477b929324b6b91c8749bc149337b208a040d61efad7faba2f101475978c4ed7

Sharing

Copy URL

Twitter E-mail

General

Target

477b929324b6b91c8749bc149337b208a040d61efad7faba2f101475978c4ed7
Size

3.6MB
MD5

d5abe0021397932368bb9385622e94f7
SHA1

e409d39359caa35c24a67a57dac62e56e4cbfd1b
SHA256

477b929324b6b91c8749bc149337b208a040d61efad7faba2f101475978c4ed7
SHA512

161725971fbe22866f2c057778fbf610ee0af014308fb113f0d5d12f6dbd1de10f29b02a2cf0c7ac86a2215bb4d04d27b26340e09710e96f64ceb17be5df0cbc
SSDEEP

24576:GA32skahwLuCTnqfljVZZ3j0oddC9BJn6uT9KtSk8k2OHHkrkB2DW:GA3LwxiDZdOznZTHQkrpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
477b929324b6b91c8749bc149337b208a040d61efad7faba2f101475978c4ed7

Files

477b929324b6b91c8749bc149337b208a040d61efad7faba2f101475978c4ed7
.exe windows:5 windows x86 arch:x86

a36017ecde90d0c248377ab574d24ca2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\baihe\LineData\LineData\test\UT\.cpptest\LineData_UT\unit-data\current_tubf179707\LineData_UTTest.pdb

Imports

cpptestruntime

CppTest_IsCurrentTestCase
cpptestWStrLen
cpptestWStrNCmp
cpptestWStrToInteger
cpptestStrNCmp
cpptestTestSuiteEnd
cpptestGetIntPropertyEx
cpptestGetProperty
cpptestTestRunnerBegin
cpptestTestRunnerEnd
cpptest_enter_routine
cpptestFinalizeRuntime
cpptestAddProperty
cpptestUnhandledStructuredExceptionInThread
cpptestInitializeRuntime
CppTest_CmdLineToArgv
CppTest_FreeArgv
cpptestSetTestCaseBreakFuncPtr
cpptestUnhandledStructuredExceptionInTestCase
cpptestGetCurrentTestSuiteName
cpptestNoDsError
cpptestDsCsvErrorOpeningFile
cpptestListInit
cpptestCharToDigit
cpptestExpandableStringInit
cpptestExpandableStringDispose
cpptestStrDup
cpptestListPushBack
cpptestListClear
cpptestListGetIterator
cpptestListIteratorElement
cpptestListIteratorNext
cpptestDsCsvError
cpptestDsUnknownValue
cpptestDsMalloc
cpptestStrToBool
cpptestCoverageBlock
cpptestCoverageDend
cpptestStrToUInteger
cpptestStrToInteger
cpptestDsErrorInValue
cpptestStrLen
cpptestExpandableStringAppendChar
cpptestDsFree
cpptestLimitsGetMaxChar
cpptestPostConditionPtr
cpptestPostConditionInteger
cpptestPostConditionUInteger
cpptestLimitsGetMaxUnsignedInt
cpptestLimitsGetMaxUnsignedChar
cpptestAssertion
cpptestPtrEqualAssertion
cpptestLimitsGetMaxUnsignedShort
cpptestUIntegerEqualAssertion
cpptestIntegerEqualAssertion
cpptestStrCmp
cpptestTestCaseBegin
cpptestTestCaseEnd
cpptestTestSuiteBegin
cpptestIgnoreCurrStackElement
cpptestStackTraceFuncStartInfo
cpptestCoverageFunction
cpptestCoverageStmt
cpptestStackTraceStmtInfo
cpptestCoverageCond
cpptestStackTraceExitRoutine

msvcr100d

_onexit
_lock
__dllonexit
_unlock
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_crt_debugger_hook
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
__initenv
exit
_cexit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_except_handler4_common
_CRT_RTC_INITW
_set_error_mode
_CrtSetReportMode
_CrtSetReportFile
free
realloc
calloc
malloc
longjmp
_setjmp3
fopen
memset
fflush
__iob_func
clearerr
fread
strtod
strerror
_errno
ferror
strlen
fclose

cpptestsupplement

_SetErrorMode@4

kernel32

FreeLibrary
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryW
GetProcAddress
lstrlenA
RaiseException
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
EncodePointer
SetUnhandledExceptionFilter
GetCommandLineA

Sections

.textbss
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36017ecde90d0c248377ab574d24ca2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cpptestruntime

msvcr100d

cpptestsupplement

kernel32

Sections

.textbss Size: - Virtual size: 1.6MB

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 169KB - Virtual size: 169KB

.data Size: 18KB - Virtual size: 1.0MB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 269KB - Virtual size: 269KB

.textbss
Size: - Virtual size: 1.6MB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 169KB - Virtual size: 169KB

.data
Size: 18KB - Virtual size: 1.0MB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 269KB - Virtual size: 269KB