C:\Users\HP Pavilion\source\repos\DestructSafety\Release\DestructSafety.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2023gw1509-safety.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2023gw1509.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
2023gw1509.zip
-
Size
86KB
-
MD5
fe3c96b0554d75c70d9912233ae27246
-
SHA1
9fecd9d5bb2237b1ff60ca2d20bceb865d650881
-
SHA256
298fac8bf7434f0020848bded81cf92492ed290c1349e1338a6fbe2f87f1b249
-
SHA512
33d9f0e91bd4f52b41122b3572f3c46dad5def89461e57910ff423bc2d08693da36a22a0d75a0b561769d0f429d8c7b32cef654ded0afccba3fab32feb1c4842
-
SSDEEP
1536:U3LU27ghAK0I4PeLDhCEbapjBCib6u+DUWlLunXjyVsm:GkhB0LPeTOpVCib6u+DPunXjcz
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/2023gw1509-safety.exe unpack001/2023gw1509.exe
Files
-
2023gw1509.zip.zip
-
2023gw1509-safety.exe.exe windows:6 windows x86 arch:x86
b56b5f3fa76c49e52142438e0e4e950c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleW
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
ExitProcess
CreateThread
FreeConsole
Sleep
CloseHandle
TerminateThread
UnhandledExceptionFilter
GetCurrentProcessId
user32
GetWindowDC
SetCursorPos
ReleaseDC
GetCursorPos
BlockInput
GetSystemMetrics
MessageBoxW
GetDesktopWindow
GetDC
InvalidateRect
gdi32
CreateFontA
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
CreateCompatibleDC
PatBlt
StretchBlt
DeleteDC
SetTextColor
TextOutA
SetBkMode
Rectangle
Polygon
Ellipse
DeleteObject
CreateSolidBrush
winmm
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutWrite
msimg32
AlphaBlend
vcruntime140
__current_exception_context
memset
__current_exception
_except_handler4_common
api-ms-win-crt-utility-l1-1-0
srand
rand
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
terminate
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_initterm
_exit
exit
_initterm_e
api-ms-win-crt-math-l1-1-0
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
_CIfmod
__setusermatherr
_libm_sse2_sin_precise
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
_set_new_mode
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
2023gw1509.exe.exe windows:6 windows x86 arch:x86
d4cc6530e3d0f3acd298884fcd055349
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\HP Pavilion\source\repos\DestructSafety\Release\DestructSafety.pdb
Imports
kernel32
InitializeSListHead
IsDebuggerPresent
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
ExitProcess
GetProcAddress
WriteFile
CreateThread
LoadLibraryW
FreeConsole
CloseHandle
TerminateThread
Sleep
CreateFileW
GetStartupInfoW
UnhandledExceptionFilter
user32
BlockInput
GetWindowDC
GetSystemMetrics
MessageBoxW
GetDC
GetCursorPos
ReleaseDC
InvalidateRect
SetCursorPos
GetDesktopWindow
gdi32
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateFontA
SelectObject
CreateDIBSection
CreateCompatibleDC
PatBlt
DeleteDC
SetTextColor
TextOutA
SetBkMode
Rectangle
Polygon
Ellipse
DeleteObject
CreateSolidBrush
winmm
waveOutWrite
waveOutUnprepareHeader
waveOutClose
waveOutPrepareHeader
waveOutOpen
msimg32
AlphaBlend
vcruntime140
_except_handler4_common
memset
__current_exception_context
__current_exception
api-ms-win-crt-utility-l1-1-0
srand
rand
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
terminate
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_exit
exit
_initterm_e
_set_app_type
_seh_filter_exe
_initterm
system
_get_wide_winmain_command_line
_initialize_wide_environment
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-math-l1-1-0
_CIfmod
__setusermatherr
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_libm_sse2_sqrt_precise
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
_set_new_mode
Sections
.text Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
readme.txt