C:\Users\inc\Desktop\Dareczek\build\usermode\usermode.pdb
Static task
static1
1 signatures
General
-
Target
Src.zip
-
Size
5.1MB
-
MD5
f877b43b2bba7aae7d34c33d8bfa0f29
-
SHA1
d4220c4d6b7f1a57ca7bb8e63742a0b3d737497d
-
SHA256
652e4fec2a4986eb6c31fc3cc693caf5287c977894ddede0fb1903f23229ccf1
-
SHA512
61dae4033c31ac9858c568477b46af5995eaf2cb1bc13d445cb144d3904bbcd33a5cf26a8a39443b39eb6586400750ba685a5b6d956196e144b15162a026640d
-
SSDEEP
98304:JUJDn4xA0beA+H//HOZganP7mB5S0a/38e6XzRtmSuzT43/24Lohnyo:JUSiE+HHOZFDqta/P63c03/BohT
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/build/usermode/usermode.exe
Files
-
Src.zip.zip
-
build/driver/kdmapper.exe
-
build/driver/kdmapper_release.exe
-
build/usermode/imgui.ini
-
build/usermode/usermode.exe.exe windows:6 windows x64 arch:x64
f8b0addc2b66c50d2430da2efecc494c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
d3d9
Direct3DCreate9Ex
kernel32
GlobalLock
GlobalFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateFileW
CloseHandle
DeviceIoControl
Sleep
CreateThread
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
SetConsoleTextAttribute
CreateToolhelp32Snapshot
Process32First
Process32Next
AcquireSRWLockExclusive
GlobalAlloc
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GlobalUnlock
WakeAllConditionVariable
ReleaseSRWLockExclusive
user32
RegisterClassExA
CreateWindowExA
DestroyWindow
SetLayeredWindowAttributes
LoadIconA
GetWindow
FindWindowA
GetDesktopWindow
SetWindowLongA
GetWindowRect
GetForegroundWindow
UpdateWindow
GetSystemMetrics
SendInput
mouse_event
GetAsyncKeyState
SetWindowPos
DefWindowProcA
PeekMessageA
DispatchMessageA
OpenClipboard
CloseClipboard
TranslateMessage
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
ShowWindow
GetKeyState
GetClientRect
SetCursorPos
SetCursor
GetCursorPos
LoadCursorA
ScreenToClient
ClientToScreen
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
msvcp140
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exceptions@std@@YAHXZ
_Query_perf_counter
_Query_perf_frequency
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
dwmapi
DwmExtendFrameIntoClientArea
vcruntime140
__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcmp
memset
memmove
memcpy
memchr
strstr
__std_terminate
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-string-l1-1-0
strncpy
strcmp
isprint
api-ms-win-crt-stdio-l1-1-0
_wfopen
__p__commode
__acrt_iob_func
ftell
_set_fmode
fclose
fflush
__stdio_common_vsnprintf_s
fread
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__stdio_common_vfprintf
fwrite
fseek
api-ms-win-crt-heap-l1-1-0
_set_new_mode
malloc
free
_callnewh
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-math-l1-1-0
pow
sqrtf
sinf
ceilf
cosf
floorf
asin
atan2
sqrt
tanf
fmodf
__setusermatherr
powf
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_exe
_set_app_type
_configure_narrow_argv
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
terminate
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
system
exit
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 416B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
build/usermode/usermode.exe
-
build/usermode/usermode.pdb
-
kernel mode/defines.h
-
kernel mode/driver.cpp
-
kernel mode/driver.vcxproj
-
kernel mode/driver.vcxproj.filters
-
kernel mode/driver.vcxproj.user
-
kernel mode/spoof.h
-
kernel mode/x64/intermediates/driver/driver.log
-
source.sln
-
usermode/Classes.h
-
usermode/D3DX/d3dx9.h
-
usermode/D3DX/d3dx9anim.h
-
usermode/D3DX/d3dx9core.h
-
usermode/D3DX/d3dx9effect.h
-
usermode/D3DX/d3dx9math.h
-
usermode/D3DX/d3dx9math.inl
-
usermode/D3DX/d3dx9mesh.h
-
usermode/D3DX/d3dx9shader.h
-
usermode/D3DX/d3dx9shape.h
-
usermode/D3DX/d3dx9tex.h
-
usermode/D3DX/d3dx9xof.h
-
usermode/ImGui/imconfig.h
-
usermode/ImGui/imgui.cpp
-
usermode/ImGui/imgui.h
-
usermode/ImGui/imgui_demo.cpp
-
usermode/ImGui/imgui_draw.cpp
-
usermode/ImGui/imgui_impl_dx9.cpp
-
usermode/ImGui/imgui_impl_dx9.h
-
usermode/ImGui/imgui_impl_win32.cpp
-
usermode/ImGui/imgui_impl_win32.h
-
usermode/ImGui/imgui_internal.h
-
usermode/ImGui/imgui_widgets.cpp.vbs
-
usermode/ImGui/imstb_rectpack.h
-
usermode/ImGui/imstb_textedit.h
-
usermode/ImGui/imstb_truetype.h
-
usermode/SkCrypt.h
-
usermode/XORS.h
-
usermode/d3dx9.lib
-
usermode/drawing.cpp
-
usermode/drawing.h
-
usermode/driver.h
-
usermode/ida.hpp
-
usermode/libcurl.lib
-
usermode/main.cpp
-
usermode/sdk.h
-
usermode/usermode.vcxproj.xml
-
usermode/usermode.vcxproj.filters
-
usermode/usermode.vcxproj.user
-
usermode/x64/intermediates/usermode/imgui.obj
-
usermode/x64/intermediates/usermode/imgui_demo.obj
-
usermode/x64/intermediates/usermode/imgui_draw.obj
-
usermode/x64/intermediates/usermode/imgui_impl_dx9.obj
-
usermode/x64/intermediates/usermode/imgui_impl_win32.obj
-
usermode/x64/intermediates/usermode/imgui_widgets.obj
-
usermode/x64/intermediates/usermode/main.obj
-
usermode/x64/intermediates/usermode/usermode.exe.recipe
-
usermode/x64/intermediates/usermode/usermode.iobj
-
usermode/x64/intermediates/usermode/usermode.ipdb
-
usermode/x64/intermediates/usermode/usermode.log
-
usermode/x64/intermediates/usermode/usermode.tlog/CL.command.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/CL.read.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/CL.write.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/Cl.items.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/link.command.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/link.read.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/link.secondary.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/link.write.1.tlog
-
usermode/x64/intermediates/usermode/usermode.tlog/usermode.lastbuildstate
-
usermode/x64/intermediates/usermode/vc143.pdb