D:\visualka\my cheats\mivison.pw\x64\Release\mivison.pw.pdb
Static task
static1
1 signatures
General
-
Target
1727475995415-261trp.dll
-
Size
1.1MB
-
MD5
d9bdca724095b42273523a9e2a794f56
-
SHA1
260e4266ed3805489d7168627b234288e290f802
-
SHA256
c7f92b753ee927a7572bcb53fc818d53bfdd1a0561341d97769d10280561cafd
-
SHA512
faac1e66aee052692471f062ae8cfb83fcbb45e2ef6f4d1faec7e10f4e49c3d1cfc6f2a57ec3c556df8e52cbce16fbc41ac8334f0edf31c5239114bb9f2f0df0
-
SSDEEP
24576:ILrDhqDCypkps1Ydmv+Nib9vmDH7MlPuZLrDI5/0h8xOj/vR:ILrDADCypETmjb9ODAxuprk5giOj3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1727475995415-261trp.dll
Files
-
1727475995415-261trp.dll.dll windows:6 windows x64 arch:x64
3acef02b235e58b0a28a626226c5dcad
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetCurrentProcess
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
SetLastError
FreeLibrary
GetModuleHandleW
LoadLibraryExW
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetProcAddress
CreateThread
CloseHandle
GetCurrentThread
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
HeapSize
HeapReAlloc
ReadConsoleW
ReadFile
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetConsoleMode
GetConsoleOutputCP
WriteConsoleW
GetModuleHandleA
MultiByteToWideChar
LocalFree
FormatMessageA
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
GetFileInformationByHandleEx
WideCharToMultiByte
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
RtlUnwindEx
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetFileSizeEx
GetStdHandle
GetFileType
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
WriteFile
RtlUnwind
user32
GetAsyncKeyState
GetWindowTextA
GetCursorPos
GetForegroundWindow
shell32
SHGetKnownFolderPath
ntdll
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
RtlPcToFileHeader
d2d1
ord1
dwrite
DWriteCreateFactory
Sections
.text Size: 847KB - Virtual size: 846KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ