96fbc1ae99260780b5d77ba166c414754b660c8edbf63fb0d575bf8e3d004dbe

Sharing

Copy URL

Twitter E-mail

General

Target

96fbc1ae99260780b5d77ba166c414754b660c8edbf63fb0d575bf8e3d004dbe
Size

7.4MB
MD5

4b302995689b7cbb6683b92a7d26e344
SHA1

3ee9d57485e0afc595f7f14b60805830affc50f7
SHA256

96fbc1ae99260780b5d77ba166c414754b660c8edbf63fb0d575bf8e3d004dbe
SHA512

1a3360d18fd5611318f2b493697ab3230108c8f0a2219a28e8f228e98401708d8afa4692bf74e3fc6044abe5ed6c57039daeef8e46dc338feb86ce38726f193f
SSDEEP

196608:LKqieWIC4/6kC5C4+bAnwifgVpRU7kO5NQ002ekv:rWI96zCfuw4SpRmriar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96fbc1ae99260780b5d77ba166c414754b660c8edbf63fb0d575bf8e3d004dbe

Files

96fbc1ae99260780b5d77ba166c414754b660c8edbf63fb0d575bf8e3d004dbe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Jenkins\workspace\Glasswire-Consumer-rc\.build\build\msvc-win-x86-release-full-production\bin\GWUpgradeMonitor.pdb

Exports

Exports

??0Animation@rlottie@@AAE@XZ
??0Surface@rlottie@@QAE@PAIIII@Z
??0Surface@rlottie@@QAE@XZ
??1Animation@rlottie@@QAE@XZ
??4Surface@rlottie@@QAEAAV01@$$QAV01@@Z
??4Surface@rlottie@@QAEAAV01@ABV01@@Z
?buffer@Surface@rlottie@@QBEPAIXZ
?bytesPerLine@Surface@rlottie@@QBEIXZ
?configureModelCacheSize@rlottie@@YAXI@Z
?drawRegionHeight@Surface@rlottie@@QBEIXZ
?drawRegionPosX@Surface@rlottie@@QBEIXZ
?drawRegionPosY@Surface@rlottie@@QBEIXZ
?drawRegionWidth@Surface@rlottie@@QBEIXZ
?duration@Animation@rlottie@@QBENXZ
?frameAtPos@Animation@rlottie@@QAEIN@Z
?frameRate@Animation@rlottie@@QBENXZ
?height@Surface@rlottie@@QBEIXZ
?layers@Animation@rlottie@@QBEABV?$vector@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@V?$allocator@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@@2@@std@@XZ
?loadFromData@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@0V?$function@$$A6AXAAM00@Z@4@@Z
?loadFromData@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@ABV54@1_N@Z
?loadFromFile@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@_N@Z
?markers@Animation@rlottie@@QBEABV?$vector@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@V?$allocator@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@@2@@std@@XZ
?render@Animation@rlottie@@QAE?AV?$future@VSurface@rlottie@@@std@@IVSurface@2@_N@Z
?renderSync@Animation@rlottie@@QAEXIVSurface@2@_N@Z
?renderTree@Animation@rlottie@@QBEPBULOTLayerNode@@III@Z
?setDrawRegion@Surface@rlottie@@QAEXIIII@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUColor@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UColor@2@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6AMABUFrameInfo@rlottie@@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@M@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUPoint@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UPoint@2@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUSize@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@USize@2@@Z
?size@Animation@rlottie@@QBEXAAI0@Z
?totalFrame@Animation@rlottie@@QBEIXZ
?width@Surface@rlottie@@QBEIXZ

Sections

Size: 2.4MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1.4MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 26KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 47KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 57KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 175KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

Size: 2.4MB - Virtual size: 7.9MB

Size: 1.4MB - Virtual size: 4.0MB

Size: 26KB - Virtual size: 195KB

Size: 4KB - Virtual size: 91KB

Size: 47KB - Virtual size: 122KB

Size: 512B - Virtual size: 262B

Size: 512B - Virtual size: 1KB

Size: 512B - Virtual size: 265B

Size: 57KB - Virtual size: 157KB

Size: 175KB - Virtual size: 352KB

.debug Size: 512B - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 4KB

.rsrc Size: 131KB - Virtual size: 131KB

.themida Size: - Virtual size: 5.3MB

.boot Size: 3.1MB - Virtual size: 3.1MB

.reloc Size: 16B - Virtual size: 4KB

.debug
Size: 512B - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 131KB - Virtual size: 131KB

.themida
Size: - Virtual size: 5.3MB

.boot
Size: 3.1MB - Virtual size: 3.1MB

.reloc
Size: 16B - Virtual size: 4KB