1154839ff0c1bfe3e10689f887f0e0d089b3b04eddbf6b570c499e105a66f141

Sharing

Copy URL Twitter E-mail

General

Target

1154839ff0c1bfe3e10689f887f0e0d089b3b04eddbf6b570c499e105a66f141
Size

226KB
MD5

6d2b3b6a87fd20e88581c1ccfb734cb7
SHA1

dd2d34dd0fece4eda7b05bf1a0554a076e2b2d62
SHA256

1154839ff0c1bfe3e10689f887f0e0d089b3b04eddbf6b570c499e105a66f141
SHA512

5e88af60d87609ac457e7de2d09cce62fe1d10f8d719d5d8312087778e75d90aca445baaafabb8dd4e1ebe3700280d7c3c4a3b6b3c94cb84c49484992bb88df2
SSDEEP

3072:JP1uKtVrx+IGG35CPLgnl/ACnAaMAyzGWY8q+:vuKtVrDGQCTgnl/ACnydG98q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1154839ff0c1bfe3e10689f887f0e0d089b3b04eddbf6b570c499e105a66f141

Files

1154839ff0c1bfe3e10689f887f0e0d089b3b04eddbf6b570c499e105a66f141
.exe windows:6 windows x64 arch:x64

f198592843c316d74a397e09bec3df14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\assemblage_aaai_code\Builds\1437429920855603533vuzjpyazeg\console_sandbox\assemblage_outdir_bin\console_sandbox.pdb

Imports

msvcp140

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
_Cnd_destroy_in_situ
_Mtx_unlock
_Thrd_join
_Xtime_get_ticks
?_Xlength_error@std@@YAXPEBD@Z
_Thrd_id
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_C_error@std@@YAXH@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Throw_Cpp_error@std@@YAXH@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Cnd_signal
??1_Locinfo@std@@QEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
__std_exception_copy
memchr
memcmp
memcpy
memmove
_purecall
__C_specific_handler
__current_exception
__current_exception_context
memset
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_exit
_invalid_parameter_noinfo_noreturn
terminate
_errno
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_seh_filter_exe
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_set_app_type
_initterm
exit
_initterm_e
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

_callnewh
free
calloc
_set_new_mode
malloc

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_localtime64_s
strftime

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
_set_fmode
__stdio_common_vfprintf
__stdio_common_vsnprintf_s

api-ms-win-crt-math-l1-1-0

_dclass
_ldclass
__setusermatherr
_fdclass
_dsign
ceilf
ceil

api-ms-win-crt-string-l1-1-0

isdigit

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

GetDynamicTimeZoneInformation
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
InitializeSListHead
IsDebuggerPresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentProcessId
GetConsoleMode
GetCurrentThreadId
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
WriteConsoleA
WriteFile
IsProcessorFeaturePresent

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f198592843c316d74a397e09bec3df14

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 11KB - Virtual size: 12KB

.pdata Size: 16KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 11KB - Virtual size: 12KB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB