7f4be59b6695ff26a6b02195a7facad2c09388a6ececcd515371eb4cf9352759

Sharing

Copy URL

Twitter E-mail

General

Target

7f4be59b6695ff26a6b02195a7facad2c09388a6ececcd515371eb4cf9352759
Size

65KB
MD5

856a38e04c27fd861759e497ff17a1d1
SHA1

812c11dbb1930581074dfe087473d003ca47aa2d
SHA256

7f4be59b6695ff26a6b02195a7facad2c09388a6ececcd515371eb4cf9352759
SHA512

2ceacd2bf74734ca0b882ba4891305c8931c074eacb578c6507cac2079b0c05b37efaf926be8228afcf231b551a160d48e87cc5bb688b2a2ef8fe740394d8660
SSDEEP

1536:eTSDI0suvb+tEEl5xJhaCohaUNLP+8Vkm:AWWluE3xfaCILbV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f4be59b6695ff26a6b02195a7facad2c09388a6ececcd515371eb4cf9352759

Files

7f4be59b6695ff26a6b02195a7facad2c09388a6ececcd515371eb4cf9352759
.dll windows:6 windows x86 arch:x86

fd7935f339606e434896470ff7c71759

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\assemblage\Builds\6558464577591543749wlzkcnoslm\PR6.4-rec--master\UnitTest6.4(rec)\assemblage_outdir_bin\UnitTest6.4(rec).pdb

Imports

microsoft.visualstudio.testtools.cppunittestframework

?InvalidParameterHandler@CrtHandlersSetter@TestClassImpl@CppUnitTestFramework@VisualStudio@Microsoft@@CAXPBG00II@Z
?GetAssertMessage@Assert@CppUnitTestFramework@VisualStudio@Microsoft@@CGX_NPBG11PAGI@Z
?IsDebuggerAttached@CrtHandlersSetter@TestClassImpl@CppUnitTestFramework@VisualStudio@Microsoft@@CG_NXZ
?FailOnCondition@Assert@CppUnitTestFramework@VisualStudio@Microsoft@@CGX_NPBGPBU__LineInfo@234@@Z

msvcp140d

?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_W_Getmonths@_Locinfo@std@@QBEPBGXZ
?_W_Getdays@_Locinfo@std@@QBEPBGXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
_Mbrtowc
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

vcruntime140d

_except_handler4_common
__current_exception_context
_purecall
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcpy
memmove
memset
__std_type_info_destroy_list
__current_exception

ucrtbased

_initialize_narrow_environment
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_free_dbg
_initterm_e
_initterm
malloc
_callnewh
_CrtSetReportMode
_CrtSetReportFile
_CrtDbgReport
_calloc_dbg
_set_invalid_parameter_handler
_invalid_parameter
_execute_onexit_table

kernel32

GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

Exports

Exports

?__GetTestClassInfo@?$TestClass@VUnitTest64rec@1@@CppUnitTestFramework@VisualStudio@Microsoft@@SGPBUTestClassInfo@234@XZ
?__GetTestMethodInfo_TestMethod1@UnitTest64rec@1@SGPBUMemberMethodInfo@CppUnitTestFramework@VisualStudio@Microsoft@@XZ
?__GetTestVersion@?$TestClass@VUnitTest64rec@1@@CppUnitTestFramework@VisualStudio@Microsoft@@SGPBUTestDataVersion@234@XZ
?s_Info@?1??__GetTestClassInfo@?$TestClass@VUnitTest64rec@1@@CppUnitTestFramework@VisualStudio@Microsoft@@SGPBUTestClassInfo@345@XZ@4U6345@B
?s_Info@?1??__GetTestMethodInfo_TestMethod1@UnitTest64rec@2@SGPBUMemberMethodInfo@CppUnitTestFramework@VisualStudio@Microsoft@@XZ@4U3456@A
?s_Metadata@?1??__GetTestClassInfo@?$TestClass@VUnitTest64rec@1@@CppUnitTestFramework@VisualStudio@Microsoft@@SGPBUTestClassInfo@345@XZ@4UClassMetadata@345@B
?s_Metadata@?1??__GetTestMethodInfo_TestMethod1@UnitTest64rec@2@SGPBUMemberMethodInfo@CppUnitTestFramework@VisualStudio@Microsoft@@XZ@4UMethodMetadata@456@B
?s_version@?1??__GetTestVersion@?$TestClass@VUnitTest64rec@1@@CppUnitTestFramework@VisualStudio@Microsoft@@SGPBUTestDataVersion@345@XZ@4U6345@A

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

testdata
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

testvers
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd7935f339606e434896470ff7c71759

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

microsoft.visualstudio.testtools.cppunittestframework

msvcp140d

vcruntime140d

ucrtbased

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 2KB

.idata Size: 7KB - Virtual size: 6KB

.msvcjmc Size: 512B - Virtual size: 400B

testdata Size: 1024B - Virtual size: 556B

testvers Size: 512B - Virtual size: 260B

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 2KB

.idata
Size: 7KB - Virtual size: 6KB

.msvcjmc
Size: 512B - Virtual size: 400B

testdata
Size: 1024B - Virtual size: 556B

testvers
Size: 512B - Virtual size: 260B

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB