongPathNameW
QueryDosDeviceW
GetSystemDirectoryW
GetWindowsDirectoryW
UnregisterWaitEx
RegisterWaitForSingleObject
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
TlsGetValue
GetProcessTimes
FlushViewOfFile
GetUserDefaultLangID
FreeLibrary
FindClose
FindNextFileW
FindFirstFileExW
SwitchToThread
CreateIoCompletionPort
PostQueuedCompletionStatus
SetInformationJobObject
GetQueuedCompletionStatus
TlsAlloc
TlsFree
TlsSetValue
GetSystemInfo
HeapSetInformation
ResetEvent
SetEvent
VirtualProtect
InitializeCriticalSectionAndSpinCount
DecodePointer
CompareStringW
CreateProcessW
InitOnceExecuteOnce
GetTimeZoneInformation
OutputDebugStringW
LockFileEx
UnlockFileEx
GetFileType
winhttp
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpOpen
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpSendRequest
WinHttpWriteData
WinHttpReceiveResponse
WinHttpQueryHeaders
Exports
Exports
GetHandleVerifier
IsSandboxedProcess
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 269KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CPADinfo Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 357KB - Virtual size: 357KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ