C:\kjk\src\sumatrapdf-2.5\obj-rel\libmupdf.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2b05afa49f5bcfb0e9bc17611024c310N.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
120 seconds
Behavioral task
behavioral2
Sample
2b05afa49f5bcfb0e9bc17611024c310N.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
2 signatures
120 seconds
General
-
Target
2b05afa49f5bcfb0e9bc17611024c310N.exe
-
Size
3.2MB
-
MD5
2b05afa49f5bcfb0e9bc17611024c310
-
SHA1
0715d6966a54a6cbb81dacb224975328afb1ec60
-
SHA256
793487f58e00e4c7ec52547e668b83b2d3baf86fc539cd76979774ab5940fbbd
-
SHA512
b02097eb472d6957313f2bc6785ca43750afb0f68191abf76dd29dba776f779b0da6680e0e7178e3f6bcc275e22207524b2c929e89c89faac2f3e0f82089cf44
-
SSDEEP
98304:+U2NdEAMuaPFwNaWSEgP6wkGHWBBNstQGkapuTXbFco5:+U2NdSuaPFwNaWSEgP6wkG2z0QXWo
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2b05afa49f5bcfb0e9bc17611024c310N.exe
Files
-
2b05afa49f5bcfb0e9bc17611024c310N.exe.dll windows:5 windows x86 arch:x86
77f76fbc43c8e849880eff4f5fb42d20
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetSystemTimeAsFileTime
GetTempFileNameW
WriteFile
InitializeCriticalSection
LeaveCriticalSection
CreateFileW
MultiByteToWideChar
GetTempPathW
EnterCriticalSection
DeleteCriticalSection
CloseHandle
DeleteFileW
GetFullPathNameW
FindFirstFileW
WideCharToMultiByte
lstrcpynW
GetModuleFileNameW
GetLastError
FindClose
FindNextFileW
GetWindowsDirectoryW
CompareStringW
CreateFileA
WriteConsoleW
GetStringTypeW
LCMapStringW
FlushFileBuffers
HeapSize
LoadLibraryW
GetProcessHeap
SetEndOfFile
SetStdHandle
GetConsoleMode
GetConsoleCP
RaiseException
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
Sleep
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadFile
SetFilePointer
EncodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
GetFileType
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
DecodePointer
GetCurrentThreadId
SetEnvironmentVariableA
gdiplus
GdipCreateRegion
GdipCreateFontFamilyFromName
GdipDeletePrivateFontCollection
GdipSetPenTransform
GdipFillPath
GdipDeleteMatrix
GdipGetCellAscent
GdipSetInterpolationMode
GdipStringFormatGetGenericTypographic
GdipBitmapLockBits
GdipRestoreGraphics
GdipCloneImage
GdipCloneFontFamily
GdipCreatePath
GdipGetImageWidth
GdipSetPixelOffsetMode
GdipSetPenLineJoin
GdipSetPenDashOffset
GdipGetClipBounds
GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipGetPointCount
GdipSetClipRegion
GdipFillRectangle
GdipTranslateWorldTransform
GdipSetCompositingMode
GdipGetWorldTransform
GdipNewPrivateFontCollection
GdipDrawString
GdipSetImagePalette
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipClonePath
GdipDeleteRegion
GdipTransformPath
GdipDeletePath
GdipSetPageUnit
GdipCreateRegionPath
GdipCreateFont
GdipDisposeImage
GdipCreateMatrix2
GdipAlloc
GdipSetPenColor
GdipSaveGraphics
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipBitmapUnlockBits
GdipIsStyleAvailable
GdipSetPenMiterLimit
GdipDeleteFontFamily
GdipCreatePen2
GdipWidenPath
GdipSetSmoothingMode
GdipSetPenLineCap197819
GdipCreateRegionRectI
GdipGraphicsClear
GdipSetWorldTransform
GdipTransformRegion
GdipGetMatrixElements
GdipGetFontCollectionFamilyCount
GdipSetImageAttributesWrapMode
GdipGetImageGraphicsContext
GdipSetPenDashArray
GdipGetDpiY
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipGetClip
GdipDrawPath
GdipCreateMatrix
GdipSetPageScale
GdipSetTextRenderingHint
GdipDrawImagePointsRect
GdipSetClipRect
GdipGetFamilyName
GdipPrivateAddFontFile
GdipFillPolygon
GdipAddPathPath
GdipGetEmHeight
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCreatePath2
GdipCloneBitmapAreaI
GdipCloneBrush
GdipDeletePen
GdipGetFontCollectionFamilyList
GdipCreateFromHDC
ole32
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
Exports
Exports
aes_crypt_cbc
aes_setkey_dec
aes_setkey_enc
compress
compressBound
crc32
deflate
deflateEnd
deflateInit2_
deflateInit_
ft_error_string
fz_aa_level
fz_add_text
fz_adjust_rect_for_stroke
fz_advance_glyph
fz_alpha_from_gray
fz_analyze_text
fz_apply_transfer_function
fz_arc4_encrypt
fz_arc4_init
fz_atof
fz_atoi
fz_begin_group
fz_begin_mask
fz_begin_page
fz_begin_tile
fz_begin_tile_id
fz_bitmap_details
fz_blendmode_name
fz_bound_glyph
fz_bound_path
fz_bound_shade
fz_bound_text
fz_buffer_cat
fz_buffer_printf
fz_buffer_storage
fz_buffer_vprintf
fz_calloc
fz_calloc_no_throw
fz_caught
fz_caught_message
fz_chartorune
fz_clear_bitmap
fz_clear_pixmap
fz_clear_pixmap_rect_with_value
fz_clear_pixmap_with_value
fz_clip_image_mask
fz_clip_path
fz_clip_stroke_path
fz_clip_stroke_text
fz_clip_text
fz_clone_context
fz_clone_context_internal
fz_clone_path
fz_clone_stream
fz_clone_stroke_state
fz_clone_text
fz_close
fz_close_output
fz_closepath
fz_colorspace_is_indexed
fz_compressed_buffer_size
fz_concat
fz_concat_push
fz_convert_color
fz_convert_pixmap
fz_copy_aa_context
fz_copy_pixmap_rect
fz_copy_selection
fz_currentpoint
fz_curveto
fz_curvetov
fz_curvetoy
fz_debug_tree
fz_debug_xml
fz_decode_indexed_tile
fz_decode_tile
fz_decomp_image_from_stream
fz_decouple_type3_font
fz_default_halftone
fz_detach_xml
fz_device_bgr
fz_device_cmyk
fz_device_gray
fz_device_rgb
fz_disable_device_hints
fz_drop_bitmap
fz_drop_buffer
fz_drop_colorspace
fz_drop_colorspace_context
fz_drop_display_list
fz_drop_font
fz_drop_font_context
fz_drop_function
fz_drop_glyph
fz_drop_glyph_cache_context
fz_drop_halftone
fz_drop_image
fz_drop_link
fz_drop_pixmap
fz_drop_shade
fz_drop_storable
fz_drop_store_context
fz_drop_stroke_state
fz_drop_transfer_function
fz_dump_glyph_cache_stats
fz_empty_hash
fz_empty_store
fz_enable_device_hints
fz_encode_character
fz_end_group
fz_end_mask
fz_end_page
fz_end_tile
fz_eval_function
fz_expand_indexed_pixmap
fz_expand_rect
fz_fill_image
fz_fill_image_mask
fz_fill_path
fz_fill_shade
fz_fill_text
fz_fin_cached_color_converter
fz_find_item
fz_flush_warnings
fz_fopen_utf8
fz_free
fz_free_aa_context
fz_free_argv
fz_free_colorspace_imp
fz_free_compressed_buffer
fz_free_context
fz_free_device
fz_free_hash
fz_free_image
fz_free_jbig2_globals_imp
fz_free_link_dest
fz_free_outline
fz_free_path
fz_free_pixmap_imp
fz_free_scale_cache
fz_free_shade_imp
fz_free_text
fz_free_text_page
fz_free_text_sheet
fz_free_tree
fz_free_xml
fz_function_size
fz_gamma_pixmap
fz_gen_id
fz_generate_transition
fz_getopt
fz_glyph_bbox
fz_glyph_bbox_no_ctx
fz_glyph_cacheable
fz_glyph_height
fz_glyph_width
fz_gridfit_matrix
fz_grow_buffer
fz_halftone_pixmap
fz_hash_find
fz_hash_get_key
fz_hash_get_val
fz_hash_insert
fz_hash_insert_with_pos
fz_hash_len
fz_hash_remove
fz_hash_remove_fast
fz_highlight_selection
fz_ignore_text
fz_image_get_pixmap
fz_include_point_in_rect
fz_init_cached_color_converter
fz_install_load_system_font_funcs
fz_intersect_irect
fz_intersect_rect
fz_invert_matrix
fz_invert_pixmap
fz_invert_pixmap_rect
fz_irect_from_rect
fz_is_rectilinear
fz_keep_bitmap
fz_keep_buffer
fz_keep_colorspace
fz_keep_colorspace_context
fz_keep_display_list
fz_keep_font
fz_keep_font_context
fz_keep_function
fz_keep_glyph
fz_keep_glyph_cache
fz_keep_halftone
fz_keep_image
fz_keep_link
fz_keep_pixmap
fz_keep_shade
fz_keep_storable
fz_keep_store_context
fz_keep_stream
fz_keep_stroke_state
fz_keep_transfer_function
fz_lineto
fz_load_jbig2_globals
fz_load_jpeg_info
fz_load_jpx
fz_load_jxr
fz_load_jxr_info
fz_load_png
fz_load_png_info
fz_load_system_cjk_font
fz_load_system_font
fz_load_tiff
fz_load_tiff_info
fz_load_tiff_subimage
fz_load_tiff_subimage_count
fz_lookup_blendmode
fz_lookup_color_converter
fz_lookup_device_colorspace
fz_malloc
fz_malloc_array
fz_malloc_array_no_throw
fz_malloc_no_throw
fz_matrix_expansion
fz_matrix_max_expansion
fz_md5_final
fz_md5_init
fz_md5_pixmap
fz_md5_update
fz_moveto
fz_new_aa_context
fz_new_bbox_device
fz_new_bitmap
fz_new_buffer
fz_new_buffer_from_data
fz_new_colorspace
fz_new_colorspace_context
fz_new_context_imp
fz_new_device
fz_new_display_list
fz_new_draw_device
fz_new_draw_device_type3
fz_new_draw_device_with_bbox
fz_new_font_context
fz_new_font_from_buffer
fz_new_font_from_file
fz_new_font_from_memory
fz_new_gdiplus_device
fz_new_glyph_cache_context
fz_new_glyph_from_8bpp_data
fz_new_glyph_from_pixmap
fz_new_halftone
fz_new_hash_table
fz_new_image
fz_new_image_from_buffer
fz_new_image_from_data
fz_new_image_from_pixmap
fz_new_indexed_colorspace
fz_new_link
fz_new_list_device
fz_new_output_to_filename
fz_new_output_with_buffer
fz_new_output_with_file
fz_new_path
fz_new_pixmap
fz_new_pixmap_from_1bpp_data
fz_new_pixmap_from_8bpp_data
fz_new_pixmap_from_image
fz_new_pixmap_with_bbox
fz_new_pixmap_with_bbox_and_data
fz_new_pixmap_with_data
fz_new_png_from_image
fz_new_png_from_pixmap
fz_new_scale_cache
fz_new_store_context
fz_new_stream
fz_new_stroke_state
fz_new_stroke_state_with_dash_len
fz_new_text
fz_new_text_device
fz_new_text_page
fz_new_text_sheet
fz_new_trace_device
fz_new_type3_font
fz_normalize_vector
fz_open_a85d
fz_open_aesd
fz_open_ahxd
fz_open_arc4
fz_open_buffer
fz_open_compressed_buffer
fz_open_concat
fz_open_copy
fz_open_dctd
fz_open_faxd
fz_open_fd
fz_open_file
fz_open_file_w
fz_open_flated
fz_open_image_decomp_stream
fz_open_image_decomp_stream_from_buffer
fz_open_jbig2d
fz_open_leecher
fz_open_lzwd
fz_open_memory
fz_open_null
fz_open_predict
fz_open_rld
fz_outline_ft_glyph
fz_outline_glyph
fz_output_pam_band
fz_output_pam_header
fz_output_png
fz_output_png_band
fz_output_png_header
fz_output_png_trailer
fz_output_pnm_band
fz_output_pnm_header
fz_paint_shade
fz_parse_xml
fz_pixmap_bbox
fz_pixmap_bbox_no_ctx
fz_pixmap_colorspace
fz_pixmap_components
fz_pixmap_height
fz_pixmap_samples
fz_pixmap_set_resolution
fz_pixmap_size
fz_pixmap_width
fz_pop_clip
fz_pre_rotate
fz_pre_scale
fz_pre_shear
fz_pre_translate
fz_premultiply_pixmap
fz_prepare_t3_glyph
fz_print_outline
fz_print_outline_xml
fz_print_text
fz_print_text_page
fz_print_text_page_html
fz_print_text_page_xml
fz_print_text_sheet
fz_printf
fz_process_mesh
fz_purge_glyph_cache
fz_push_try
fz_putc
fz_puts
fz_read
fz_read_all
fz_read_best
fz_read_line
fz_rebind_device
fz_rebind_output
fz_rebind_stream
fz_rect_from_irect
fz_remove_item
fz_render_ft_glyph
fz_render_ft_glyph_pixmap
fz_render_ft_stroked_glyph
fz_render_ft_stroked_glyph_pixmap
fz_render_glyph
fz_render_glyph_pixmap
fz_render_stroked_glyph
fz_render_stroked_glyph_pixmap
fz_render_t3_glyph
fz_render_t3_glyph_direct
fz_render_t3_glyph_pixmap
fz_resize_array
fz_resize_array_no_throw
fz_resize_buffer
fz_rethrow
fz_rethrow_if
fz_rethrow_message_imp
fz_rotate
fz_round_rect
fz_run_display_list
fz_run_t3_glyph
fz_runelen
fz_runetochar
fz_scale
fz_scale_pixmap
fz_scale_pixmap_cached
fz_search_text_page
fz_seek
fz_set_aa_level
fz_set_device_bgr
fz_set_device_cmyk
fz_set_device_gray
fz_set_device_rgb
fz_set_font_bbox
fz_sha256_final
fz_sha256_init
fz_sha256_update
fz_sha384_final
fz_sha384_init
fz_sha384_update
fz_sha512_final
fz_sha512_init
fz_sha512_update
fz_shear
fz_store_item
fz_store_scavenge
fz_strdup
fz_strdup_no_throw
fz_stream_meta
fz_strlcat
fz_strlcpy
fz_stroke_path
fz_stroke_text
fz_strsep
fz_subpixel_adjust
fz_subsample_pixmap
fz_synchronize_begin
fz_synchronize_end
fz_tell
fz_text_char_at
fz_text_char_bbox
fz_throw_imp
fz_transform_path
fz_transform_point
fz_transform_point_xy
fz_transform_rect
fz_transform_vector
fz_translate
fz_translate_irect
fz_tree_insert
fz_tree_lookup
fz_trim_buffer
fz_union_rect
fz_unmultiply_pixmap
fz_unpack_tile
fz_unshare_stroke_state
fz_unshare_stroke_state_with_dash_len
fz_utf8_from_wchar
fz_var_imp
fz_vfprintf
fz_vsnprintf
fz_warn_imp
fz_wchar_from_utf8
fz_write
fz_write_buffer
fz_write_buffer_bits
fz_write_buffer_byte
fz_write_buffer_pad
fz_write_buffer_rune
fz_write_pam
fz_write_pbm
fz_write_png
fz_write_pnm
fz_write_tga
fz_xml_att
fz_xml_down
fz_xml_next
fz_xml_tag
fz_xml_text
gettimeofday
gzclose
gzerror
gzopen
gzopen_w
gzprintf
gzread
gzseek
gztell
inflate
inflateEnd
inflateInit2_
inflateInit_
jpeg_CreateDecompress
jpeg_destroy_decompress
jpeg_finish_decompress
jpeg_read_header
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_start_decompress
jpeg_std_error
pdf_add_codespace
pdf_add_hmtx
pdf_add_vmtx
pdf_annot_contents
pdf_annot_obj_type
pdf_annot_type
pdf_array_contains
pdf_array_delete
pdf_array_get
pdf_array_insert
pdf_array_insert_drop
pdf_array_len
pdf_array_push
pdf_array_push_drop
pdf_array_put
pdf_authenticate_password
pdf_bound_annot
pdf_bound_page
pdf_cache_object
pdf_check_signature
pdf_clean_base14_name
pdf_clean_obj
pdf_clean_page_contents
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 87KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 808B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ