Atlas-Win64-Shipping.pdb
Static task
static1
1 signatures
General
-
Target
LittleNightmares.exe
-
Size
52.2MB
-
MD5
1edbcb30391ce6e57025caa25db7332d
-
SHA1
ca381980aab18fb56fa26674fac6f96995c7ff4c
-
SHA256
02a06e911a9d4d9a0ac4dfb39e2219bb23ed9e0d436e5ec3fd1af38e32f1485d
-
SHA512
e15b70428663cd8469922728bc03c0a995e7c7cb383035f56f8579dc3378247c272d0e25928c80c3e91352fd0ea1aa8c94d36abc076d138bbe4fb27a8c789eb0
-
SSDEEP
393216:sKJENQD2YWxWgpvZkXMYzsQa4sJqCZUSBB6lmbJexdDW2lKDlDDasn:sKJgbkXXA7ty9+DaU
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource LittleNightmares.exe
Files
-
LittleNightmares.exe.exe windows:6 windows x64 arch:x64
2001f14e9a9a01093b74db13fbf925a5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
wininet
InternetCrackUrlW
InternetAttemptConnect
HttpQueryInfoW
HttpSendRequestW
InternetGetConnectedState
InternetSetStatusCallbackW
InternetSetOptionW
InternetQueryOptionW
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpOpenRequestW
ws2_32
connect
closesocket
ioctlsocket
getsockname
getsockopt
htonl
htons
listen
ntohl
freeaddrinfo
WSAIoctl
WSASetLastError
__WSAFDIsSet
ntohs
WSACleanup
getaddrinfo
recv
recvfrom
select
bind
WSAStartup
accept
gethostname
socket
getpeername
WSAGetLastError
send
setsockopt
sendto
dbghelp
MiniDumpWriteDump
SymGetSymFromAddr64
SymInitializeW
SymGetLineFromAddr64
SymGetModuleBase64
StackWalk64
SymRefreshModuleList
SymGetModuleInfo64
SymFunctionTableAccess64
SymGetOptions
SymSetOptions
GetTimestampForLoadedLibrary
winmm
timeBeginPeriod
timeGetTime
timeEndPeriod
timeGetDevCaps
kernel32
VerifyVersionInfoW
RtlCaptureStackBackTrace
RtlCaptureContext
GetStdHandle
GetEnvironmentVariableW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
ReadFile
RemoveDirectoryW
SetFileAttributesW
SetFilePointer
SetFileTime
WriteFile
GetTempPathW
OutputDebugStringW
CloseHandle
RaiseException
SetErrorMode
PeekNamedPipe
QueryPerformanceFrequency
GetOverlappedResult
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
GetProcessTimes
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
SwitchToThread
CreateThread
GetCurrentThread
OpenThread
SetThreadPriority
SuspendThread
ResumeThread
CreateProcessW
GetThreadContext
GetVersion
GlobalMemoryStatusEx
GetSystemTime
GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo
GetSystemDirectoryW
GetVersionExW
GetLogicalProcessorInformation
GetNativeSystemInfo
VirtualAlloc
VirtualFree
VirtualProtect
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
LoadResource
VerSetConditionMask
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
SetThreadAffinityMask
FormatMessageW
CreateSemaphoreW
LoadLibraryW
FindResourceW
SetDllDirectoryW
MoveFileW
GetComputerNameW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocaleInfoW
GetSystemDefaultLCID
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetConsoleTextAttribute
FreeConsole
AttachConsole
AllocConsole
SetConsoleCtrlHandler
WriteConsoleW
GetConsoleWindow
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetFileSize
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
FlushViewOfFile
LoadLibraryA
GetExitCodeThread
TerminateThread
SetHandleInformation
TlsFree
TlsAlloc
SetCriticalSectionSpinCount
InitializeCriticalSection
LoadLibraryExA
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsA
WaitForMultipleObjects
GetFileType
WaitForSingleObjectEx
SleepEx
InitializeCriticalSectionEx
GetTickCount64
VerifyVersionInfoA
CreateSemaphoreA
FormatMessageA
lstrlenA
ExitProcess
SetLastError
LocalFree
LocalAlloc
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetCurrencyFormatW
GetNumberFormatW
GetUserGeoID
GetGeoInfoA
GetTimeZoneInformation
GetLocaleInfoA
CreateFileMappingA
CreateFileA
GetThreadLocale
GetACP
TlsSetValue
TlsGetValue
GetCurrentThreadId
Sleep
CreateMutexW
ReleaseMutex
DeleteCriticalSection
LockResource
GetCommandLineW
GetLastError
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
user32
CloseClipboard
OpenClipboard
SetDlgItemTextW
GetDlgItem
EndDialog
DialogBoxParamW
IsZoomed
DisableProcessWindowsGhosting
SetWindowPlacement
GetWindowPlacement
TranslateMessage
SetWindowPos
SetLayeredWindowAttributes
DestroyWindow
IsWindow
CreateWindowExW
UnregisterClassW
PostQuitMessage
EnableWindow
UnregisterHotKey
DispatchMessageW
PeekMessageW
RegisterHotKey
GetKeyboardLayout
GetRawInputDeviceList
RegisterRawInputDevices
GetRawInputDeviceInfoA
GetFocus
GetActiveWindow
SetFocus
EmptyClipboard
GetClipboardData
GetRawInputData
GetWindowInfo
GetMonitorInfoW
BeginPaint
EndPaint
SetWindowRgn
SetWindowTextW
GetClientRect
ReleaseDC
ShowCursor
SetCursorPos
SetCursor
ClipCursor
ScreenToClient
IsWindowEnabled
SetWindowLongW
GetTopWindow
GetWindowThreadProcessId
LoadCursorW
LoadCursorFromFileW
LoadIconW
MonitorFromWindow
GetClipCursor
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
SetClipboardData
WindowFromPoint
GetWindowLongW
EnumDisplayDevicesW
SystemParametersInfoW
PostMessageW
MonitorFromRect
DrawStateW
UpdateWindow
SetActiveWindow
GetForegroundWindow
DefWindowProcW
RegisterClassW
ShowWindow
IsIconic
GetKeyState
GetAsyncKeyState
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
GetSystemMetrics
GetWindowRect
AdjustWindowRectEx
MessageBoxW
GetCursorPos
ClientToScreen
SetForegroundWindow
GetDC
gdi32
CreateFontIndirectW
CreateRectRgn
CreateRoundRectRgn
DeleteDC
DeleteObject
GetStockObject
GetTextExtentPoint32W
PtInRegion
SelectObject
SetBkColor
SetBkMode
SwapBuffers
SetPixelFormat
CreateCompatibleDC
ChoosePixelFormat
TextOutW
GetObjectW
CreateDIBSection
SetTextAlign
SetTextColor
advapi32
CryptCreateHash
RegCloseKey
RegEnumValueW
GetUserNameW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
CryptAcquireContextA
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
shell32
ShellExecuteW
SHGetFolderPathW
ole32
OleInitialize
StringFromGUID2
CoCreateGuid
CoCreateInstance
CoTaskMemAlloc
PropVariantClear
OleUninitialize
CoUninitialize
CoTaskMemFree
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CoInitialize
oleaut32
VariantCopy
SysFreeString
SysAllocString
iphlpapi
GetAdaptersAddresses
GetAdaptersInfo
setupapi
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW
SetupDiOpenDevRegKey
CM_Get_Device_IDW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
dwmapi
DwmGetCompositionTimingInfo
DwmIsCompositionEnabled
DwmFlush
DwmSetWindowAttribute
imm32
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmDestroyContext
ImmCreateContext
ImmGetProperty
ImmGetIMEFileNameW
ImmGetDescriptionW
xinput1_3
ord2
ord3
dxgi
CreateDXGIFactory1
CreateDXGIFactory
d3d9
D3DPERF_BeginEvent
D3DPERF_EndEvent
d3d11
D3D11CreateDevice
x3daudio1_7
X3DAudioCalculate
X3DAudioInitialize
xapofx1_5
CreateFX
opengl32
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetCurrentContext
wglGetCurrentDC
wglGetProcAddress
wldap32
ord27
ord143
ord46
ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord26
ord22
ord41
ord50
ord60
ord211
normaliz
IdnToAscii
dsound
ord8
ord11
ord12
msvcp140
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?_BADOFF@std@@3_JB
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
?uncaught_exception@std@@YA_NXZ
_Inf
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xinvalid_argument@std@@YAXPEBD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
wer
WerReportCreate
WerReportSetParameter
WerReportAddFile
WerReportSubmit
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
psapi
GetProcessMemoryInfo
powrprof
CallNtPowerInformation
vcruntime140
_purecall
__std_terminate
memmove
__C_specific_handler
__CxxFrameHandler3
memcpy
memset
wcsstr
_CxxThrowException
strrchr
wcsrchr
wcschr
memcmp
_set_purecall_handler
strstr
strchr
__std_type_info_name
__RTtypeid
__std_type_info_compare
memchr
__std_exception_copy
__std_exception_destroy
__vcrt_InitializeCriticalSectionEx
__intrinsic_setjmp
__RTDynamicCast
longjmp
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
exit
_errno
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_endthread
_set_invalid_parameter_handler
_getpid
__sys_nerr
_beginthread
strerror
_c_exit
_wassert
_invalid_parameter_noinfo
_register_thread_local_exe_atexit_callback
_set_app_type
_endthreadex
_beginthreadex
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-utility-l1-1-0
bsearch
rand
srand
qsort
api-ms-win-crt-string-l1-1-0
isgraph
isprint
islower
isupper
isalnum
strpbrk
towupper
isxdigit
towlower
isalpha
wcsncpy
_strdup
_wcsnicmp
isdigit
tolower
strncat
wcslen
strcat
_strnicmp
iswdigit
iswspace
wcsncmp
strlen
strcpy
strcpy_s
strtok
strncpy
isspace
strncmp
strcmp
strnlen
toupper
_stricmp
iswupper
iswlower
iswalpha
iswxdigit
iswalnum
wcsncpy_s
api-ms-win-crt-stdio-l1-1-0
ungetc
__stdio_common_vsprintf
fsetpos
fputc
fgetpos
setvbuf
fgetc
__stdio_common_vsscanf
__stdio_common_vfwprintf
_get_stream_buffer_pointers
__p__commode
_set_fmode
_read
_write
_lseeki64
__acrt_iob_func
__stdio_common_vswprintf
_close
fgets
__stdio_common_vfprintf
_fileno
_setmode
fopen_s
_open
fclose
fopen
fread
fwrite
_fseeki64
ftell
__stdio_common_vsprintf_s
fseek
fflush
fputs
api-ms-win-crt-math-l1-1-0
atan2
asinf
ldexp
frexp
_isnan
pow
expf
exp2
atanf
_finite
_fpclass
atan
atan2f
log10f
exp
tan
cos
sin
log10
sqrt
log2f
floorf
tanf
logf
sinf
powf
acosf
cosf
modf
fabs
fmod
log
ceil
floor
asin
__setusermatherr
api-ms-win-crt-convert-l1-1-0
_strtoi64
_wtoi64
_wtoi
_wtof
strtoll
strtoull
wcstombs
wcstoul
atol
_wcstoui64
_strtoui64
strtoul
strtod
strtol
wcstod
atoi
api-ms-win-crt-heap-l1-1-0
malloc
free
_set_new_mode
realloc
calloc
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
__timezone
__tzname
_tzset
_time64
_gmtime64
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_stat64
_fstat64
_lock_file
hid
HidD_GetSerialNumberString
HidD_GetProductString
HidD_GetManufacturerString
HidD_SetFeature
HidD_GetFeature
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidP_GetValueCaps
HidP_GetButtonCaps
HidP_GetCaps
Exports
Exports
?GetAtlasDLCSystem@@YAPEAVAtlasDLCSystem@@XZ
?GetAtlasDebug@@YAPEBVUAtlasDebugObject@@XZ
NvOptimusEnablement
opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_encoder_get_size
opus_encoder_init
opus_get_version_string
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_decoder_get_size
opus_multistream_decoder_init
opus_multistream_packet_pad
opus_multistream_packet_unpad
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_pad
opus_packet_parse
opus_packet_unpad
opus_pcm_soft_clip
opus_repacketizer_cat
opus_repacketizer_create
opus_repacketizer_destroy
opus_repacketizer_get_nb_frames
opus_repacketizer_get_size
opus_repacketizer_init
opus_repacketizer_out
opus_repacketizer_out_range
opus_strerror
Sections
.text Size: 33.9MB - Virtual size: 33.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15.5MB - Virtual size: 15.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 427KB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 21B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 207KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 493KB - Virtual size: 493KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ