D:\Programming\Projects\Project Enzo\ProjectEnzoPhasmo\ProjectEnzo\x64\Free - Release\ProjectEnzo.pdb
Static task
static1
1 signatures
General
-
Target
nJIOQ9LA1yQTE7Ml.dll
-
Size
11.8MB
-
MD5
ffda7b0f597f27572b62c0f081df9d47
-
SHA1
29d34d0e0b7e297dd3c6d03e0005c2942f88aba6
-
SHA256
825b9cead7675701831b91925577ddc9b07e918e4096c18a49d625a412f2eace
-
SHA512
adf1539e8f15cbacc4d9e56fbe3f8cad213dc2172ec257921d55109d6843b689c1289c124becf00d9a4e877f57db306e6f4675fe825cf2fb7cdd28fad18a4650
-
SSDEEP
49152:OII21VXWjzSoFnTWdkz+ewononjuECKZw42Kkw0QL71gcmO8Ap+ICn6ym4KKN/Xf:OPbMjDZd2K/K6ym4Kdul/AmLH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource nJIOQ9LA1yQTE7Ml.dll
Files
-
nJIOQ9LA1yQTE7Ml.dll.dll windows:6 windows x64 arch:x64
Password: 123
9a9e829c42aa8c68a80c94661aa32393
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
d3dcompiler_43
D3DCompile
d3d11
D3D11CreateDeviceAndSwapChain
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
kernel32
CloseHandle
WriteProcessMemory
VirtualProtect
SetLastError
VirtualAlloc
RtlVirtualUnwind
RtlAddFunctionTable
RtlLookupFunctionEntry
DisableThreadLibraryCalls
LoadLibraryA
CreateThread
AddVectoredExceptionHandler
GetProcAddress
ReadProcessMemory
SetConsoleTextAttribute
GetStdHandle
GetLastError
GetModuleHandleW
WideCharToMultiByte
AllocConsole
K32GetModuleInformation
GetTickCount64
GetTickCount
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetFileAttributesA
GetEnvironmentVariableA
InitializeCriticalSection
GetCurrentDirectoryA
GetModuleFileNameA
DeleteCriticalSection
RtlCaptureStackBackTrace
GetCurrentThread
GetThreadId
SuspendThread
GetThreadContext
ResumeThread
FindFirstFileW
CreateDirectoryW
FindClose
GetModuleHandleA
Sleep
MultiByteToWideChar
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
QueryPerformanceFrequency
GetCurrentProcessId
FreeConsole
FreeLibraryAndExitThread
LocalFree
FormatMessageA
SetConsoleTitleA
SetThreadContext
FlushInstructionCache
VirtualFree
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
InitOnceBeginInitialize
InitOnceComplete
GetFileInformationByHandleEx
AreFileApisANSI
SetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
GetLocaleInfoEx
GetCurrentThreadId
CreateFileW
IsDebuggerPresent
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
user32
UnregisterClassA
GetAsyncKeyState
FindWindowA
GetForegroundWindow
OpenClipboard
GetClipboardData
DestroyWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
SetWindowLongPtrA
CallWindowProcA
MessageBoxA
ScreenToClient
ReleaseCapture
SetCapture
GetCapture
TrackMouseEvent
CloseClipboard
EmptyClipboard
SetClipboardData
SetCursor
LoadCursorA
IsChild
ClientToScreen
SetCursorPos
GetCursorPos
GetClientRect
shell32
SHGetKnownFolderPath
ole32
CoTaskMemFree
msvcp140
?_Random_device@std@@YAIXZ
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??_7codecvt_base@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Xout_of_range@std@@YAXPEBD@Z
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
?out@?$codecvt@_SDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_S1AEAPEB_SPEAD3AEAPEAD@Z
_Query_perf_frequency
_Query_perf_counter
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
msvcp140_codecvt_ids
?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A
dbghelp
ImageDirectoryEntryToData
MiniDumpWriteDump
ntdll
RtlCaptureContext
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
vcruntime140
strstr
memmove
__std_type_info_destroy_list
_CxxThrowException
memcmp
memset
memcpy
strchr
strrchr
__C_specific_handler
__std_exception_destroy
__std_exception_copy
memchr
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_errno
_invalid_parameter_noinfo_noreturn
abort
_seh_filter_dll
api-ms-win-crt-heap-l1-1-0
free
_callnewh
malloc
api-ms-win-crt-stdio-l1-1-0
fgetpos
fsetpos
setvbuf
fflush
fwrite
ungetc
fputc
fgetc
fread
__stdio_common_vsscanf
__stdio_common_vfprintf
_get_stream_buffer_pointers
_wfopen
fseek
fclose
freopen_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
_fseeki64
__acrt_iob_func
ftell
api-ms-win-crt-string-l1-1-0
_stricmp
isspace
strcmp
strncpy
strncmp
toupper
_strdup
tolower
strcat_s
api-ms-win-crt-filesystem-l1-1-0
_stat64i32
_wstat64i32
_unlock_file
_lock_file
api-ms-win-crt-convert-l1-1-0
wcstombs_s
strtof
strtol
atof
api-ms-win-crt-utility-l1-1-0
rand
srand
qsort
api-ms-win-crt-time-l1-1-0
_mktime64
_gmtime64_s
_localtime64_s
_time64
_mkgmtime64
api-ms-win-crt-math-l1-1-0
logf
log2
log10
cbrt
round
log
fmodf
pow
sin
floor
powf
sinf
acosf
atan
atan2f
floorf
ceil
ceilf
cos
sqrt
cosf
exp
sqrtf
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
Sections
.text Size: 7.6MB - Virtual size: 7.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 10.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ