C:\tmp\FastFindDLL\Output\FastFindDLL64.pdb
Static task
static1
1 signatures
General
-
Target
FastFind64.dll
-
Size
143KB
-
MD5
532a52c2847889d73d09933da076fa4c
-
SHA1
23d8574927cc977940cd80de99101a716366a949
-
SHA256
3c030d3a9fb78ac9f901ef199a3d97ffe5f293adfdfddcb3add388fc1c79c603
-
SHA512
6c1b6d60d8e1ffc2e77b3306a46cddc80b00eefa1ba91e19b6670f88d5218308e4e4a3b8aa828209a8ecac33493de4418b518fec8dc2823ab8de0d698e72aa40
-
SSDEEP
3072:hRmFyJvBDuxUWI8IjP8bm4Te2+iT5qEn2wxmCDEpPh+xBNLpSIdL7:hUFuJtrp/4TTT5Tn2wxmCDQPwHLAQ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FastFind64.dll
Files
-
FastFind64.dll.dll windows:5 windows x64 arch:x64
db24e1ab88f7eb0882a62cbef5eae034
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
SetEndOfFile
GetProcessHeap
ReadFile
CreateFileW
CompareStringW
GetLastError
MultiByteToWideChar
QueryPerformanceCounter
WriteConsoleW
QueryPerformanceFrequency
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
CreateFileA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
EncodePointer
DecodePointer
HeapReAlloc
HeapAlloc
HeapFree
GetFileAttributesA
GetSystemTimeAsFileTime
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
RtlUnwindEx
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CloseHandle
RaiseException
RtlPcToFileHeader
SetHandleCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree
SetLastError
FlsAlloc
WideCharToMultiByte
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
SetEnvironmentVariableA
user32
GetDesktopWindow
ReleaseDC
GetWindowRect
GetClientRect
ClientToScreen
GetWindowTextA
GetWindowDC
MessageBoxA
GetDC
gdi32
DeleteObject
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
DeleteDC
Rectangle
SetDCPenColor
GetStockObject
SelectObject
Ellipse
gdiplus
GdipAlloc
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipCreateBitmapFromGdiDib
GdipFree
Exports
Exports
AddColor
AddExcludedArea
ApplyFilterOnSnapShot
ColorCount
ColorPixelSearch
ColorsPixelSearch
ColorsSearch
ComputeMeanValues
DebugError
DebugTrace
DrawSnapShot
DrawSnapShotXY
DuplicateSnapShot
FFGetPixel
FFSetPixel
FFTest
FFVersion
GenericColorSearch
GetLastErrorMsg
GetLastFileSuffix
GetRawData
HasChanged
IsExcluded
KeepChanges
KeepColor
LocalizeChanges
ProgressiveSearch
RemoveColor
ResetColors
ResetExcludedAreas
SaveBMP
SaveJPG
SetDebugMode
SetHWnd
SnapShot
Sections
.text Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ