8b0e205bfac8867a67ebcd4ddc0effab6346c6c199d9806de99b6ca1b01c14e4

Sharing

Copy URL Twitter E-mail

General

Target

8b0e205bfac8867a67ebcd4ddc0effab6346c6c199d9806de99b6ca1b01c14e4
Size

4.9MB
MD5

3ec957fbc412c07b8c87f73eaf1ce638
SHA1

0f559df5ded521658851dcf272aaa29e084651ab
SHA256

8b0e205bfac8867a67ebcd4ddc0effab6346c6c199d9806de99b6ca1b01c14e4
SHA512

d803f91bcbf88701ad34282c33ced538f5924a925cca323cf853580c3afadd7cfe6075cdc182ef0defa0a220279a12652900be8cd8d85cdcbf6737f5b78630dc
SSDEEP

98304:Ti/X9xw1kLUdykjk/5gbLxY5NyCiAkX4Uyp7Dd0z6N0ZHffItELWC5:Tifzw1wUdbk/qLS+CixkDd0OntELJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b0e205bfac8867a67ebcd4ddc0effab6346c6c199d9806de99b6ca1b01c14e4

Files

8b0e205bfac8867a67ebcd4ddc0effab6346c6c199d9806de99b6ca1b01c14e4
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\buildslave\unity\build\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_Master_il2cpp_x64.pdb

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 14KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 382KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

Size: 24KB - Virtual size: 40KB

Size: 14KB - Virtual size: 35KB

Size: 512B - Virtual size: 7KB

Size: 2KB - Virtual size: 3KB

Size: 512B - Virtual size: 148B

Size: 382KB - Virtual size: 552KB

Size: 1KB - Virtual size: 1KB

.debug Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 552KB - Virtual size: 552KB

.vdata Size: - Virtual size: 6.8MB

.boot Size: 3.9MB - Virtual size: 3.9MB

.debug
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 552KB - Virtual size: 552KB

.vdata
Size: - Virtual size: 6.8MB

.boot
Size: 3.9MB - Virtual size: 3.9MB