C:\projects\iw6x-client\build\bin\x64\Release\iw6x.pdb
Static task
static1
1 signatures
General
-
Target
iw6x.exe
-
Size
5.0MB
-
MD5
84927b1110a57dd79f17f05aacbf6826
-
SHA1
13fe8218e48a82c69058758b8b13d62b2cddacdd
-
SHA256
e3c90bf46052a8b206d3d7d5ad374d254a0f5df5e3d1453882616ee51ef6be3b
-
SHA512
1f8d879775bf8290078de146b7ed2f0f60c4ab1cdf0cc128f19188fd8fe336192d2c8114f85f7e2e9cfe77377083293482829b3becfd5cf675736aa87bed408e
-
SSDEEP
98304:GiJiOrQvRLxt4MEs1Hgl9yooFBYiUdHQHgl9y:GiJFrgRLEs1HufXVHQHu
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource iw6x.exe
Files
-
iw6x.exe.exe windows:6 windows x64 arch:x64
0ecccc1a9ccabd5b6a24d77713b0a74e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetModuleHandleExA
GetModuleHandleExW
LoadLibraryA
SetThreadExecutionState
CloseHandle
CreateProcessA
GetCurrentDirectoryA
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
TerminateProcess
SetUnhandledExceptionFilter
VirtualProtect
K32GetModuleFileNameExW
FlushInstructionCache
GetEnvironmentVariableW
HeapDestroy
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
VirtualFree
VirtualAlloc
GetSystemInfo
InitializeCriticalSection
GetCurrentProcess
GetConsoleWindow
GetCurrentProcessId
OutputDebugStringA
WriteConsoleW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
HeapSize
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
GetFileSizeEx
HeapReAlloc
GetTimeZoneInformation
EnumSystemLocalesW
HeapCreate
GetCurrentThreadId
IsDebuggerPresent
GetCommandLineA
GetProcAddress
SetThreadContext
GetThreadContext
GetCurrentThread
LoadLibraryW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetStdHandle
HeapAlloc
HeapFree
GetStdHandle
CreateProcessW
GetConsoleOutputCP
GetFileType
SetEnvironmentVariableW
ExitProcess
FreeLibraryAndExitThread
ExitThread
CreateThread
ReadConsoleW
GetConsoleMode
CreatePipe
DuplicateHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
lstrlenW
MultiByteToWideChar
CreateFileW
ReadFile
WriteFile
PeekNamedPipe
WaitNamedPipeW
FindClose
FindNextFileW
SetLastError
WideCharToMultiByte
FreeLibrary
LoadLibraryExA
FormatMessageA
LoadResource
LockResource
SizeofResource
FindResourceA
GlobalUnlock
GlobalLock
VirtualQuery
OpenThread
SuspendThread
ResumeThread
GetThreadId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
CreateFileA
FlushFileBuffers
SetFilePointer
GetTempPathA
GetTempFileNameA
GetCommandLineW
LocalFree
DeleteFileA
MoveFileA
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
CreateDirectoryW
FindFirstFileExW
GetFileAttributesW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
GetTempPathW
AreFileApisANSI
MoveFileExW
GetFileInformationByHandleEx
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
GetStringTypeW
GetSystemTimeAsFileTime
EncodePointer
CompareStringEx
GetCPInfo
LCMapStringEx
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
AddVectoredExceptionHandler
user32
LoadImageA
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
SendMessageA
ShowCursor
GetWindowRect
DestroyIcon
SetWindowPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DefWindowProcA
RegisterClassA
UnregisterClassA
GetClipboardData
CloseClipboard
SetWindowTextA
LoadIconA
OpenClipboard
SystemParametersInfoA
SetWindowLongPtrA
GetWindowLongPtrA
MoveWindow
RegisterClassExA
PostQuitMessage
GetMessageA
GetClientRect
LoadCursorA
AdjustWindowRect
UpdateWindow
GetSystemMetrics
DestroyWindow
IsWindow
CreateWindowExA
gdi32
DeleteObject
advapi32
CryptAcquireContextW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
GetCurrentHwProfileA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
shell32
CommandLineToArgvW
ShellExecuteA
ole32
OleInitialize
CoGetClassObject
OleUninitialize
CoTaskMemAlloc
OleSetContainedObject
PropVariantClear
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
oleaut32
SysAllocString
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
VariantInit
VariantClear
ntdll
NtQueryObject
ws2_32
WSAStartup
htons
WSASetLastError
gethostbyname
sendto
send
recvfrom
closesocket
connect
ioctlsocket
recv
urlmon
URLOpenBlockingStreamA
dbghelp
MiniDumpWriteDump
Exports
Exports
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
SteamAPI_GetSteamInstallPath
SteamAPI_Init
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamApps
SteamFriends
SteamGameServer
SteamGameServer_Init
SteamGameServer_RunCallbacks
SteamGameServer_Shutdown
SteamMatchmaking
SteamNetworking
SteamRemoteStorage
SteamUser
SteamUserStats
SteamUtils
Sections
.pdata Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.cld Size: 160KB - Virtual size: 432KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.clr Size: 658KB - Virtual size: 657KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.main Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ