Source: V5VGF7qJK1.exe |
Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE |
Source: |
Binary string: D:\a\1\s\Recognizer\out\build\x64-release\bin\RelWithDebInfo\storestub.pdbGCTL source: V5VGF7qJK1.exe |
Source: |
Binary string: D:\a\1\s\Recognizer\out\build\x64-release\bin\RelWithDebInfo\storestub.pdb source: V5VGF7qJK1.exe |
Source: classification engine |
Classification label: clean2.winEXE@1/0@0/0 |
Source: V5VGF7qJK1.exe |
Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: V5VGF7qJK1.exe |
Static PE information: Image base 0x140000000 > 0x60000000 |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT |
Source: V5VGF7qJK1.exe |
Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE |
Source: V5VGF7qJK1.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: |
Binary string: D:\a\1\s\Recognizer\out\build\x64-release\bin\RelWithDebInfo\storestub.pdbGCTL source: V5VGF7qJK1.exe |
Source: |
Binary string: D:\a\1\s\Recognizer\out\build\x64-release\bin\RelWithDebInfo\storestub.pdb source: V5VGF7qJK1.exe |
Source: V5VGF7qJK1.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata |
Source: V5VGF7qJK1.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc |
Source: V5VGF7qJK1.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc |
Source: V5VGF7qJK1.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata |
Source: V5VGF7qJK1.exe |
Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata |
Source: V5VGF7qJK1.exe |
Static PE information: section name: _RDATA |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
API coverage: 2.5 % |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Code function: 0_2_00007FF7E7C217B4 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00007FF7E7C217B4 |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Code function: 0_2_00007FF7E7C212B4 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess, |
0_2_00007FF7E7C212B4 |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Code function: 0_2_00007FF7E7C217B4 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter, |
0_2_00007FF7E7C217B4 |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Code function: 0_2_00007FF7E7C21998 SetUnhandledExceptionFilter, |
0_2_00007FF7E7C21998 |
Source: C:\Users\user\Desktop\V5VGF7qJK1.exe |
Code function: 0_2_00007FF7E7C21688 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter, |
0_2_00007FF7E7C21688 |