I:\RedModManager\src-tauri\target\release\deps\SFModManager.pdb
Static task
static1
1 signatures
General
-
Target
RedModManager.exe
-
Size
9.3MB
-
MD5
00a75e34c29d6dab25a432609513d382
-
SHA1
55edc289cc0ee3046b0ad822b6dd129e79f62966
-
SHA256
60437b5d043a6954771331569a420df45da5f5bc6c8ede69a3bb1d5e623991ca
-
SHA512
6b48f61d9cb4c38454bbafb0a2bee68a84eee877885ac9097da7ef59a3dc75385f2fcca0411f0304255dde145aa7f5061642bd9ee3c8da8c4950c14ae7ca72fd
-
SSDEEP
98304:qrN7KW8oYN05uv24ofd+CLkpmQ6EIC7qrf2:qrN7aVsGqnC7
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource RedModManager.exe
Files
-
RedModManager.exe.exe windows:6 windows x64 arch:x64
31df4cd4dca4c5b55f846b0aada17caf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
MultiByteToWideChar
CreateProcessW
GetWindowsDirectoryW
GetSystemDirectoryW
LCIDToLocaleName
CreateNamedPipeW
GetFullPathNameW
WriteConsoleW
ExitProcess
CreateEventW
CopyFileExW
GetFinalPathNameByHandleW
RemoveDirectoryW
MoveFileExW
DeleteFileW
FindFirstFileW
CreateDirectoryW
GetFileInformationByHandleEx
CreateFileW
FindNextFileW
CreateMutexA
WaitForSingleObjectEx
HeapReAlloc
LoadLibraryW
WakeAllConditionVariable
GetUserDefaultUILanguage
TerminateProcess
GetExitCodeProcess
ReadFileEx
SleepEx
SleepConditionVariableSRW
WriteFileEx
GetStdHandle
SetFilePointerEx
GetFileAttributesW
GetModuleFileNameW
OutputDebugStringA
OutputDebugStringW
WaitForSingleObject
SetEvent
FreeLibrary
LoadLibraryExW
GetProcAddress
LoadLibraryA
GetEnvironmentVariableW
FormatMessageW
HeapFree
Sleep
GetModuleHandleA
CreatePipe
GetCurrentProcess
DuplicateHandle
SetFileInformationByHandle
GetCommandLineW
HeapAlloc
GetProcessHeap
GetLastError
SetEnvironmentVariableW
GetEnvironmentStringsW
lstrlenW
AcquireSRWLockShared
ReleaseSRWLockShared
TryAcquireSRWLockExclusive
GetProcessId
GetTempPathW
WakeConditionVariable
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
RtlPcToFileHeader
RaiseException
GetCurrentDirectoryW
EncodePointer
TlsAlloc
SetLastError
TlsGetValue
TlsSetValue
TlsFree
AcquireSRWLockExclusive
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThread
ReleaseSRWLockExclusive
CreateThread
CloseHandle
SwitchToThread
SetThreadStackGuarantee
AddVectoredExceptionHandler
CompareStringOrdinal
FindClose
ReleaseMutex
FreeEnvironmentStringsW
SetHandleInformation
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleMode
GetFileInformationByHandle
SetFileCompletionNotificationModes
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
RtlUnwind
user32
ToUnicodeEx
GetKeyboardLayout
CreateIcon
RedrawWindow
VkKeyScanW
MapVirtualKeyExW
GetKeyState
GetAsyncKeyState
GetKeyboardState
PostQuitMessage
AppendMenuW
CreateMenu
SetMenuItemInfoW
CreateAcceleratorTableW
DestroyIcon
DestroyAcceleratorTable
GetClientRect
SendInput
SetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
IsProcessDPIAware
GetDC
PostMessageW
SystemParametersInfoA
IsWindowVisible
AdjustWindowRectEx
GetWindowRect
MonitorFromPoint
EnumDisplayMonitors
GetMessageA
SetMenu
GetRawInputData
IsIconic
GetWindowLongPtrW
DispatchMessageA
GetCursorPos
SetWindowDisplayAffinity
GetMenu
ReleaseCapture
ClientToScreen
ShowCursor
ClipCursor
SetWindowPos
InvalidateRgn
GetClipCursor
SetCursorPos
GetActiveWindow
GetForegroundWindow
DestroyWindow
ValidateRect
PostThreadMessageW
SetWindowLongW
SendMessageW
GetSystemMenu
ShowWindow
CheckMenuItem
EnableMenuItem
SetCapture
SetWindowLongPtrW
MsgWaitForMultipleObjectsEx
RegisterRawInputDevices
RegisterClassExW
RegisterWindowMessageA
PeekMessageW
MapVirtualKeyW
EnumChildWindows
GetUpdateRect
GetMessageW
GetAncestor
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DefWindowProcW
FlashWindowEx
MonitorFromRect
TrackMouseEvent
GetWindowLongW
GetTouchInputInfo
ScreenToClient
CloseTouchInputHandle
MonitorFromWindow
SetCursor
RegisterTouchWindow
GetSystemMetrics
IsWindow
CreateWindowExW
LoadCursorW
GetWindowPlacement
SetWindowPlacement
ChangeDisplaySettingsExW
GetMonitorInfoW
advapi32
SystemFunction036
EventSetInformation
RegEnumValueW
EventRegister
EventUnregister
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegGetValueW
EventWriteTransfer
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
comctl32
RemoveWindowSubclass
SetWindowSubclass
DefSubclassProc
TaskDialogIndirect
ole32
CoUninitialize
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
OleInitialize
CoInitializeEx
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
shell32
ShellExecuteW
SHGetKnownFolderPath
SHCreateItemFromParsingName
DragFinish
SHAppBarMessage
DragQueryFileW
gdi32
DeleteObject
CreateRectRgn
GetDeviceCaps
dwmapi
DwmEnableBlurBehindWindow
oleaut32
SetErrorInfo
GetErrorInfo
SysStringLen
SysFreeString
uxtheme
SetWindowTheme
bcrypt
BCryptGenRandom
ws2_32
WSAGetLastError
recv
shutdown
getsockopt
WSAStartup
WSACleanup
ioctlsocket
connect
send
bind
WSASocketW
getpeername
getsockname
getaddrinfo
setsockopt
closesocket
WSASend
freeaddrinfo
WSAIoctl
secur32
InitializeSecurityContextW
QueryContextAttributesW
DeleteSecurityContext
AcceptSecurityContext
EncryptMessage
DecryptMessage
FreeCredentialsHandle
ApplyControlToken
AcquireCredentialsHandleA
FreeContextBuffer
crypt32
CertDuplicateCertificateContext
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateContext
CertDuplicateStore
CertCloseStore
CertOpenStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertFreeCertificateChain
CertDuplicateCertificateChain
ntdll
RtlNtStatusToDosError
NtReadFile
NtCreateFile
NtCancelIoFileEx
NtDeviceIoControlFile
NtWriteFile
api-ms-win-crt-math-l1-1-0
__setusermatherr
pow
round
trunc
floor
api-ms-win-crt-string-l1-1-0
_wcsicmp
wcsncmp
wcslen
strcpy_s
api-ms-win-crt-convert-l1-1-0
_ultow_s
wcstol
api-ms-win-crt-heap-l1-1-0
malloc
free
calloc
_callnewh
_set_new_mode
api-ms-win-crt-runtime-l1-1-0
__p___argv
_initterm_e
_initterm
_cexit
exit
_seh_filter_exe
abort
_initialize_narrow_environment
terminate
_get_initial_narrow_environment
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_c_exit
_register_thread_local_exe_atexit_callback
__p___argc
_exit
_set_app_type
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 5.8MB - Virtual size: 5.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 335KB - Virtual size: 334KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ