C:\Users\chris\Desktop\woof.sol\x64\Release\antagonist-external.pdb
Static task
static1
1 signatures
General
-
Target
woof_cracked.exe
-
Size
1.1MB
-
MD5
fd5c91ea49915c18f0aee568d85e4b01
-
SHA1
f14fa8d5a22dbd8bca9ded8a84639623baf98c25
-
SHA256
e56b3bae612a2e78f2a552211dcccf2dd7d68613ba0f4860dbdb55111fc7918f
-
SHA512
bbd7a2288dd4da3d52721f4caceee23b2723f999521ffde2872171846d46496563c7bcce313a65e8411a7822d8e5e00a2eeb19b5fa6671598fbfafdae5f6df47
-
SSDEEP
24576:48zVXYJ1lZZ0uwIV4/1Qe6FmGgThmuP/g5ZRq0oKNE:48zBY5m5eAJjng5Xq0
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource woof_cracked.exe
Files
-
woof_cracked.exe.exe windows:6 windows x64 arch:x64
ad3a71139860e46a622e44716bdec7cc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WakeAllConditionVariable
GetCurrentThreadId
SleepConditionVariableSRW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetFileInformationByHandleEx
OutputDebugStringW
AreFileApisANSI
GetTempPathW
SetFileInformationByHandle
GetFullPathNameW
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateDirectoryW
GetLocaleInfoEx
GetFileSizeEx
WaitForMultipleObjects
PeekNamedPipe
ReadFile
GetFileType
GetStdHandle
GetEnvironmentVariableA
WaitForSingleObjectEx
MoveFileExA
GetTickCount
VerifyVersionInfoA
GetSystemDirectoryA
SleepEx
LeaveCriticalSection
EnterCriticalSection
LocalFree
FormatMessageA
SetLastError
QueryFullProcessImageNameW
GetModuleHandleW
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
VirtualProtect
CreateThread
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
QueryPerformanceCounter
FreeLibrary
VerSetConditionMask
QueryPerformanceFrequency
LoadLibraryA
GetLocaleInfoA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
TerminateThread
lstrcmpiA
GetConsoleWindow
CloseHandle
Process32Next
CreateFileA
CreateToolhelp32Snapshot
CreateFileW
GetCurrentProcess
Process32First
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryExA
VirtualAlloc
InitializeSListHead
DeviceIoControl
VirtualFree
Sleep
user32
SetCursorPos
ReleaseCapture
CloseClipboard
DestroyWindow
GetSystemMetrics
DispatchMessageA
IsWindowUnicode
SetProcessDPIAware
OpenClipboard
EmptyClipboard
SetWindowLongA
GetClipboardData
SetClipboardData
SetWindowDisplayAffinity
GetMonitorInfoA
ShowWindow
MoveWindow
DefWindowProcA
CreateWindowExA
SetLayeredWindowAttributes
TranslateMessage
LoadIconA
PeekMessageA
UnregisterClassA
GetClientRect
SetCursor
SendInput
SetCapture
GetKeyboardLayout
TrackMouseEvent
GetCursorPos
ClientToScreen
FindWindowA
GetForegroundWindow
GetCapture
MonitorFromWindow
GetAsyncKeyState
ScreenToClient
LoadCursorA
GetMessageExtraInfo
GetKeyState
MessageBoxA
UpdateWindow
RegisterClassExA
PostQuitMessage
GetWindowRect
gdi32
CreateSolidBrush
advapi32
CryptGetHashParam
RegCreateKeyA
GetUserNameW
AddAccessAllowedAce
GetLengthSid
GetTokenInformation
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
RegSetValueExA
RegDeleteKeyA
RegOpenKeyA
AdjustTokenPrivileges
InitializeAcl
IsValidSid
SetSecurityInfo
CopySid
ConvertSidToStringSidA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
CryptCreateHash
LookupPrivilegeValueW
CryptHashData
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
shell32
SHGetFolderPathW
ShellExecuteA
msvcp140
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
_Query_perf_frequency
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
_Query_perf_counter
_Thrd_detach
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
_Mtx_lock
_Mtx_unlock
_Strxfrm
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$collate@D@std@@2V0locale@2@A
_Strcoll
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Xtime_get_ticks
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Syserror_map@std@@YAPEBDH@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Xlength_error@std@@YAXPEBD@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xbad_alloc@std@@YAXXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xbad_function_call@std@@YAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
ntdll
NtQuerySystemInformation
RtlInitAnsiString
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlAnsiStringToUnicodeString
dbghelp
ImageDirectoryEntryToData
ImageRvaToVa
ImageNtHeader
d3d11
D3D11CreateDeviceAndSwapChain
imm32
ImmReleaseContext
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
d3dcompiler_47
D3DCompile
dwmapi
DwmExtendFrameIntoClientArea
rpcrt4
UuidToStringA
UuidCreate
RpcStringFreeA
psapi
GetModuleInformation
userenv
UnloadUserProfile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__current_exception
strrchr
memset
memmove
memcpy
__current_exception_context
memchr
_CxxThrowException
strstr
strchr
__C_specific_handler
__std_exception_destroy
memcmp
__std_exception_copy
__std_terminate
api-ms-win-crt-runtime-l1-1-0
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
abort
_c_exit
exit
_errno
_invalid_parameter_noinfo_noreturn
_getpid
_beginthreadex
terminate
_register_thread_local_exe_atexit_callback
perror
system
strerror
__sys_nerr
_invalid_parameter_noinfo
_resetstkoflw
__p___argc
api-ms-win-crt-stdio-l1-1-0
fputs
__p__commode
_read
_popen
fopen
fgets
feof
fputc
__acrt_iob_func
_pclose
fflush
fclose
fgetc
__stdio_common_vsscanf
_wfopen
__stdio_common_vfprintf
_write
fseek
ftell
_close
_open
fwrite
_set_fmode
_lseeki64
_get_stream_buffer_pointers
__stdio_common_vsprintf
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
api-ms-win-crt-heap-l1-1-0
free
calloc
realloc
malloc
_set_new_mode
_callnewh
api-ms-win-crt-math-l1-1-0
ceilf
cosf
_dsign
sinf
fmodf
pow
sqrt
powf
sqrtf
__setusermatherr
acosf
api-ms-win-crt-convert-l1-1-0
strtod
strtoll
strtoull
strtoul
atoi
atof
strtol
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_fstat64
_unlink
_access
remove
_stat64
_unlock_file
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
_configthreadlocale
localeconv
api-ms-win-crt-string-l1-1-0
strspn
_stricmp
strpbrk
strncpy
strncmp
tolower
isupper
strcspn
strcmp
_strdup
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-utility-l1-1-0
qsort
rand
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64
ws2_32
htons
closesocket
socket
WSASetLastError
recv
setsockopt
__WSAFDIsSet
WSAIoctl
send
WSAGetLastError
WSAStartup
WSACleanup
bind
connect
getpeername
accept
getsockname
htonl
getsockopt
ntohs
ntohl
gethostname
sendto
recvfrom
freeaddrinfo
getaddrinfo
select
listen
ioctlsocket
normaliz
IdnToAscii
crypt32
CertFindExtension
CertAddCertificateContextToStore
CertFreeCertificateChain
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertGetNameStringA
wldap32
ord27
ord26
ord22
ord79
ord30
ord41
ord32
ord45
ord60
ord211
ord200
ord46
ord217
ord143
ord50
ord301
ord35
ord33
Sections
.text Size: 903KB - Virtual size: 902KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 219KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ