depends.pdb
Static task
static1
1 signatures
General
-
Target
depends22_x64.zip
-
Size
457KB
-
MD5
7975054e322794cd332d5f1c00eeec5f
-
SHA1
4831d2a8376d64110ff9cd18799fe6c69509d3ea
-
SHA256
35db68a613874a2e8c1422eb0ea7861f825fc71717d46dabf1f249ce9634b4f1
-
SHA512
7d73eaec69c2e39cf447a7c40c7f32db9b02fac3330b1d60296d8b595cd4563cb55fe848ce9ddb35f234da5afa6bba65f5dfcee520e35ea5d01634b4f7c684ce
-
SSDEEP
12288:NdvBbKbWHrH1rYkasCk/Xyid/HhdvBhKCD+UrH1dY:rJwcYQCaXyq/nH5CSY
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/depends.dll unpack001/depends.exe
Files
-
depends22_x64.zip.zip
-
depends.chm.chm
-
depends.dll.dll windows:6 windows x64 arch:x64
ac35dba65ddf848d5d33f0287846564b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetFullPathNameA
FreeLibrary
LoadLibraryExW
GetCommandLineA
LoadLibraryW
GetEnvironmentVariableA
GetLastError
SetLastError
GetProcAddress
DisableThreadLibraryCalls
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetCurrentDirectoryA
OutputDebugStringA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwindEx
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 82B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
depends.exe.exe windows:6 windows x64 arch:x64
89f97f028976deceb966be6e7fd18589
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
depends.pdb
Imports
advapi32
RegQueryValueExA
GetUserNameA
RegSetValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegEnumValueA
kernel32
GetModuleFileNameA
TerminateThread
DeleteCriticalSection
GetThreadContext
RaiseException
GetFullPathNameA
GetCommandLineA
FreeLibrary
CreateFileA
GetLocaleInfoA
GetSystemDirectoryA
GetLogicalDrives
GetFileAttributesA
ExpandEnvironmentStringsA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
DeleteFileA
LocalFree
GetVersionExA
GetComputerNameA
GetSystemInfo
GlobalMemoryStatus
GetTimeZoneInformation
GetShortPathNameA
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetSystemDefaultLangID
FileTimeToSystemTime
ExitProcess
GetDateFormatA
GetTimeFormatA
GetCurrentThreadId
CloseHandle
ReadFile
LockResource
SizeofResource
WriteFile
GetTempPathA
ReadProcessMemory
GetWindowsDirectoryA
VirtualQueryEx
SetFileAttributesA
VirtualProtectEx
GetFileSize
WriteProcessMemory
CreateFileMappingA
FlushInstructionCache
MapViewOfFile
UnmapViewOfFile
FormatMessageA
GetStartupInfoA
GlobalAlloc
GlobalLock
GlobalUnlock
CompareFileTime
MultiByteToWideChar
GetUserDefaultLangID
GetEnvironmentVariableA
GetFileInformationByHandle
SetEnvironmentVariableA
GetLocalTime
GetFileType
SearchPathA
VirtualProtect
Sleep
TerminateProcess
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
LoadLibraryExW
InitializeCriticalSection
LoadLibraryExA
LoadLibraryW
LoadLibraryA
SetThreadContext
ContinueDebugEvent
WaitForDebugEvent
SetEvent
CreateProcessA
FindResourceA
SetLastError
GetTickCount
UnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
OutputDebugStringA
GetStartupInfoW
WaitForSingleObject
ResumeThread
GetLastError
CreateEventA
LoadResource
gdi32
GetTextExtentPoint32A
SetTextColor
SetBkColor
SetTextAlign
LineTo
MoveToEx
ExtTextOutA
GetCharWidthA
CreateFontIndirectA
GetObjectA
DeleteObject
SelectObject
GetTextExtentPointA
GetStockObject
GetTextAlign
user32
CloseClipboard
SetClipboardData
GetMessagePos
EmptyClipboard
OpenClipboard
GetSubMenu
LoadMenuA
GetMessageTime
CopyRect
GetSysColor
DrawFocusRect
GetDC
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
InvalidateRect
SetFocus
IsIconic
GetWindowRect
IsWindowEnabled
GetFocus
KillTimer
EnableMenuItem
GetSystemMetrics
SetDebugErrorLevel
PostMessageA
GetDesktopWindow
IsWindow
GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
EnableWindow
MessageBoxA
SetWindowTextA
ReleaseDC
OffsetRect
SetActiveWindow
RegisterWindowMessageA
ClientToScreen
PtInRect
ScreenToClient
GetParent
IsZoomed
GetClientRect
RemoveMenu
MessageBeep
SetTimer
SendMessageA
mfc42
ord1595
ord6661
ord2282
ord1034
ord611
ord4598
ord6659
ord6556
ord2587
ord6695
ord6698
ord3335
ord3369
ord4189
ord2561
ord2560
ord2526
ord1324
ord1753
ord6208
ord2933
ord2427
ord2443
ord6651
ord6653
ord2454
ord2279
ord5112
ord4906
ord5851
ord2291
ord5530
ord3150
ord2419
ord2762
ord2126
ord5531
ord6890
ord1870
ord4783
ord4997
ord4579
ord4381
ord3173
ord4087
ord4093
ord427
ord4092
ord3055
ord3175
ord3061
ord3375
ord890
ord3240
ord1544
ord4824
ord5683
ord3371
ord3252
ord4193
ord3058
ord5706
ord2154
ord1749
ord5493
ord3943
ord3647
ord6820
ord2074
ord2682
ord4793
ord5238
ord4027
ord1687
ord2683
ord5712
ord4703
ord6818
ord2909
ord5595
ord6891
ord2410
ord5666
ord4761
ord1792
ord4374
ord6448
ord4472
ord2928
ord2929
ord1321
ord3545
ord5846
ord2470
ord5429
ord3491
ord4643
ord5534
ord1408
ord2577
ord2665
ord1478
ord3840
ord626
ord6025
ord3926
ord4779
ord4992
ord622
ord5646
ord5718
ord1505
ord4531
ord5737
ord5074
ord2191
ord2984
ord4378
ord5730
ord5894
ord5731
ord6640
ord5729
ord3477
ord2426
ord1392
ord4201
ord6078
ord2527
ord2764
ord2571
ord1469
ord4845
ord372
ord5987
ord6060
ord5624
ord3691
ord3789
ord6847
ord2529
ord4780
ord1040
ord3496
ord4608
ord822
ord2471
ord1022
ord5690
ord5719
ord3544
ord4798
ord912
ord5235
ord4979
ord6892
ord659
ord911
ord1063
ord867
ord3891
ord408
ord318
ord904
ord1690
ord834
ord5709
ord852
ord2422
ord2413
ord5670
ord6518
ord2858
ord1791
ord5639
ord2688
ord4375
ord1585
ord6445
ord5086
ord5415
ord665
ord1486
ord5253
ord4482
ord4729
ord2120
ord286
ord5694
ord438
ord5435
ord1960
ord4977
ord1019
ord5132
ord5092
ord1124
ord4976
ord1341
ord1289
ord5005
ord5496
ord4609
ord6326
ord3186
ord4449
ord2915
ord4567
ord3816
ord2142
ord3904
ord337
ord4450
ord1787
ord6620
ord6807
ord2439
ord3692
ord2038
ord4553
ord2604
ord4755
ord4277
ord620
ord2641
ord3815
ord2343
ord4633
ord1035
ord1287
ord3540
ord3406
ord4558
ord2398
ord2325
ord6848
ord5697
ord1784
ord3921
ord1586
ord3192
ord4267
ord6335
ord2677
ord1795
ord6622
ord1479
ord2673
ord4619
ord2407
ord3894
ord1483
ord2598
ord4750
ord6358
ord6154
ord4354
ord814
ord3771
ord3784
ord3753
ord5661
ord1844
ord4730
ord1056
ord3191
ord6467
ord4563
ord3405
ord5254
ord3746
ord2795
ord2911
ord6539
ord4272
ord3662
ord6402
ord4138
ord2605
ord1506
ord2988
ord4756
ord5434
ord6028
ord3510
ord3963
ord1122
ord6541
ord4446
ord1265
ord1835
ord1267
ord4571
ord351
ord863
ord5993
ord4782
ord3231
ord4993
ord6594
ord6472
ord3790
ord3291
ord3611
ord4741
ord5222
ord4775
ord5995
ord3263
ord5901
ord1765
ord5672
ord2559
ord2525
ord6775
ord3155
ord3149
ord5072
ord367
ord4910
ord4895
ord5294
ord4699
ord4691
ord5505
ord4896
ord5297
ord4721
ord5306
ord4954
ord4955
ord6400
ord3657
ord6209
ord5682
ord4789
ord1748
ord3942
ord5669
ord4757
ord4415
ord5376
ord5379
ord4888
ord4893
ord4890
ord4908
ord5099
ord1862
ord2606
ord4578
ord328
ord1061
ord3416
ord1447
ord1871
ord4861
ord1663
ord4580
ord4784
ord5684
ord5051
ord4794
ord5046
ord5713
ord4806
ord2912
ord2411
ord428
ord4473
ord2930
ord1320
ord613
ord3490
ord1036
ord6697
ord4827
ord647
ord5535
ord1053
ord5532
ord2420
ord2159
ord4132
ord2463
ord4815
ord4554
ord2190
ord2607
ord4486
ord2147
ord3830
ord6386
ord2655
ord2656
ord2509
ord5453
ord6392
ord6393
ord5688
ord3422
ord4191
ord1957
ord4606
ord5579
ord3978
ord2813
ord376
ord2112
ord3614
ord1824
ord4566
ord5679
ord4822
ord4868
ord3053
ord3743
ord6291
ord6520
ord5459
ord3903
ord4797
ord5237
msvcrt
_errno
__getmainargs
__C_specific_handler
_XcptFilter
_exit
_ismbblead
_cexit
exit
_acmdln
__CxxFrameHandler
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
??1type_info@@UEAA@XZ
_unlock
__dllonexit
_lock
_onexit
memcpy
memset
?terminate@@YAXXZ
isleadbyte
_iob
_snprintf
_itoa
wctomb
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
_strcmpi
_wcsicmp
sscanf
_strnicmp
wcstombs
isalpha
malloc
qsort
strrchr
memmove
strcspn
_strdup
free
__argv
strstr
__argc
isdigit
_strupr
strncmp
strchr
_strlwr
_stricmp
_purecall
isspace
strtoul
_initterm
_setmbcp
memcmp
comdlg32
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
comctl32
ImageList_Draw
shell32
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
SHGetMalloc
Sections
.text Size: 296KB - Virtual size: 296KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 233KB - Virtual size: 233KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ