02e2666c3cc29dd70975be42d3cd1350549e0d3818482e984da7264e52d9d73a[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

02e2666c3cc29dd70975be42d3cd1350549e0d3818482e984da7264e52d9d73a.exe
Size

533KB
MD5

c9a2390309294259f43224886cb8c1f0
SHA1

07b874888eba1f57de3959f60d9259bca910a86f
SHA256

02e2666c3cc29dd70975be42d3cd1350549e0d3818482e984da7264e52d9d73a
SHA512

b73236d2f4fa9d02bfa7047c5db8e07cfbc6d518d3b64258ad4ee83eefc785851f01d2d5c180aedf946690cb0485992332e97b676af997cfa6b3e7e511651b68
SSDEEP

6144:eXQ0Xnz2PKrUg000apwL9p4eLsNO5y6TBZ1ZdVUiLPYPuaij5anNqL6RmQi6pWTN:yQIzcTgz7pwLX4jaxDVZFa25anNqcCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e2666c3cc29dd70975be42d3cd1350549e0d3818482e984da7264e52d9d73a.exe

Files

02e2666c3cc29dd70975be42d3cd1350549e0d3818482e984da7264e52d9d73a.exe
.dll windows:6 windows x64 arch:x64

42312d1f9131c7199716f4b302602bb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\3\source\repos\Corruption-master-0x\x64\Release\Corruption.pdb

Imports

msvcp140

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Cnd_signal
_Cnd_wait
_Cnd_destroy
_Cnd_init
_Mtx_unlock
_Mtx_lock
_Mtx_destroy
_Mtx_init
_Thrd_start
?_Xout_of_range@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Query_perf_frequency
_Query_perf_counter
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ

d3dcompiler_47

D3DCompile

user32

SendInput
FindWindowA
SetWindowLongPtrW
CallWindowProcW
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
ClientToScreen
SetCursor
SetCursorPos
GetClientRect
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetAsyncKeyState
SendMessageW
DestroyWindow
CreateWindowExA
RegisterClassA
DefWindowProcA

imm32

ImmGetContext
ImmSetCompositionWindow

oleaut32

CreateErrorInfo
SetErrorInfo
VariantChangeType
VariantInit
VariantClear
GetErrorInfo
SysFreeString
SysAllocString

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
AddVectoredExceptionHandler
VirtualQueryEx
VirtualProtect
VirtualAlloc
GetSystemInfo
GetCurrentProcess
VerifyVersionInfoW
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
SetErrorMode
IsBadReadPtr
GetModuleHandleA
FreeLibraryAndExitThread
DisableThreadLibraryCalls
CreateThread
GlobalLock
SetStdHandle
GetCurrentProcessId
GetModuleHandleW
AllocConsole
FreeConsole
AttachConsole
SetConsoleMode
ReadConsoleA
WriteConsoleA
Sleep
VerSetConditionMask
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
CloseHandle
GlobalAlloc
LocalFree
WideCharToMultiByte
MultiByteToWideChar
GetLastError
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
GetStdHandle

vcruntime140

__CxxFrameHandler3
memcpy
memmove
memset
__std_terminate
_CxxThrowException
strchr
strstr
__std_exception_copy
__std_exception_destroy
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_register_onexit_function
terminate

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
malloc
free

api-ms-win-crt-string-l1-1-0

isprint
strcat_s
_stricmp
strncmp
strncpy
toupper
strcpy_s

api-ms-win-crt-math-l1-1-0

ceil
acosf
floor
powf
fmodf
cosf
atan2f
sqrtf
sinf
sqrt

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
fseek
__stdio_common_vsnprintf_s
__stdio_common_vsscanf
_wfopen
fclose
fflush
fread
__stdio_common_vsprintf
__stdio_common_vfprintf
ftell

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-convert-l1-1-0

strtoul

Sections

.text
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42312d1f9131c7199716f4b302602bb4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

d3dcompiler_47

user32

imm32

oleaut32

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

Sections

.text Size: 384KB - Virtual size: 384KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 22KB - Virtual size: 68KB

.pdata Size: 18KB - Virtual size: 18KB

_RDATA Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 568B

.text
Size: 384KB - Virtual size: 384KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 22KB - Virtual size: 68KB

.pdata
Size: 18KB - Virtual size: 18KB

_RDATA
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 568B