89f10b5e2aef52301d25f70d59af30da070f20ae2d8ce0bd7af4e5a08c4cd4a8

Sharing

Copy URL Twitter E-mail

General

Target

89f10b5e2aef52301d25f70d59af30da070f20ae2d8ce0bd7af4e5a08c4cd4a8
Size

91KB
MD5

e48618460f646a6c1cfec4d7dc775e01
SHA1

1ba044773b6515f39db643af487ee044c0f4e2af
SHA256

89f10b5e2aef52301d25f70d59af30da070f20ae2d8ce0bd7af4e5a08c4cd4a8
SHA512

4850538f1abaf13293e722352b6db1835ab24ca3d23e5d8a76abbf245f34c34cbe5465eac8efa10c8c6b250a8ad3ec91cc6da043a90b071c86a710ddabc3d609
SSDEEP

768:A3HsNcGo2r0xBr3yHBmFaTSLdzEGBhOVo1gA29:A8XgxBr6B4a+dzEGBhYKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f10b5e2aef52301d25f70d59af30da070f20ae2d8ce0bd7af4e5a08c4cd4a8

Files

89f10b5e2aef52301d25f70d59af30da070f20ae2d8ce0bd7af4e5a08c4cd4a8
.exe windows:6 windows x64 arch:x64

1df985c36015cf56b1129b6f62e536e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\assemblage\Builds\2844004892632002643gwwmjysspk\gpftw-master\Tutorial7\assemblage_outdir_bin\Tutorial7 (speed).pdb

Imports

user32

GetAsyncKeyState

msvcp140d

?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z

kernel32

GetCurrentThreadId
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetLastError
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
HeapAlloc

vcruntime140d

__std_exception_copy
__std_exception_destroy
_CxxThrowException
__vcrt_LoadLibraryExW
memmove
__C_specific_handler
__C_specific_handler_noexcept
__std_type_info_destroy_list
__current_exception
__current_exception_context
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW

vcruntime140_1d

__CxxFrameHandler4

ucrtbased

_invalid_parameter
rand
__acrt_iob_func
__stdio_common_vfprintf
_CrtDbgReport
_callnewh
malloc
_CrtDbgReportW
_seh_filter_exe
_set_app_type
__setusermatherr
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
_free_dbg
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1df985c36015cf56b1129b6f62e536e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

msvcp140d

kernel32

vcruntime140d

vcruntime140_1d

ucrtbased

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1KB - Virtual size: 2KB

.pdata Size: 10KB - Virtual size: 9KB

.idata Size: 5KB - Virtual size: 4KB

.msvcjmc Size: 512B - Virtual size: 382B

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 766B

.textbss
Size: - Virtual size: 64KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 10KB - Virtual size: 9KB

.idata
Size: 5KB - Virtual size: 4KB

.msvcjmc
Size: 512B - Virtual size: 382B

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 766B