1ca6988067daf2a8ff282955871e07056d804e9410aecd026a6e4a0a00797ce8

Sharing

Copy URL Twitter E-mail

General

Target

1ca6988067daf2a8ff282955871e07056d804e9410aecd026a6e4a0a00797ce8
Size

27KB
MD5

bed5ce1da3a9cae7e21895cbca55da83
SHA1

767e68493c009d6bd32246336c85abc40bfcefde
SHA256

1ca6988067daf2a8ff282955871e07056d804e9410aecd026a6e4a0a00797ce8
SHA512

b571248a63769a4d213e75b201902b055fee89e43f4d106347b4ff4755179af76e40d924ea13600819f81429e7cba56894b7d2e4abce56bee82eb90362ca5378
SSDEEP

384:MfVnJQnkCaZjpEumolxVQTHrVBefZ3PJrbjeoir5q+Y73oUm8/GPtSGPQAFvUkIC:Mj3CGJ7kHyfZ3Pe5q+Yr2Tob9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ca6988067daf2a8ff282955871e07056d804e9410aecd026a6e4a0a00797ce8

Files

1ca6988067daf2a8ff282955871e07056d804e9410aecd026a6e4a0a00797ce8
.exe windows:6 windows x86 arch:x86

77007175b66af4bd0a19ba00e53dee79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\vcpkg\buildtrees\libfido2\x86-windows-rel\regress\regress_assert.pdb

Imports

fido2

fido_assert_verify
fido_assert_user_name
fido_assert_set_authdata
fido_assert_set_clientdata_hash
fido_assert_set_count
fido_assert_set_rp
fido_dev_force_fido2
fido_assert_free
fido_dev_new
eddsa_pk_free
eddsa_pk_new
rs256_pk_from_ptr
fido_dev_get_assert
fido_dev_set_io_functions
rs256_pk_to_EVP_PKEY
rs256_pk_free
rs256_pk_new
es256_pk_from_ptr
fido_assert_set_sig
fido_assert_set_uv
fido_assert_authdata_len
es256_pk_from_EVP_PKEY
es256_pk_to_EVP_PKEY
es256_pk_free
es256_pk_new
fido_assert_flags
fido_assert_user_id_len
fido_assert_sig_len
fido_assert_id_len
rs256_pk_from_EVP_PKEY
fido_assert_set_up
fido_assert_count
fido_assert_user_icon
fido_assert_clientdata_hash_len
fido_assert_user_display_name
fido_assert_rp_id
fido_assert_user_id_ptr
fido_assert_sig_ptr
fido_assert_id_ptr
fido_assert_clientdata_hash_ptr
fido_assert_authdata_ptr
fido_init
fido_dev_free
fido_dev_force_u2f
fido_assert_new

libcrypto-3

EVP_PKEY_free

vcruntime140

_except_handler4_common
memset
__current_exception_context
__current_exception

api-ms-win-crt-runtime-l1-1-0

abort
terminate
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe
_wassert
exit

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

GetCurrentProcessId
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
UnhandledExceptionFilter
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77007175b66af4bd0a19ba00e53dee79

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fido2

libcrypto-3

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB