c:\TEMP\tbb.2013_10_02T13_21_17_0500fxeowin18\build\fxeowin18vc10_32_mt_release\tbb.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34.dll
Resource
win7-20240508-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
7 signatures
150 seconds
General
-
Target
f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34
-
Size
424KB
-
MD5
4af4f3666ccdefddc9ccf9ba7a7a549c
-
SHA1
1a97245dd601ea82bed3c5475565d9678beef772
-
SHA256
f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34
-
SHA512
dfac6088677e15b732aea519d8db518aa1a2d052e24e1da4fda9890b55f6788358c360dc3a759814efa3ad6b8fe62a90807f15685e81a0af70f6c245ad46c5ca
-
SSDEEP
12288:CAxQYR/OYEFH37Qghy6nKJoDBQ/DwBjvrEH7Tf:tP2h6oDCerEH7Tf
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34
Files
-
f7becf3fa06006d4f12f7c6b04cdded8ceed0d97cca3b76157d157d3f6257b34.dll windows:5 windows x86 arch:x86
820a6527e9e9983cd5eb03c107a7ed6f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
SwitchToThread
CloseHandle
WaitForSingleObjectEx
SetEvent
GetProcAddress
GetModuleFileNameA
GetLastError
GetModuleHandleExA
FreeLibrary
LoadLibraryA
SetErrorMode
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
lstrcmpA
GetCurrentThreadId
GetEnvironmentVariableA
lstrcpynA
CreateSemaphoreW
ReleaseSemaphore
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
CreateEventA
QueryPerformanceFrequency
ResetEvent
SetLastError
QueryPerformanceCounter
Sleep
ResumeThread
FormatMessageA
GetCurrentThread
GetProcessAffinityMask
GetCurrentProcess
GetNativeSystemInfo
CreateEventW
DecodePointer
EncodePointer
RtlUnwind
RaiseException
HeapAlloc
HeapFree
ExitThread
CreateThread
GetModuleHandleW
ExitProcess
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
IsProcessorFeaturePresent
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
FatalAppExitA
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryW
SetHandleCount
GetFileType
GetStartupInfoW
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
CompareStringW
SetEnvironmentVariableA
LCMapStringW
GetStringTypeW
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
Exports
Exports
??0concurrent_queue_base@internal@tbb@@IAE@I@Z
??0concurrent_queue_base_v3@internal@tbb@@IAE@I@Z
??0concurrent_queue_iterator_base@internal@tbb@@IAE@ABVconcurrent_queue_base@12@@Z
??0concurrent_queue_iterator_base_v3@internal@tbb@@IAE@ABVconcurrent_queue_base_v3@12@@Z
??0concurrent_queue_iterator_base_v3@internal@tbb@@IAE@ABVconcurrent_queue_base_v3@12@I@Z
??0pipeline@tbb@@QAE@XZ
??1captured_exception@tbb@@UAE@XZ
??1concurrent_queue_base@internal@tbb@@MAE@XZ
??1concurrent_queue_base_v3@internal@tbb@@MAE@XZ
??1concurrent_queue_iterator_base@internal@tbb@@IAE@XZ
??1concurrent_queue_iterator_base_v3@internal@tbb@@IAE@XZ
??1concurrent_vector_base_v3@internal@tbb@@IAE@XZ
??1filter@tbb@@UAE@XZ
??1pipeline@tbb@@UAE@XZ
??1task_group_context@tbb@@QAE@XZ
??_7pipeline@tbb@@6B@
?NFS_Allocate@internal@tbb@@YAPAXIIPAX@Z
?NFS_Free@internal@tbb@@YAXPAX@Z
?NFS_GetLineSize@internal@tbb@@YAIXZ
?acquire@scoped_lock@queuing_mutex@tbb@@QAEXAAV23@@Z
?acquire@scoped_lock@queuing_rw_mutex@tbb@@QAEXAAV23@_N@Z
?add_filter@pipeline@tbb@@QAEXAAVfilter@2@@Z
?advance@concurrent_queue_iterator_base@internal@tbb@@IAEXXZ
?advance@concurrent_queue_iterator_base_v3@internal@tbb@@IAEXXZ
?allocate@allocate_additional_child_of_proxy@internal@tbb@@QBEAAVtask@3@I@Z
?allocate@allocate_child_proxy@internal@tbb@@QBEAAVtask@3@I@Z
?allocate@allocate_continuation_proxy@internal@tbb@@QBEAAVtask@3@I@Z
?allocate@allocate_root_proxy@internal@tbb@@SAAAVtask@3@I@Z
?allocate@allocate_root_with_context_proxy@internal@tbb@@QBEAAVtask@3@I@Z
?allocate_closure_v3@internal@tbb@@YAPAXI@Z
?allocate_via_handler_v3@internal@tbb@@YAPAXI@Z
?assertion_failure@tbb@@YAXPBDH00@Z
?assign@concurrent_queue_base_v3@internal@tbb@@IAEXABV123@@Z
?assign@concurrent_queue_iterator_base@internal@tbb@@IAEXABV123@@Z
?assign@concurrent_queue_iterator_base_v3@internal@tbb@@IAEXABV123@@Z
?call_itt_notify_v5@internal@tbb@@YAXHPAX@Z
?cancel_group_execution@task_group_context@tbb@@QAE_NXZ
?change_group@task@tbb@@QAEXAAVtask_group_context@2@@Z
?clear@captured_exception@tbb@@QAEXXZ
?clear@pipeline@tbb@@QAEXXZ
?deallocate_via_handler_v3@internal@tbb@@YAXPAX@Z
?default_num_threads@task_scheduler_init@tbb@@SAHXZ
?destroy@captured_exception@tbb@@UAEXXZ
?destroy@task@tbb@@QAEXAAV12@@Z
?destroy@task_base@internal@interface5@tbb@@SAXAAVtask@4@@Z
?detach@tbb_thread_v3@internal@tbb@@QAEXXZ
?downgrade_to_reader@scoped_lock@queuing_rw_mutex@tbb@@QAE_NXZ
?free@allocate_additional_child_of_proxy@internal@tbb@@QBEXAAVtask@3@@Z
?free@allocate_child_proxy@internal@tbb@@QBEXAAVtask@3@@Z
?free@allocate_continuation_proxy@internal@tbb@@QBEXAAVtask@3@@Z
?free@allocate_root_proxy@internal@tbb@@SAXAAVtask@3@@Z
?free@allocate_root_with_context_proxy@internal@tbb@@QBEXAAVtask@3@@Z
?free_closure_v3@internal@tbb@@YAXPAX@Z
?get_initial_auto_partitioner_divisor@internal@tbb@@YAIXZ
?handle_perror@internal@tbb@@YAXHPBD@Z
?hardware_concurrency@tbb_thread_v3@internal@tbb@@SAIXZ
?init@task_group_context@tbb@@IAEXXZ
?initialize@task_scheduler_init@tbb@@QAEXH@Z
?initialize@task_scheduler_init@tbb@@QAEXHI@Z
?inject_token@pipeline@tbb@@AAEXAAVtask@2@@Z
?internal_abort@concurrent_queue_base_v3@internal@tbb@@IAEXXZ
?internal_acquire@scoped_lock@mutex@tbb@@AAEXAAV23@@Z
?internal_acquire@scoped_lock@recursive_mutex@tbb@@AAEXAAV23@@Z
?internal_acquire@scoped_lock@spin_mutex@tbb@@AAEXAAV23@@Z
?internal_acquire_reader@spin_rw_mutex@tbb@@CAXPAV12@@Z
?internal_acquire_reader@spin_rw_mutex_v3@tbb@@AAEXXZ
?internal_acquire_writer@spin_rw_mutex@tbb@@CA_NPAV12@@Z
?internal_acquire_writer@spin_rw_mutex_v3@tbb@@AAE_NXZ
?internal_assign@concurrent_vector_base@internal@tbb@@IAEXABV123@IP6AXPAXI@ZP6AX1PBXI@Z4@Z
?internal_assign@concurrent_vector_base_v3@internal@tbb@@IAEXABV123@IP6AXPAXI@ZP6AX1PBXI@Z4@Z
?internal_capacity@concurrent_vector_base@internal@tbb@@IBEIXZ
?internal_capacity@concurrent_vector_base_v3@internal@tbb@@IBEIXZ
?internal_clear@concurrent_vector_base@internal@tbb@@IAEXP6AXPAXI@Z_N@Z
?internal_clear@concurrent_vector_base_v3@internal@tbb@@IAEIP6AXPAXI@Z@Z
?internal_compact@concurrent_vector_base_v3@internal@tbb@@IAEPAXIPAXP6AX0I@ZP6AX0PBXI@Z@Z
?internal_condition_variable_notify_all@internal@interface5@tbb@@YAXAATcondvar_impl_t@123@@Z
?internal_condition_variable_notify_one@internal@interface5@tbb@@YAXAATcondvar_impl_t@123@@Z
?internal_condition_variable_wait@internal@interface5@tbb@@YA_NAATcondvar_impl_t@123@PAVmutex@3@PBVinterval_t@tick_count@3@@Z
?internal_construct@critical_section_v4@internal@tbb@@QAEXXZ
?internal_construct@mutex@tbb@@AAEXXZ
?internal_construct@queuing_mutex@tbb@@QAEXXZ
?internal_construct@queuing_rw_mutex@tbb@@QAEXXZ
?internal_construct@reader_writer_lock@interface5@tbb@@AAEXXZ
?internal_construct@recursive_mutex@tbb@@AAEXXZ
?internal_construct@scoped_lock@reader_writer_lock@interface5@tbb@@AAEXAAV234@@Z
?internal_construct@scoped_lock_read@reader_writer_lock@interface5@tbb@@AAEXAAV234@@Z
?internal_construct@spin_mutex@tbb@@QAEXXZ
?internal_construct@spin_rw_mutex_v3@tbb@@AAEXXZ
?internal_copy@concurrent_vector_base@internal@tbb@@IAEXABV123@IP6AXPAXPBXI@Z@Z
?internal_copy@concurrent_vector_base_v3@internal@tbb@@IAEXABV123@IP6AXPAXPBXI@Z@Z
?internal_current_slot@task_arena_base@internal@interface7@tbb@@KAHXZ
?internal_decrement_ref_count@task@tbb@@AAEHXZ
?internal_destroy@mutex@tbb@@AAEXXZ
?internal_destroy@reader_writer_lock@interface5@tbb@@AAEXXZ
?internal_destroy@recursive_mutex@tbb@@AAEXXZ
?internal_destroy@scoped_lock@reader_writer_lock@interface5@tbb@@AAEXXZ
?internal_destroy@scoped_lock_read@reader_writer_lock@interface5@tbb@@AAEXXZ
?internal_destroy_condition_variable@internal@interface5@tbb@@YAXAATcondvar_impl_t@123@@Z
?internal_downgrade@spin_rw_mutex@tbb@@CAXPAV12@@Z
?internal_downgrade@spin_rw_mutex_v3@tbb@@AAEXXZ
?internal_empty@concurrent_queue_base_v3@internal@tbb@@IBE_NXZ
?internal_enqueue@task_arena_base@internal@interface7@tbb@@IBEXAAVtask@4@H@Z
?internal_execute@task_arena_base@internal@interface7@tbb@@IBEXAAVdelegate_base@234@@Z
?internal_finish_clear@concurrent_queue_base_v3@internal@tbb@@IAEXXZ
?internal_grow_by@concurrent_vector_base@internal@tbb@@IAEIIIP6AXPAXI@Z@Z
?internal_grow_by@concurrent_vector_base_v3@internal@tbb@@IAEIIIP6AXPAXPBXI@Z1@Z
?internal_grow_predicate@hash_map_segment_base@internal@tbb@@QBE_NXZ
?internal_grow_to_at_least@concurrent_vector_base@internal@tbb@@IAEXIIP6AXPAXI@Z@Z
?internal_grow_to_at_least@concurrent_vector_base_v3@internal@tbb@@IAEXIIP6AXPAXPBXI@Z1@Z
?internal_grow_to_at_least_with_result@concurrent_vector_base_v3@internal@tbb@@IAEIIIP6AXPAXPBXI@Z1@Z
?internal_initialize@task_arena_base@internal@interface7@tbb@@IAEXXZ
?internal_initialize_condition_variable@internal@interface5@tbb@@YAXAATcondvar_impl_t@123@@Z
?internal_itt_releasing@spin_rw_mutex@tbb@@CAXPAV12@@Z
?internal_pop@concurrent_queue_base@internal@tbb@@IAEXPAX@Z
?internal_pop@concurrent_queue_base_v3@internal@tbb@@IAEXPAX@Z
?internal_pop_if_present@concurrent_queue_base@internal@tbb@@IAE_NPAX@Z
?internal_pop_if_present@concurrent_queue_base_v3@internal@tbb@@IAE_NPAX@Z
?internal_push@concurrent_queue_base@internal@tbb@@IAEXPBX@Z
?internal_push@concurrent_queue_base_v3@internal@tbb@@IAEXPBX@Z
?internal_push_back@concurrent_vector_base@internal@tbb@@IAEPAXIAAI@Z
?internal_push_back@concurrent_vector_base_v3@internal@tbb@@IAEPAXIAAI@Z
?internal_push_if_not_full@concurrent_queue_base@internal@tbb@@IAE_NPBX@Z
?internal_push_if_not_full@concurrent_queue_base_v3@internal@tbb@@IAE_NPBX@Z
?internal_release@scoped_lock@mutex@tbb@@AAEXXZ
?internal_release@scoped_lock@recursive_mutex@tbb@@AAEXXZ
?internal_release@scoped_lock@spin_mutex@tbb@@AAEXXZ
?internal_release_reader@spin_rw_mutex@tbb@@CAXPAV12@@Z
?internal_release_reader@spin_rw_mutex_v3@tbb@@AAEXXZ
?internal_release_writer@spin_rw_mutex@tbb@@CAXPAV12@@Z
?internal_release_writer@spin_rw_mutex_v3@tbb@@AAEXXZ
?internal_reserve@concurrent_vector_base@internal@tbb@@IAEXIII@Z
?internal_reserve@concurrent_vector_base_v3@internal@tbb@@IAEXIII@Z
?internal_resize@concurrent_vector_base_v3@internal@tbb@@IAEXIIIPBXP6AXPAXI@ZP6AX10I@Z@Z
?internal_set_capacity@concurrent_queue_base@internal@tbb@@IAEXHI@Z
?internal_set_capacity@concurrent_queue_base_v3@internal@tbb@@IAEXHI@Z
?internal_set_ref_count@task@tbb@@AAEXH@Z
?internal_size@concurrent_queue_base@internal@tbb@@IBEHXZ
?internal_size@concurrent_queue_base_v3@internal@tbb@@IBEHXZ
?internal_start@tbb_thread_v3@internal@tbb@@AAEXP6GIPAX@Z0@Z
?internal_swap@concurrent_vector_base_v3@internal@tbb@@IAEXAAV123@@Z
?internal_terminate@task_arena_base@internal@interface7@tbb@@IAEXXZ
?internal_throw_exception@concurrent_queue_base_v3@internal@tbb@@IBEXXZ
?internal_throw_exception@concurrent_vector_base_v3@internal@tbb@@IBEXI@Z
?internal_try_acquire@scoped_lock@mutex@tbb@@AAE_NAAV23@@Z
?internal_try_acquire@scoped_lock@recursive_mutex@tbb@@AAE_NAAV23@@Z
?internal_try_acquire@scoped_lock@spin_mutex@tbb@@AAE_NAAV23@@Z
?internal_try_acquire_reader@spin_rw_mutex@tbb@@CA_NPAV12@@Z
?internal_try_acquire_reader@spin_rw_mutex_v3@tbb@@AAE_NXZ
?internal_try_acquire_writer@spin_rw_mutex@tbb@@CA_NPAV12@@Z
?internal_try_acquire_writer@spin_rw_mutex_v3@tbb@@AAE_NXZ
?internal_upgrade@spin_rw_mutex@tbb@@CA_NPAV12@@Z
?internal_upgrade@spin_rw_mutex_v3@tbb@@AAE_NXZ
?internal_wait@task_arena_base@internal@interface7@tbb@@IBEXXZ
?is_group_execution_cancelled@task_group_context@tbb@@QBE_NXZ
?is_malloc_used_v3@internal@tbb@@YA_NXZ
?is_owned_by_current_thread@task@tbb@@QBE_NXZ
?itt_load_pointer_v3@internal@tbb@@YAPAXPBX@Z
?itt_load_pointer_with_acquire_v3@internal@tbb@@YAPAXPBX@Z
?itt_set_sync_name_v3@internal@tbb@@YAXPAXPB_W@Z
?itt_store_pointer_with_release_v3@internal@tbb@@YAXPAX0@Z
?join@tbb_thread_v3@internal@tbb@@QAEXXZ
?lock@reader_writer_lock@interface5@tbb@@QAEXXZ
?lock_read@reader_writer_lock@interface5@tbb@@QAEXXZ
?move@captured_exception@tbb@@UAEPAV12@XZ
?move_v3@internal@tbb@@YAXAAVtbb_thread_v3@12@0@Z
?name@captured_exception@tbb@@UBEPBDXZ
?note_affinity@task@tbb@@UAEXG@Z
?observe@task_scheduler_observer_v3@internal@tbb@@QAEX_N@Z
?priority@task_group_context@tbb@@QBE?AW4priority_t@2@XZ
?process_item@thread_bound_filter@tbb@@QAE?AW4result_type@12@XZ
?register_pending_exception@task_group_context@tbb@@QAEXXZ
?release@scoped_lock@queuing_mutex@tbb@@QAEXXZ
?release@scoped_lock@queuing_rw_mutex@tbb@@QAEXXZ
?reset@task_group_context@tbb@@QAEXXZ
?resize@affinity_partitioner_base_v3@internal@tbb@@AAEXI@Z
?run@pipeline@tbb@@QAEXI@Z
?run@pipeline@tbb@@QAEXIAAVtask_group_context@2@@Z
?runtime_warning@internal@tbb@@YAXPBDZZ
?self@task@tbb@@SAAAV12@XZ
?set@captured_exception@tbb@@QAEXPBD0@Z
?set_assertion_handler@tbb@@YAP6AXPBDH00@ZP6AX0H00@Z@Z
?set_end_of_input@filter@tbb@@IAEXXZ
?set_priority@task_group_context@tbb@@QAEXW4priority_t@2@@Z
?spawn_and_wait_for_all@task@tbb@@QAEXAAVtask_list@2@@Z
?terminate@task_scheduler_init@tbb@@QAEXXZ
?thread_get_id_v3@internal@tbb@@YA?AVid@tbb_thread_v3@12@XZ
?thread_sleep_v3@internal@tbb@@YAXABVinterval_t@tick_count@2@@Z
?thread_yield_v3@internal@tbb@@YAXXZ
?throw_bad_last_alloc_exception_v4@internal@tbb@@YAXXZ
?throw_exception_v4@internal@tbb@@YAXW4exception_id@12@@Z
?try_acquire@scoped_lock@queuing_mutex@tbb@@QAE_NAAV23@@Z
?try_acquire@scoped_lock@queuing_rw_mutex@tbb@@QAE_NAAV23@_N@Z
?try_lock@reader_writer_lock@interface5@tbb@@QAE_NXZ
?try_lock_read@reader_writer_lock@interface5@tbb@@QAE_NXZ
?try_process_item@thread_bound_filter@tbb@@QAE?AW4result_type@12@XZ
?unlock@reader_writer_lock@interface5@tbb@@QAEXXZ
?upgrade_to_writer@scoped_lock@queuing_rw_mutex@tbb@@QAE_NXZ
?what@bad_last_alloc@tbb@@UBEPBDXZ
?what@captured_exception@tbb@@UBEPBDXZ
?what@improper_lock@tbb@@UBEPBDXZ
?what@invalid_multiple_scheduling@tbb@@UBEPBDXZ
?what@missing_wait@tbb@@UBEPBDXZ
?what@user_abort@tbb@@UBEPBDXZ
TBB_runtime_interface_version
__TBB_machine_cmpswp8
__TBB_machine_fetchadd8
__TBB_machine_fetchstore8
__TBB_machine_load8
__TBB_machine_store8
__TBB_machine_try_lock_elided
__TBB_machine_trylockbyte
__TBB_machine_unlock_elided
Sections
.text Size: 246KB - Virtual size: 246KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ