C:\Users\luna\coisos\veadotube\veadotube\mini\bin\Release\net8.0\win-x64\native\veadotube_mini.pdb
Static task
static1
1 signatures
General
-
Target
veadotube_mini.exe
-
Size
79.8MB
-
MD5
580c3d911719e4cdec84c165e8701cb1
-
SHA1
dc7b3fe78b8a87a27858ffde580ce15a50f1124c
-
SHA256
2311794e513fe1ff7b28b010606689ce56defb23861fdc65af02e51039f77e70
-
SHA512
bb06729e2cbd59750514532eb48af8fe51903dc8608fa708b26159a05c59129670c0a696d2bac343523d804b41ae7a4c8038a899971b011709bd893086f7dfbc
-
SSDEEP
786432:zoRxKrTMpm47/RWyVuen23fRA5nNqYgZxa+8zN41NLiCza:zoRx5pn/RJpnkJ1YNM
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource veadotube_mini.exe
Files
-
veadotube_mini.exe.exe windows:6 windows x64 arch:x64
Password: ead
24b8e993ac49230a78744b84e93e7e29
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegEnumValueW
GetTokenInformation
OpenThreadToken
RevertToSelf
ImpersonateLoggedOnUser
bcrypt
BCryptDestroyHash
BCryptCreateHash
BCryptDecrypt
BCryptExportKey
BCryptFinishHash
BCryptGetProperty
BCryptHashData
BCryptImportKey
BCryptImportKeyPair
BCryptOpenAlgorithmProvider
BCryptSetProperty
BCryptDestroyKey
BCryptGenRandom
BCryptCloseAlgorithmProvider
BCryptEncrypt
crypt32
CertFreeCertificateChainEngine
CertCloseStore
PFXImportCertStore
PFXExportCertStore
CryptFindOIDInfo
CryptQueryObject
CryptMsgGetParam
CryptMsgClose
CryptImportPublicKeyInfoEx2
CryptFormatObject
CryptDecodeObject
CertVerifyTimeValidity
CertSetCertificateContextProperty
CertSerializeCertificateStoreElement
CertSaveStore
CertOpenStore
CertVerifyCertificateChainPolicy
CertFreeCertificateContext
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertAddCertificateLinkToStore
CertControlStore
CertCreateCertificateChainEngine
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertGetCertificateChain
CertGetIntendedKeyUsage
CertGetNameStringW
CertGetValidUsages
CertNameToStrW
iphlpapi
GetAdaptersAddresses
GetPerAdapterInfo
GetNetworkParams
if_nametoindex
kernel32
RtlUnwindEx
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
SetLastError
FormatMessageW
GetLastError
GetCPInfoExW
GetConsoleMode
GetFileType
ReadFile
ReadConsoleW
WriteFile
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetExitCodeProcess
OpenProcess
K32EnumProcesses
GetProcessId
DuplicateHandle
GetCurrentProcess
ReadDirectoryChangesW
CreateFileW
QueryPerformanceCounter
GetTickCount64
LoadLibraryExW
CancelIoEx
CloseThreadpoolIo
GetCommandLineW
GetCurrentProcessId
RaiseFailFastException
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCalendarInfoEx
CompareStringOrdinal
CompareStringEx
FindNLSStringEx
GetLocaleInfoEx
ResolveLocaleName
GetUserPreferredUILanguages
FindStringOrdinal
GetCurrentThread
WaitForSingleObject
Sleep
DeleteCriticalSection
LocalFree
EnterCriticalSection
SleepConditionVariableCS
LeaveCriticalSection
WakeConditionVariable
InitializeCriticalSection
InitializeConditionVariable
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForMultipleObjectsEx
GetCurrentThreadId
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CreateThreadpoolWork
CloseThreadpoolWork
SubmitThreadpoolWork
QueryPerformanceFrequency
GetFullPathNameW
GetLongPathNameW
GetCPInfo
LocalAlloc
GetProcAddress
LocaleNameToLCID
LCMapStringEx
EnumTimeFormatsEx
EnumCalendarInfoExEx
CancelSynchronousIo
CreateIoCompletionPort
CreateDirectoryW
CreateThreadpoolIo
StartThreadpoolIo
CancelThreadpoolIo
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FlushFileBuffers
FreeLibrary
GetFileAttributesExW
GetFileInformationByHandleEx
GetModuleFileNameW
GetOverlappedResult
GetSystemDirectoryW
MoveFileExW
OpenThread
QueryUnbiasedInterruptTime
SetFileInformationByHandle
SetThreadErrorMode
CreateThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetDynamicTimeZoneInformation
GetTimeZoneInformation
GetCurrentProcessorNumberEx
SetEvent
ResetEvent
CreateEventExW
GetEnvironmentVariableW
CreateEventW
GetModuleHandleW
LoadLibraryW
GlobalAlloc
FlushProcessWriteBuffers
WaitForSingleObjectEx
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
AddVectoredExceptionHandler
FlsAlloc
FlsGetValue
FlsSetValue
TerminateProcess
SwitchToThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
QueryInformationJobObject
GetModuleHandleExW
GetProcessAffinityMask
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
VirtualQuery
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
DebugBreak
SleepEx
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
EncodePointer
DecodePointer
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
GetProcessHeap
RtlLookupFunctionEntry
ncrypt
NCryptOpenKey
NCryptGetProperty
NCryptFreeObject
NCryptDeleteKey
NCryptImportKey
NCryptSetProperty
NCryptOpenStorageProvider
ole32
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoGetApartmentType
CoCreateGuid
CoCreateInstance
PropVariantClear
CoWaitForMultipleHandles
user32
LoadStringW
ws2_32
ioctlsocket
getsockopt
getsockname
listen
getpeername
bind
recv
WSAIoctl
WSASend
WSARecv
WSAGetOverlappedResult
WSAConnect
shutdown
setsockopt
send
accept
GetAddrInfoExW
closesocket
GetNameInfoW
GetAddrInfoW
FreeAddrInfoW
WSASocketW
WSAEventSelect
WSAStartup
WSACleanup
FreeAddrInfoExW
select
api-ms-win-crt-heap-l1-1-0
_set_new_mode
_callnewh
malloc
calloc
free
api-ms-win-crt-math-l1-1-0
fmodf
nanf
__setusermatherr
fmod
atan2
ceil
cos
floor
log10
pow
sin
tan
modf
atanf
cosf
floorf
powf
nan
api-ms-win-crt-string-l1-1-0
strcpy_s
strcmp
_stricmp
strncpy_s
wcsncmp
api-ms-win-crt-convert-l1-1-0
strtoull
api-ms-win-crt-runtime-l1-1-0
_cexit
__p___wargv
_initialize_onexit_table
__p___argc
_exit
exit
terminate
_initterm_e
abort
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_crt_atexit
_register_onexit_function
_set_app_type
_seh_filter_exe
_c_exit
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsscanf
__stdio_common_vsprintf_s
_set_fmode
__stdio_common_vfprintf
__p__commode
__acrt_iob_func
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Exports
Exports
DotNetRuntimeDebugHeader
Sections
.text Size: 840KB - Virtual size: 840KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.managed Size: 48.7MB - Virtual size: 48.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
hydrated Size: - Virtual size: 16.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 25.3MB - Virtual size: 25.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 71KB - Virtual size: 878KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4.9MB - Virtual size: 4.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 57KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ