Static Analysis

PE Compile Time

2025-03-11 19:42:28

PDB Path

C:\Users\Utilizador\Desktop\Testingvulnerabilities\x64\Release\Testingvulnerabilities.pdb

PE Imphash

37b05c45ea1e37b5ebb61c54ca143fba

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000076d3 0x00007800 6.11301036691
.rdata 0x00009000 0x0000432a 0x00004400 4.78747620492
.data 0x0000e000 0x00000a50 0x00000400 3.68450721273
.pdata 0x0000f000 0x0000075c 0x00000800 4.1507422692
.rsrc 0x00010000 0x000001e0 0x00000200 4.693885808
.reloc 0x00011000 0x000000a8 0x00000200 2.27547446041

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x00010060 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library KERNEL32.dll:
0x140009040 CreateProcessA
0x140009048 RtlLookupFunctionEntry
0x140009050 InitializeSListHead
0x140009058 LocalFree
0x140009060 GetCurrentThreadId
0x140009068 GetCurrentProcessId
0x140009070 QueryPerformanceCounter
0x140009078 CloseHandle
0x140009080 GetModuleFileNameA
0x140009088 GetLastError
0x140009090 FormatMessageW
0x140009098 MultiByteToWideChar
0x1400090a0 LocalAlloc
0x1400090a8 GetCurrentProcess
0x1400090b0 GetSystemTimeAsFileTime
0x1400090b8 GetModuleHandleW
0x1400090c0 IsDebuggerPresent
0x1400090d0 TerminateProcess
0x1400090e0 UnhandledExceptionFilter
0x1400090e8 RtlVirtualUnwind
0x1400090f0 RtlCaptureContext
Library USER32.dll:
0x1400092c0 GetMessageA
0x1400092c8 DispatchMessageA
0x1400092d0 CreateWindowExA
0x1400092d8 TranslateMessage
Library ADVAPI32.dll:
0x140009000 SetEntriesInAclA
0x140009008 RegCloseKey
0x140009010 SetNamedSecurityInfoA
0x140009018 RegSetValueExA
0x140009020 OpenProcessToken
0x140009028 GetTokenInformation
0x140009030 RegOpenKeyExA
Library SHELL32.dll:
0x1400092a8 SHGetFolderPathA
0x1400092b0 SHGetFolderPathW
Library ole32.dll:
0x140009508 CoInitialize
0x140009510 CoCreateInstance
0x140009518 CoUninitialize
0x140009520 CLSIDFromProgID
Library OLEAUT32.dll:
0x140009288 VariantInit
0x140009290 SysAllocString
0x140009298 VariantClear
Library MSVCP140.dll:
0x140009100 ?_Xbad_alloc@std@@YAXXZ
0x140009110 ??1_Lockit@std@@QEAA@XZ
0x140009118 ??0_Lockit@std@@QEAA@H@Z
Library VCRUNTIME140_1.dll:
0x140009340 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x1400092e8 memset
0x1400092f0 __std_exception_destroy
0x1400092f8 __std_exception_copy
0x140009300 memmove
0x140009308 __current_exception
0x140009310 _CxxThrowException
0x140009318 __C_specific_handler
0x140009320 memcpy
0x140009330 __std_terminate
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x140009450 __p__commode
0x140009460 fwrite
0x140009468 fgetc
0x140009470 _fseeki64
0x140009478 fputc
0x140009480 fread
0x140009488 _set_fmode
0x140009490 fsetpos
0x140009498 ungetc
0x1400094a8 setvbuf
0x1400094b0 fflush
0x1400094b8 fclose
0x1400094c0 fgetpos
Library api-ms-win-crt-utility-l1-1-0.dll:
0x1400094f0 rand
0x1400094f8 srand
Library api-ms-win-crt-filesystem-l1-1-0.dll:
0x140009350 _unlock_file
0x140009358 _lock_file
Library api-ms-win-crt-time-l1-1-0.dll:
0x1400094e0 _time64
Library api-ms-win-crt-heap-l1-1-0.dll:
0x140009368 _set_new_mode
0x140009370 _callnewh
0x140009378 malloc
0x140009380 free
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x1400093b0 _configure_narrow_argv
0x1400093c0 _initialize_onexit_table
0x1400093d0 _crt_atexit
0x1400093d8 _seh_filter_exe
0x1400093e0 _set_app_type
0x1400093f8 _initterm
0x140009400 _initterm_e
0x140009408 exit
0x140009410 _exit
0x140009418 _cexit
0x140009420 __p___argc
0x140009428 __p___argv
0x140009430 _c_exit
0x140009440 terminate
Library api-ms-win-crt-math-l1-1-0.dll:
0x1400093a0 __setusermatherr
Library api-ms-win-crt-locale-l1-1-0.dll:
0x140009390 _configthreadlocale
Library api-ms-win-crt-string-l1-1-0.dll:
0x1400094d0 strcmp
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
L$ SUVWH
l$ VWAVH
|$ UATAUAVAWH
A_A^A]A\]
@UWAWH
UATAUAVAWH
A_A^A]A\]
WAVAWH
@SUVWAVH
L90u"H
0A^_^][
@SWAWH
A__[H
@UVAVH
0A^^]H
@SUVAVAWH
fD9<Zu
A_A^^][
@SWAVH
VWATAVAWH
0A_A^A\_^
@SUVAVH
(A^^][
(A^^][
@SUVAWH
(A_^][
@SVATAUH
8A]A\^[
@VWAUAVH
8A^A]_^
UVWATAUAVAWH
A_A^A]A\_^]
@SUVWATAVH
L+|$ L
HA^A\_^][
@VWAUAVAWH
0A_A^A]_^
u/HcH<H
bad allocation
Unknown exception
bad array new length
string too long
bad cast
MyStartupApp
[TaskScheduler Error]
Software\Microsoft\Windows\CurrentVersion\RunOnce
Auto-start application
CoInitialize
CLSIDFromProgID
CoCreateInstance(WScript.Shell)
SHGetFolderPathW
GetIDsOfNames(CreateShortcut)
Invoke(CreateShortcut)
SetProperty(TargetPath)
SetProperty(Description)
GetIDsOfNames(Save)
Booted
STATIC
Failed to open process token.
Failed to get token information size.
Failed to allocate memory for token information.
Failed to get token information.
SetEntriesInAcl failed:
SetNamedSecurityInfo failed:
Failed to open self for mutation.
Failed to write mutated file.
Failed to set file ownership and lock the file.
" -nomutate
Failed to launch mutated process.
-nomutate
Added to Registry RunOnce (will run at next logon).
Failed to add to Registry RunOnce.
Added to Startup Folder.
Failed to add to Startup Folder.
Added to Startup Folder via WScript.Shell method.
Failed to add to Startup Folder via WScript.Shell method.
invalid string position
vector too long
RSDS^?
C:\Users\Utilizador\Desktop\Testingvulnerabilities\x64\Release\Testingvulnerabilities.pdb
.text$di
.text$mn
.text$mn$00
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCL
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$voltmd
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
.rsrc$01
.rsrc$02
GetModuleFileNameA
GetCurrentProcess
LocalAlloc
MultiByteToWideChar
FormatMessageW
GetLastError
CloseHandle
LocalFree
CreateProcessA
KERNEL32.dll
TranslateMessage
CreateWindowExA
DispatchMessageA
GetMessageA
USER32.dll
GetTokenInformation
RegOpenKeyExA
OpenProcessToken
RegSetValueExA
SetNamedSecurityInfoA
RegCloseKey
SetEntriesInAclA
ADVAPI32.dll
SHGetFolderPathW
SHGetFolderPathA
SHELL32.dll
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
ole32.dll
OLEAUT32.dll
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
MSVCP140.dll
?_Xbad_alloc@std@@YAXXZ
__CxxFrameHandler4
__std_exception_destroy
__std_exception_copy
__std_terminate
memcpy
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset
VCRUNTIME140_1.dll
VCRUNTIME140.dll
__stdio_common_vswprintf_s
fflush
fclose
_unlock_file
_lock_file
fwrite
fgetpos
setvbuf
_time64
ungetc
fsetpos
_fseeki64
_invalid_parameter_noinfo_noreturn
_get_stream_buffer_pointers
malloc
_callnewh
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
__setusermatherr
_get_initial_narrow_environment
_initterm
_initterm_e
_set_fmode
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
terminate
api-ms-win-crt-stdio-l1-1-0.dll
api-ms-win-crt-utility-l1-1-0.dll
api-ms-win-crt-filesystem-l1-1-0.dll
api-ms-win-crt-time-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
api-ms-win-crt-locale-l1-1-0.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
memmove
strcmp
api-ms-win-crt-string-l1-1-0.dll
.?AVbad_alloc@std@@
.?AVbad_cast@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AVtype_info@@
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ifstream@DU?$char_traits@D@std@@@std@@
.?AVios_base@std@@
.?AV?$_Iosb@H@std@@
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
.?AV_com_error@@
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
"90}Z~
90pA{Fp
eum+Vf
wx&,H
tsBz\+
pz"!.W
5D?l\/
ePWJDg
r<g)3Vt
+2/EUV
+n/~tC#
4,N>"H
>{B<w]0HF
BHR|O69.
~IlJ]iX
VzvSf)
0$"Gph
cB>lf>
3[/9=t
yon@JS
i8n|i T
59>lm9k_yT
\r:].,
X9}+>=7
(]WivU[K
IDispatch error #%d
Unknown error 0x%0lX
MyStartupApp
WScript.Shell
CreateShortcut
TargetPath
)Auto-start application (via WScript)
Description
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
ClamAV Win.Malware.Tedy-10043980-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win64.Dropper.kh
ALYac Gen:Variant.Tedy.776330
Cylance Unsafe
Zillya Trojan.Agent.Win32.4202014
Sangfor Clean
CrowdStrike win/malicious_confidence_90% (D)
Alibaba Clean
K7GW Trojan ( 005c3a401 )
K7AntiVirus Trojan ( 005c3a401 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/Agent.AHGE
APEX Malicious
Avast Win64:MalwareX-gen [Misc]
Cynet Clean
Kaspersky HEUR:Trojan.Win64.Agent.gen
BitDefender Gen:Variant.Tedy.776330
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Gen:Variant.Tedy.776330
Tencent Trojan.Win64.Agent.16001895
Sophos Clean
F-Secure Trojan.TR/Agent.eotxz
DrWeb Clean
VIPRE Gen:Variant.Tedy.776330
TrendMicro Clean
McAfeeD ti!1D6DB7AB8659
Trapmine Clean
CTX exe.unknown.tedy
Emsisoft Gen:Variant.Tedy.776330 (B)
Ikarus Trojan.Win64.Clipbanker
GData Gen:Variant.Tedy.776330
Jiangmin Trojan.Agent.fcjr
Webroot Clean
Varist W64/Trojan3.ASKK
Avira TR/Agent.eotxz
Antiy-AVL GrayWare/Win32.Wacapew
Kingsoft Clean
Gridinsoft Trojan.Win64.Agent.oa!s1
Xcitium Clean
Arcabit Trojan.Tedy.DBD88A
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win64/Tedy.PGT!MTB
Google Detected
AhnLab-V3 Trojan/Win.Generic.R700341
Acronis Clean
VBA32 Trojan.Win64.Agent
TACHYON Clean
Malwarebytes Malware.AI.2854345165
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9f
Rising Trojan.Agent!1.12DA1 (CLASSIC)
Yandex Trojan.Agent!/6g+GVQH30Y
TrellixENS Trojan-FXND!4876C1C821F7
SentinelOne Clean
MaxSecure Trojan.Malware.121218.susgen
Fortinet W64/Agent.AHGE!tr
AVG Win64:MalwareX-gen [Misc]
DeepInstinct MALICIOUS
alibabacloud Clean
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win64:MalwareX-gen [Misc]
C4S ClamAV (Linux) Win.Malware.Tedy-10043980-0
Trellix (Linux) Trojan-FXND
Sophos Anti-Virus (Linux) Mal/Generic-S
Bitdefender Antivirus (Linux) Gen:Variant.Tedy.776330
G Data Antivirus (Windows) Virus: Gen:Variant.Tedy.776330 (Engine A)
WithSecure (Linux) Trojan.TR/Agent.eotxz
ESET Security (Windows) a variant of Win32/Agent.AHGE trojan
DrWeb Antivirus (Linux) Clean
ClamAV (Linux) Win.Malware.Tedy-10043980-0
eScan Antivirus (Linux) Gen:Variant.Tedy.776330(DB)
Kaspersky Standard (Windows) HEUR:Trojan.Win64.Agent.gen
Emsisoft Commandline Scanner (Windows) Gen:Variant.Tedy.776330 (B)
Cuckoo

We're processing your submission... This could take a few seconds.