C:\Users\zedin\Desktop\PUBG\Diablo Loop Loader\Release\DAYZ PRIVATE.pdb
Static task
static1
1 signatures
General
-
Target
DAYZ PRIVATE.exe
-
Size
2.4MB
-
MD5
61832d644c318ee01d129021c0d020c1
-
SHA1
cced4cc7f690a728f68efdec5085830a5c9bb17e
-
SHA256
4e19f189fa17bfaf5fc4a1b10aa2f55e05be17cb30d3691160422b0bec0b469c
-
SHA512
67eeabaa26c3f301e5efc44df002e0c256bcd1c0cece035f0daf5ab8991442aba63e84da102db10a711334cc9ec0703104ee451b0bc0f3d335b204864abf7d8f
-
SSDEEP
49152:FcW2WlI4atbr8WuGjLFcxC6ISPn4+mTyMlUNiIDGu3:FcWR+44SGv2cpE4+
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource DAYZ PRIVATE.exe
Files
-
DAYZ PRIVATE.exe.exe windows:6 windows x86 arch:x86
013bd18ff136d5c3bd69499f0931a1fd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ws2_32
socket
bind
connect
getpeername
getsockname
getsockopt
freeaddrinfo
getaddrinfo
ioctlsocket
listen
htonl
accept
select
__WSAFDIsSet
WSACleanup
WSAStartup
WSAIoctl
WSASetLastError
setsockopt
ntohs
htons
closesocket
WSAGetLastError
send
recv
getnameinfo
shutdown
crypt32
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertAddCertificateContextToStore
advapi32
RegOpenKeyA
CryptEnumProvidersW
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyExW
RegSetValueExW
RegCloseKey
CopySid
ConvertSidToStringSidA
RegQueryValueExA
IsValidSid
OpenProcessToken
RegOpenKeyExA
GetLengthSid
GetTokenInformation
GetUserNameA
kernel32
TlsFree
GetModuleHandleExW
FormatMessageW
GetFileType
GetModuleHandleW
GetSystemTimeAsFileTime
SwitchToFiber
IsDebuggerPresent
CreateFiber
LoadLibraryW
ConvertFiberToThread
ConvertThreadToFiber
FindClose
FindFirstFileW
FindNextFileW
GetSystemTime
SystemTimeToFileTime
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
CreateEventW
ResetEvent
SetEvent
OutputDebugStringW
DeleteFiber
Process32First
GetConsoleScreenBufferInfo
HeapFree
SetConsoleTextAttribute
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
InitializeCriticalSectionEx
WaitForSingleObject
GetModuleHandleA
OpenProcess
HeapSize
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32Next
HeapReAlloc
CloseHandle
HeapAlloc
HeapDestroy
GetProcAddress
LocalFree
DeleteCriticalSection
ExitProcess
ReadProcessMemory
GetProcessHeap
GetConsoleWindow
SetConsoleOutputCP
AllocConsole
GetExitCodeProcess
ReadFile
WriteFile
PeekNamedPipe
CreateFileW
GetCurrentProcessId
WaitNamedPipeW
lstrlenW
GetModuleFileNameW
MultiByteToWideChar
K32GetProcessMemoryInfo
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
SleepEx
VerSetConditionMask
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
VerifyVersionInfoA
GetTickCount
WaitForSingleObjectEx
ExpandEnvironmentStringsA
CreateFileA
GetFileSizeEx
GetEnvironmentVariableW
WideCharToMultiByte
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
user32
GetUserObjectInformationW
MoveWindow
GetWindowRect
MessageBoxW
MessageBoxA
GetProcessWindowStation
shell32
ShellExecuteA
ShellExecuteExA
msvcp140
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
_Cnd_broadcast
_Mtx_unlock
_Xtime_get_ticks
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
_Cnd_timedwait
_Cnd_init_in_situ
_Mtx_current_owns
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??Bid@locale@std@@QAEIXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?iword@ios_base@std@@QAEAAJH@Z
?xalloc@ios_base@std@@SAHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
userenv
UnloadUserProfile
rpcrt4
RpcStringFreeA
UuidToStringA
UuidCreate
urlmon
URLDownloadToFileA
bcrypt
BCryptGenRandom
vcruntime140
strstr
_except_handler4_common
strchr
__RTDynamicCast
memset
memchr
memcpy
_CxxThrowException
__std_terminate
__std_type_info_name
memmove
wcsstr
__current_exception
__current_exception_context
__std_exception_destroy
strrchr
_purecall
__std_type_info_compare
__std_exception_copy
__CxxFrameHandler3
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
_get_initial_narrow_environment
_invalid_parameter_noinfo_noreturn
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
__p___argv
exit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_errno
strerror
_configure_narrow_argv
__sys_nerr
_c_exit
_register_thread_local_exe_atexit_callback
_beginthreadex
raise
_exit
terminate
strerror_s
signal
_resetstkoflw
_invalid_parameter_noinfo
system
_controlfp_s
__p___argc
api-ms-win-crt-time-l1-1-0
_localtime64_s
_time64
_gmtime64_s
_gmtime64
_mktime64
_localtime64
asctime
api-ms-win-crt-stdio-l1-1-0
feof
clearerr
setbuf
fgetc
_pclose
_isatty
ferror
_wfopen
__p__commode
ftell
fgets
fseek
fclose
_fileno
fflush
__stdio_common_vsscanf
__acrt_iob_func
fputs
fwrite
__stdio_common_vsprintf
fgetpos
setvbuf
fputc
_popen
ungetc
fsetpos
fread
_fseeki64
fopen
__stdio_common_vswprintf
__stdio_common_vfprintf
freopen_s
_set_fmode
_setmode
_get_stream_buffer_pointers
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
calloc
_set_new_mode
realloc
_aligned_free
free
_aligned_malloc
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-convert-l1-1-0
strtoll
strtol
atoi
strtod
strtoull
strtoul
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_stat64i32
_fstat64i32
_access
_lock_file
remove
_stat64
api-ms-win-crt-locale-l1-1-0
localeconv
_configthreadlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
_dclass
ceil
log2
api-ms-win-crt-string-l1-1-0
strcmp
_strdup
_strnicmp
isspace
isupper
strspn
strcspn
strpbrk
tolower
_stricmp
strncmp
strncpy
api-ms-win-crt-environment-l1-1-0
getenv
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 506KB - Virtual size: 505KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 262KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 78KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
�����u� Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE