e6943179656d43e0d780bd50b1a447f1bf7a29e9b44f3699c4aed7e93c8c36d8

Sharing

Copy URL Twitter E-mail

General

Target

e6943179656d43e0d780bd50b1a447f1bf7a29e9b44f3699c4aed7e93c8c36d8
Size

187KB
MD5

b0cd7f8f502b0a96c2285f7ff56d952a
SHA1

bb1ecd87cc6fadbd923f6c5f81ed6e4330f828e1
SHA256

e6943179656d43e0d780bd50b1a447f1bf7a29e9b44f3699c4aed7e93c8c36d8
SHA512

df966eddf769499b18be1465bdc44321a8c5c811cf97c878fb79209c456d50a70819bb59f804730e7a8c3e435b08683b1e979687e9828bc137fcb1994557b553
SSDEEP

3072:2TnbjyO4C39TuMTWLCNfWJ0Ky1YBSIGkHozBJHSwvjUPx1TS0uVtEWj037gqoZaq:Y+JC39DiLCNA0Ky1YBSIGkHozBJHSwv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6943179656d43e0d780bd50b1a447f1bf7a29e9b44f3699c4aed7e93c8c36d8

Files

e6943179656d43e0d780bd50b1a447f1bf7a29e9b44f3699c4aed7e93c8c36d8
.exe windows:6 windows x64 arch:x64

169567fcacf387053551c3a27bb7fb42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\assemblage_aaai_code\Builds\8472336843459233520lhhhjqnjaz\Breeze\assemblage_outdir_bin\Breeze.pdb

Imports

vcruntime140

_CxxThrowException
__std_exception_destroy
memset
__CxxFrameHandler3
__C_specific_handler
_purecall
__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

free
realloc
_callnewh
_set_new_mode
malloc

api-ms-win-crt-convert-l1-1-0

_itoa
atoi
atof

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_c_exit
_register_thread_local_exe_atexit_callback
__p___argv
_seh_filter_exe
_set_app_type
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_exit
_configure_narrow_argv
exit
_initterm_e
_initialize_narrow_environment
_get_initial_narrow_environment
_cexit
_initterm
__p___argc

api-ms-win-crt-math-l1-1-0

sqrtf
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

GetCurrentProcessId
IsProcessorFeaturePresent
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
InitializeSListHead
RtlCaptureContext
IsDebuggerPresent
GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
TerminateProcess

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

169567fcacf387053551c3a27bb7fb42

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 432B

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 432B