C:\vmagent_new\bin\joblist\621000\out\Release\360FileChecker.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0e4fc8e09d8bfa3094bc9859c63eaee96d036fc5513c2576101a3dde06b289ca.exe
Resource
win7-20240508-en
windows7-x64
16 signatures
150 seconds
General
-
Target
0e4fc8e09d8bfa3094bc9859c63eaee96d036fc5513c2576101a3dde06b289ca
-
Size
505KB
-
MD5
13162c54c4d8e425799ab947e57df82b
-
SHA1
02e7518ebc738d1be6c6079701b47d12f76ee33b
-
SHA256
0e4fc8e09d8bfa3094bc9859c63eaee96d036fc5513c2576101a3dde06b289ca
-
SHA512
f7aad4cde66b4414ef7a5fb7e09032d4423932a5803d366876fb7d1e6686c8e48329a8d7d59c1c8eb88bd77a92ed7f6f7a7ae0d02cf981a2554b5f12118da57f
-
SSDEEP
12288:FMsi9TgKPChlEiYOAkycjo+ZToV0vloD29/:FQgKCYLtcPo+o29/
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 0e4fc8e09d8bfa3094bc9859c63eaee96d036fc5513c2576101a3dde06b289ca
Files
-
0e4fc8e09d8bfa3094bc9859c63eaee96d036fc5513c2576101a3dde06b289ca.exe windows:5 windows x86 arch:x86
e0f999b22b2ae4b85664683c874ed5a3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
CreateFileW
GetFileSizeEx
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileAttributesA
GetTempPathW
GetVersion
GetCommandLineW
SetFilePointer
GlobalLock
SetEvent
GetTickCount
WriteFile
GlobalAlloc
ReadFile
GlobalUnlock
CreateEventW
GetCurrentProcessId
GetTempFileNameW
FindClose
DeleteFileW
WaitForSingleObject
WaitForMultipleObjects
InterlockedExchange
DeviceIoControl
FindResourceExW
GetModuleHandleExW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetStringTypeA
GetStartupInfoA
GetFileType
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
GetStringTypeW
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
CreateThread
ExitThread
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsAlloc
ReleaseMutex
HeapWalk
HeapLock
OpenThread
HeapUnlock
TlsSetValue
OutputDebugStringW
TlsGetValue
SetFilePointerEx
SetEndOfFile
CloseHandle
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
LockResource
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
ExitProcess
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
MulDiv
LeaveCriticalSection
GetVersionExW
SizeofResource
Sleep
LoadLibraryW
GetSystemDirectoryW
InitializeCriticalSection
GetModuleHandleW
InterlockedCompareExchange
GetSystemWindowsDirectoryW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
LoadResource
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetLocaleInfoA
FreeLibrary
FindResourceW
FreeResource
CreateMutexW
GetConsoleMode
user32
SetWindowLongW
ReleaseDC
ShowWindow
TranslateMessage
GetDC
CharNextW
CreateDialogParamW
GetActiveWindow
MessageBoxW
DefWindowProcW
UnregisterClassA
DispatchMessageW
EndPaint
BeginPaint
GetClassInfoW
RegisterClassW
CallWindowProcW
LoadCursorW
RegisterClassExW
IntersectRect
CreateWindowExW
PeekMessageW
GetWindowTextLengthW
CloseClipboard
SetTimer
GetWindowRect
PostQuitMessage
LoadImageW
DrawTextW
KillTimer
DialogBoxParamW
GetParent
GetClientRect
IsDialogMessageW
InvalidateRect
GetWindowLongW
GetWindowTextW
EmptyClipboard
MonitorFromWindow
GetDlgItem
SetWindowPos
IsWindow
OpenClipboard
GetSystemMetrics
MapWindowPoints
EnableWindow
SetClipboardData
SetWindowTextW
GetMonitorInfoW
GetWindow
MoveWindow
PostMessageW
SendMessageW
FindWindowExW
DestroyWindow
GetMessageW
EndDialog
gdi32
SetBkColor
ExtTextOutW
CreateDIBSection
DeleteObject
GetObjectW
SetStretchBltMode
GetTextExtentPointW
DeleteDC
SelectObject
CreateFontW
GetDeviceCaps
CreateCompatibleDC
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
CheckTokenMembership
RegOpenKeyExW
FreeSid
AllocateAndInitializeSid
RegQueryValueExW
shell32
ShellExecuteW
DragQueryFileW
ole32
OleInitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
oleaut32
VariantInit
SysAllocString
VariantClear
SysAllocStringByteLen
SysStringLen
VarUI4FromStr
SysStringByteLen
SysFreeString
version
VerQueryValueW
shlwapi
PathRemoveFileSpecW
PathIsRelativeW
PathAppendW
PathCombineW
SHGetValueW
PathCanonicalizeW
PathFileExistsW
comctl32
InitCommonControlsEx
ord17
msimg32
AlphaBlend
gdiplus
GdiplusShutdown
GdiplusStartup
Sections
.text Size: 248KB - Virtual size: 247KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 10KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 103KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 88KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE