C:\Users\qxod\source\repos\nevermiss\FatNiggasEverywhere\santo\build\santo.pdb
Static task
static1
1 signatures
General
-
Target
CgnvVTU.exe
-
Size
2.5MB
-
MD5
e8c209d02e37b52b1ce181c302aec9dd
-
SHA1
cd286839fe57d60831ec67f3cd96d76ffb7c237a
-
SHA256
4c5f9c8ac853fb77c5f7c29fc9e5f02f44d536073566058cbe9545d0883ff010
-
SHA512
02022983e9b6a7a9b6db34c31a13e146db2ed5f09ed01c0f112854b4d7b19d41a78d848bf2758a78335d0e75bfc7478a5741e06beab7adb8353d05efd907d9c3
-
SSDEEP
49152:J6uuIVC97b7b7b7M5IXmUzDgxmVvqAhfXib/0GZHRKttY+z+4y5PRL1dChVQcmYD:ZV1IWURxhWZxKttYN/PRL1YVF
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource CgnvVTU.exe
Files
-
CgnvVTU.exe.exe windows:6 windows x64 arch:x64
67d250d3368e97bbbfaaa1b3d8c82833
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
winmm
PlaySoundA
kernel32
SetLastError
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
GetSystemDirectoryA
VerifyVersionInfoA
Sleep
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetFileType
PeekNamedPipe
WaitForMultipleObjects
GetLastError
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
HeapFree
HeapAlloc
GetFileSizeEx
QueryPerformanceCounter
FreeLibrary
VerSetConditionMask
QueryPerformanceFrequency
LoadLibraryA
GetLocaleInfoA
GetTickCount
GlobalUnlock
LocalFree
GetLocaleInfoEx
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
TerminateThread
lstrcmpiA
GetConsoleWindow
Process32Next
CreateFileA
CreateToolhelp32Snapshot
CreateFileW
GetCurrentProcess
Process32First
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryExA
VirtualAlloc
DeviceIoControl
VirtualFree
GetStdHandle
SetConsoleTitleA
CloseHandle
ReadFile
SleepConditionVariableSRW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WakeAllConditionVariable
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
user32
GetWindowRect
DestroyWindow
GetSystemMetrics
SetWindowLongA
SetWindowDisplayAffinity
GetMonitorInfoA
MoveWindow
SendInput
GetCursorPos
GetAsyncKeyState
ScreenToClient
FindWindowA
GetForegroundWindow
MessageBoxA
DispatchMessageA
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetDC
SetCursorPos
ReleaseCapture
IsWindowUnicode
SetProcessDPIAware
GetClientRect
SetCursor
SetCapture
DefWindowProcA
CreateWindowExA
SetLayeredWindowAttributes
ShowWindow
LoadIconA
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
GetKeyState
GetMessageExtraInfo
LoadCursorA
MonitorFromWindow
GetCapture
ClientToScreen
TrackMouseEvent
GetKeyboardLayout
TranslateMessage
gdi32
CreateSolidBrush
GetPixel
advapi32
RegCloseKey
RegQueryValueExA
OpenProcessToken
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyA
RegOpenKeyExA
shell32
SHGetFolderPathW
ShellExecuteA
msvcp140
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
_Query_perf_frequency
?_Random_device@std@@YAIXZ
_Mtx_lock
_Query_perf_counter
_Mtx_unlock
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
_Thrd_detach
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
_Xtime_get_ticks
?id@?$ctype@D@std@@2V0locale@2@A
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exceptions@std@@YAHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?good@ios_base@std@@QEBA_NXZ
ntdll
NtQuerySystemInformation
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
dbghelp
ImageNtHeader
ImageDirectoryEntryToData
ImageRvaToVa
d3d11
D3D11CreateDeviceAndSwapChain
imm32
ImmGetContext
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow
d3dcompiler_43
D3DCompile
dwmapi
DwmExtendFrameIntoClientArea
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
vcruntime140_1
__CxxFrameHandler4
vcruntime140
_CxxThrowException
__intrinsic_setjmp
__current_exception_context
__current_exception
memcmp
memchr
memset
memmove
memcpy
longjmp
strrchr
strstr
strchr
__C_specific_handler
__std_terminate
__std_exception_copy
__std_exception_destroy
api-ms-win-crt-heap-l1-1-0
free
_callnewh
malloc
realloc
_set_new_mode
calloc
api-ms-win-crt-math-l1-1-0
acosf
atan2f
ceilf
cosf
fmodf
_dsign
sqrtf
fminf
powf
sinf
__setusermatherr
api-ms-win-crt-convert-l1-1-0
strtoll
strtoull
strtol
strtod
atoi
strtoul
atof
api-ms-win-crt-locale-l1-1-0
localeconv
_configthreadlocale
___lc_codepage_func
api-ms-win-crt-runtime-l1-1-0
_errno
_invalid_parameter_noinfo_noreturn
strerror
system
exit
__sys_nerr
_getpid
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
abort
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
terminate
_beginthreadex
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
api-ms-win-crt-stdio-l1-1-0
fgetc
fputc
fread
feof
_lseek
fwrite
_fileno
_open
setvbuf
ungetc
fsetpos
_fseeki64
_get_stream_buffer_pointers
__stdio_common_vsscanf
_set_fmode
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
ftell
__p__commode
_lseeki64
_wfopen
ferror
fputs
fopen
fgetpos
__acrt_iob_func
__stdio_common_vsprintf_s
fgets
_write
_close
_setmode
__stdio_common_vfprintf
fseek
_read
clearerr
fclose
fflush
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_access
_unlock_file
_unlink
_fstat64
_mkdir
_stat64
api-ms-win-crt-string-l1-1-0
strpbrk
strcspn
_strdup
strcmp
strspn
isupper
strncpy
tolower
_stricmp
strncmp
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_gmtime64
_localtime64
_time64
strftime
api-ms-win-crt-utility-l1-1-0
rand
qsort
ws2_32
ioctlsocket
select
accept
freeaddrinfo
recvfrom
listen
htonl
sendto
WSACleanup
WSAStartup
WSAIoctl
WSASetLastError
gethostname
ntohl
socket
setsockopt
closesocket
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
getaddrinfo
__WSAFDIsSet
ntohs
normaliz
IdnToAscii
crypt32
CertEnumCertificatesInStore
CertOpenStore
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CryptStringToBinaryA
wldap32
ord45
ord46
ord50
ord217
ord41
ord22
ord26
ord27
ord143
ord32
ord33
ord35
ord79
ord30
ord200
ord211
ord301
ord60
Exports
Exports
OPENSSL_Applink
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 331KB - Virtual size: 330KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1015KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ