b:\source\source.YB\67160\Release_WDMAT_391\wx\Win32\Release\wd190mat.pdb
Static task
static1
Behavioral task
behavioral1
Sample
7a1231044afd18c275a53097ee602857e522e47d9002e766b5dd53599fa3b3e8.dll
Resource
win7-20240903-en
General
-
Target
7a1231044afd18c275a53097ee602857e522e47d9002e766b5dd53599fa3b3e8.exe
-
Size
248KB
-
MD5
7d4b0c996fe0a8f1bb1df08f6dbf6a40
-
SHA1
f72736bdfdb999d2e1a4f30f7c61558415582e15
-
SHA256
7a1231044afd18c275a53097ee602857e522e47d9002e766b5dd53599fa3b3e8
-
SHA512
b2d64a5afd9b6b5c5e514463e0800d20984974738237be685a464a795c5c92bd6f212ba1c175b3f175d86b381b554fb1110e80271b9ac0e319eb1ef747bb712d
-
SSDEEP
3072:taEZWj7MjLm4xNq5qg606u9YKuGmUKGOtdnVF8SYbQRtKX3lywX98qsQI+AX1:f2tvKXLViSYeKXVyl8I+AX1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7a1231044afd18c275a53097ee602857e522e47d9002e766b5dd53599fa3b3e8.exe
Files
-
7a1231044afd18c275a53097ee602857e522e47d9002e766b5dd53599fa3b3e8.exe.dll windows:4 windows x86 arch:x86
50f7feed7f7619fedc0f072dfb4b5a63
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
_lfind
_wcsicmp
fabs
log
pow
_HUGE
ceil
bsearch
_initterm
_adjust_fdiv
atof
vswprintf
wcscat
memmove
isxdigit
_wcsupr
_fcvt
wcschr
realloc
??2@YAPAXI@Z
??3@YAXPAX@Z
_wtoi
swprintf
wcsncpy
strncpy
wcslen
wcscpy
malloc
floor
free
_CIasin
_CIacos
__CxxFrameHandler
_CIexp
_CIpow
kernel32
GetLastError
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
LocalFree
FormatMessageW
GetCurrentThreadId
Exports
Exports
CommandeComposante
Execution
InfoComposante
TermLibrary
bInitLibrary
bInitWLCalcFromVM
bInitWLConvFromVM
pQueryProxy
Sections
.text Size: 72KB - Virtual size: 70KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE