uwu | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

uwu
Size

243KB
MD5

dd40a2265dc67aca851e0e209c9d945e
SHA1

cf11a8ac8b8d55ef8330e7f09f0a05cecd258cc3
SHA256

be958ea13d13bcac23f22774c216987576b656f2fef938297f6a7dde3be54af1
SHA512

79a09346abdc075bce83b67b7a72cb13f1160cd7e92e5aac3a209c7b08dd51b409ce65736e44809e715c4db4bc4462df7a3661cc153b674bbcf4d2ec78fb7738
SSDEEP

6144:mMTM4nDygy4WkSS7YpJFH5qR+a6LymNDQSUa:F44DytSsJU6LyCD7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
uwu

Files

uwu
.exe windows:4 windows x64 arch:x64

257f76b42c0eab727ebd8741d525e523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\users\admin\documents\visual studio 2005\projects\hhjjajajajaj\x64\release\备用3.pdb

Imports

kernel32

LoadLibraryW
GetProcAddress
GetModuleHandleA
HeapSize
HeapValidate
IsBadReadPtr
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlUnwindEx
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
HeapSetInformation
HeapCreate
GetLastError
HeapReAlloc
ExitProcess
GetACP
GetOEMCP
GetCPInfo
FlsGetValue
FlsSetValue
GetCurrentThreadId
FlsAlloc
TlsFree
FlsFree
SetLastError
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException
RtlPcToFileHeader
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
InitializeCriticalSection
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

257f76b42c0eab727ebd8741d525e523

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 9KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 176B