ImeBroker.pdb
Static task
static1
1 signatures
General
-
Target
63677bd6ede0b7bdac542753b3f11a78af6f220bdaaed364e6cd9a8ec9636a73
-
Size
237KB
-
MD5
d29980f768aafdcf102cf1b3741c8a2b
-
SHA1
a001b8981f2b454c685ff41e0b6c56b712bd1c7c
-
SHA256
63677bd6ede0b7bdac542753b3f11a78af6f220bdaaed364e6cd9a8ec9636a73
-
SHA512
bd027939ebd1233b8c6b391243cc105cc024e1dc866ea2f5423a7c3ffae87e34cafac4ab829fec8d4ef09c93cc59a962bd5871ab21c1d59dd9efd87d4d4d048d
-
SSDEEP
6144:T6rX1IsJkRugl24Qz3v1PSfVtu+5I5WVdF0:T66sJIudNS9tT5y+X0
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 63677bd6ede0b7bdac542753b3f11a78af6f220bdaaed364e6cd9a8ec9636a73
Files
-
63677bd6ede0b7bdac542753b3f11a78af6f220bdaaed364e6cd9a8ec9636a73.exe windows:10 windows x86 arch:x86
b6df92b17f27e1708240ec29f2498c77
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
user32
PeekMessageW
PostQuitMessage
MsgWaitForMultipleObjects
AllowSetForegroundWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
CharNextW
WaitForInputIdle
msvcrt
wcsncat_s
_initterm
swscanf_s
__setusermatherr
__p__fmode
_cexit
_exit
exit
__set_app_type
_wcmdln
_amsg_exit
__p__commode
_XcptFilter
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBDH@Z
??0exception@@QAE@ABQBD@Z
tolower
wcsnlen
wcsrchr
wcsncpy_s
_lock
_unlock
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_controlfp
_except_handler4_common
_vsnwprintf
free
malloc
memcpy
vswprintf_s
wcsncmp
_wcsnicmp
_vsnwprintf_s
??_V@YAXPAX@Z
_wtoi
__wgetmainargs
memcmp
_CIlog
__CxxFrameHandler3
_CxxThrowException
_purecall
memmove
_CIexp
memset
api-ms-win-core-com-l1-1-1
CoReleaseServerProcess
CoAddRefServerProcess
CreateStreamOnHGlobal
CoInitializeSecurity
CoInitializeEx
CoRegisterClassObject
CoResumeClassObjects
CoTaskMemFree
CoRevokeClassObject
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
api-ms-win-core-synch-l1-2-0
OpenEventW
Sleep
InitializeCriticalSectionEx
AcquireSRWLockExclusive
SetEvent
ReleaseMutex
OpenMutexW
CreateMutexW
InitOnceComplete
CreateEventW
ReleaseSRWLockExclusive
WaitForSingleObject
InitOnceBeginInitialize
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-libraryloader-l1-2-0
LoadResource
FreeLibrary
GetModuleHandleA
LoadLibraryExW
GetProcAddress
GetModuleHandleExW
FindResourceExW
FreeLibraryAndExitThread
GetModuleFileNameA
GetModuleHandleW
LockResource
SizeofResource
api-ms-win-core-heap-l1-2-0
HeapSetInformation
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-1
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
api-ms-win-core-processthreads-l1-1-2
ResumeThread
GetCurrentProcessId
GetCurrentProcess
CreateThread
OpenProcessToken
CreateProcessW
GetStartupInfoW
GetExitCodeProcess
GetCurrentThreadId
TerminateProcess
SetPriorityClass
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventWrite
EventActivityIdControl
EventUnregister
EventRegister
EventSetInformation
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-2-1
GetSystemDirectoryW
GetSystemTime
GetTickCount64
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
api-ms-win-security-base-l1-2-0
AllocateAndInitializeSid
IsValidSid
GetSidSubAuthority
GetTokenInformation
GetSidSubAuthorityCount
api-ms-win-core-registry-l1-1-0
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegGetValueW
RegQueryValueExW
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-heap-l2-1-0
LocalFree
GlobalAlloc
GlobalFree
oleaut32
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
api-ms-win-core-localization-l1-2-1
LCMapStringW
FormatMessageW
api-ms-win-core-debug-l1-1-1
OutputDebugStringW
api-ms-win-core-registry-l1-1-1
RegSetKeyValueW
api-ms-win-core-file-l1-2-1
SetFileTime
GetFileSize
CreateFileW
GetTempPathW
CreateDirectoryW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
DeleteFileW
WriteFile
SetEndOfFile
GetFileAttributesW
SetFilePointer
api-ms-win-core-memory-l1-1-2
OpenFileMappingW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FlushViewOfFile
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-string-l1-1-0
CompareStringW
advapi32
SetEntriesInAclW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
shell32
ord165
SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW
shlwapi
ord12
PathFileExistsW
api-ms-win-appmodel-runtime-l1-1-1
GetCurrentPackageFullName
GetPackageFullName
api-ms-win-core-processenvironment-l1-2-0
ExpandEnvironmentStringsW
api-ms-win-security-trustee-l1-1-1
BuildExplicitAccessWithNameW
profapi
ord104
Sections
.text Size: 214KB - Virtual size: 213KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ