C:\Users\cgod\Desktop\freakstop\bin\vs\Release\x64\clumsy.pdb
Static task
static1
1 signatures
General
-
Target
FREAKY STOP.exe
-
Size
48KB
-
MD5
7155b64c61832e8f73a0e50e6646420f
-
SHA1
6201d258873e0857a12ac6ae0faa964512ada35f
-
SHA256
9dfcc611dcd531ad332ea61f43076500e396a885031022229be697120928b0b7
-
SHA512
6e240fb8b53b77b987dc4206842e0b212d48a6d0958b1d01858a557e7493cd64b5dc0c92c6348018a2d3d0515788275d323786c235c8855468cab1e350d00bd5
-
SSDEEP
1536:ZhBKFA4PnC4oIeG7v6HlabHhtvq4Iy6dX:bMFvn6I9D6HAbBXIN
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FREAKY STOP.exe
Files
-
FREAKY STOP.exe.exe windows:6 windows x64 arch:x64
488fa4c9c47d4386469ccb56e744c865
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
windivert
WinDivertClose
WinDivertHelperCalcChecksums
WinDivertHelperParsePacket
WinDivertOpen
WinDivertRecv
WinDivertSend
WinDivertSetParam
iup
IupDestroy
IupAppend
IupGetChild
IupShowXY
IupGetAttribute
IupGetInt
IupGetGlobal
IupSetHandle
IupFill
IupVbox
IupFrame
IupImage
IupMainLoop
IupDialog
IupList
IupTimer
IupTabs
IupToggle
IupText
IupLabel
IupHbox
IupSetCallback
IupSetAttribute
IupFlush
IupStoreAttribute
IupGetFloat
IupClose
IupButton
IupStoreGlobal
IupOpen
IupGetCallback
winmm
timeEndPeriod
timeBeginPeriod
timeGetTime
kernel32
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ReleaseMutex
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
UnhandledExceptionFilter
WaitForSingleObject
GetModuleHandleA
IsWow64Process
VerifyVersionInfoW
GetModuleFileNameA
GetCurrentProcess
VerSetConditionMask
GetTickCount
CreateThread
WaitForMultipleObjects
Sleep
CreateMutexA
GetLastError
user32
LoadIconA
SendMessageA
MessageBoxA
advapi32
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
shell32
ShellExecuteExA
vcruntime140
strrchr
__C_specific_handler
memset
memcpy
__current_exception_context
__current_exception
strchr
api-ms-win-crt-heap-l1-1-0
malloc
_set_new_mode
free
api-ms-win-crt-utility-l1-1-0
srand
rand
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__stdio_common_vsprintf
__acrt_iob_func
fopen
fread
__stdio_common_vfprintf
__p__commode
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
terminate
_crt_atexit
_exit
_c_exit
_cexit
__p___argv
_set_app_type
_initialize_onexit_table
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_register_thread_local_exe_atexit_callback
_register_onexit_function
_initterm
_initterm_e
__p___argc
exit
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-string-l1-1-0
isspace
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 228B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ