Architecture |
IMAGE_FILE_MACHINE_AMD64
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2021-Jul-30 19:43:56 |
Detected languages |
English - United States
|
Debug artifacts |
c:\pl\output\CPUEater.pdb
|
Comments | CPUEater ProBalance Demo |
FileDescription | CPUEater ProBalance Demo |
InternalName | cpueater.exe |
OriginalFilename | cpueater.exe |
ProductName | Process Lasso |
CompanyName | Bitsum LLC |
FileVersion | |
LegalCopyright | (c)2021 Bitsum LLC |
ProductVersion | 10.2.0.34 |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains references to security software:
|
Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Bitsum Technologies (Bitsum LLC)
Issuer: DigiCert EV Code Signing CA (SHA2) |
Suspicious | VirusTotal score: 1/68 (Scanned on 2022-05-25 18:34:14) | APEX: Malicious |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x120 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_AMD64
|
NumberofSections | 7 |
TimeDateStamp | 2021-Jul-30 19:43:56 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xf0 |
Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32+ |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x42000 |
SizeOfInitializedData | 0x35000 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x0000000000024B18 (Section: .text) |
BaseOfCode | 0x1000 |
ImageBase | 0x140000000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 6.0 |
ImageVersion | 4.0 |
SubsystemVersion | 5.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x7b000 |
SizeOfHeaders | 0x400 |
Checksum | 0x76ffd |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
COMCTL32.dll |
#17
InitCommonControlsEx |
---|---|
KERNEL32.dll |
DecodePointer
GetLastError GetSystemInfo GetNumaHighestNodeNumber GetNumaNodeProcessorMask HeapDestroy HeapSize HeapReAlloc HeapFree HeapAlloc GetProcessHeap SizeofResource LockResource LoadResource InitializeCriticalSectionEx FindResourceW OpenProcess CloseHandle InitializeCriticalSectionAndSpinCount DeleteCriticalSection CreateEventW CreateThread GetStartupInfoW GetFileAttributesW CreateProcessW GetModuleFileNameW GetModuleHandleW WaitForSingleObject GetSystemTimeAsFileTime RaiseException LoadLibraryW MultiByteToWideChar GetCurrentProcess GetExitCodeProcess TerminateProcess SetEvent OpenEventW OpenMutexW GetPriorityClass GetThreadPriority SetThreadPriorityBoost GetCurrentThread SetThreadPriority FindResourceExW ExitProcess WriteConsoleW GetConsoleMode GetConsoleOutputCP LocalFree VerSetConditionMask VerifyVersionInfoW CreateFileW GetFileSize GetCurrentProcessId SetLastError GetProcAddress GetVolumeNameForVolumeMountPointW DeleteFileW WideCharToMultiByte GetLogicalProcessorInformationEx GetActiveProcessorCount GetActiveProcessorGroupCount GetUserDefaultUILanguage FreeLibrary InitializeCriticalSection EnterCriticalSection LeaveCriticalSection Sleep LocalAlloc ResetEvent GetTickCount GetFileTime ReadFile WriteFile FlushFileBuffers SetEndOfFile FindNextFileW TryEnterCriticalSection GetVersionExW MulDiv GlobalAlloc GlobalLock GlobalUnlock LocalLock LocalUnlock IsDebuggerPresent OutputDebugStringW InitializeSRWLock ReleaseSRWLockExclusive AcquireSRWLockExclusive GetCurrentThreadId GetStringTypeW QueryPerformanceCounter SetPriorityClass EncodePointer GetCPInfo WaitForSingleObjectEx RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind UnhandledExceptionFilter SetUnhandledExceptionFilter IsProcessorFeaturePresent InitializeSListHead RtlUnwindEx RtlPcToFileHeader TlsAlloc TlsGetValue TlsSetValue TlsFree LoadLibraryExW GetModuleHandleExW GetStdHandle GetFileType LCMapStringW SetFilePointerEx FindClose FindFirstFileExW IsValidCodePage GetACP GetOEMCP GetCommandLineA GetCommandLineW GetEnvironmentStringsW FreeEnvironmentStringsW SetStdHandle |
USER32.dll |
GetSysColor
GetDialogBaseUnits GetSystemMetrics DrawTextW DestroyIcon GetClientRect FillRect IsWindow GetClassNameW EnableMenuItem GetSystemMenu SetFocus SetWindowPos GetWindowRect MoveWindow GetParent SetWindowTextW WinHelpW RedrawWindow OpenClipboard EmptyClipboard SetClipboardData CloseClipboard GetAsyncKeyState CreateDialogIndirectParamW PeekMessageW IsDialogMessageW WaitMessage DestroyWindow DialogBoxParamW GetDlgItem EnableWindow SendMessageW DrawIcon SetDlgItemTextW EndPaint BeginPaint RegisterClassExW DefWindowProcW PostQuitMessage KillTimer DispatchMessageW TranslateMessage GetMessageW LoadStringW SetForegroundWindow GetDlgItemInt IsWindowVisible SetTimer SystemParametersInfoW CreateWindowExW AllowSetForegroundWindow SetDlgItemInt LoadIconW GetWindowLongPtrW EndDialog PostMessageW MessageBoxW SetWindowLongPtrW IsDlgButtonChecked CheckDlgButton GetDlgItemTextW MessageBeep GetLastActivePopup GetActiveWindow SetRect GetWindow IsWindowEnabled ShowWindow GetWindowTextW |
GDI32.dll |
CreateSolidBrush
CreateDCW DeleteDC DeleteObject SetBkColor SetTextColor CreateFontIndirectW GetTextExtentPoint32W SelectObject |
ADVAPI32.dll |
SetSecurityDescriptorDacl
RegEnumKeyExW RegQueryInfoKeyW RegOpenKeyExW RegSetValueExW RegCloseKey RegQueryValueExW RegCreateKeyExW InitializeSecurityDescriptor |
OLEAUT32.dll |
SysFreeString
VariantClear |
RPCRT4.dll |
UuidFromStringW
|
SHELL32.dll |
SHGetSpecialFolderPathW
SHCreateDirectoryExW |
ole32.dll |
CoInitializeEx
StringFromGUID2 |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 10.2.0.34 |
ProductVersion | 10.2.0.34 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
Comments | CPUEater ProBalance Demo |
FileDescription | CPUEater ProBalance Demo |
InternalName | cpueater.exe |
OriginalFilename | cpueater.exe |
ProductName | Process Lasso |
CompanyName | Bitsum LLC |
FileVersion (#2) | |
LegalCopyright | (c)2021 Bitsum LLC |
ProductVersion (#2) | 10.2.0.34 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Jul-30 19:43:56 |
Version | 0.0 |
SizeofData | 50 |
AddressOfRawData | 0x55600 |
PointerToRawData | 0x54a00 |
Referenced File | c:\pl\output\CPUEater.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Jul-30 19:43:56 |
Version | 0.0 |
SizeofData | 20 |
AddressOfRawData | 0x55634 |
PointerToRawData | 0x54a34 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Jul-30 19:43:56 |
Version | 0.0 |
SizeofData | 1008 |
AddressOfRawData | 0x55648 |
PointerToRawData | 0x54a48 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Jul-30 19:43:56 |
Version | 0.0 |
SizeofData | 0 |
AddressOfRawData | 0 |
PointerToRawData | 0 |
StartAddressOfRawData | 0x140055a58 |
---|---|
EndAddressOfRawData | 0x140055a60 |
AddressOfIndex | 0x14005cdcc |
AddressOfCallbacks | 0x140043880 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
Callbacks | (EMPTY) |
Size | 0x138 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x14005b038 |
XOR Key | 0x61cab02 |
---|---|
Unmarked objects | 0 |
ASM objects (27412) | 10 |
C objects (27412) | 19 |
C++ objects (27412) | 173 |
C objects (CVTCIL) (27412) | 1 |
C objects (30034) | 18 |
ASM objects (30034) | 10 |
C++ objects (30034) | 88 |
C++ objects (CVTCIL) (27412) | 1 |
Imports (27412) | 27 |
Total imports | 366 |
C++ objects (LTCG) (VS2019 Update 10 (16.10.4) compiler 30040) | 43 |
Resource objects (VS2019 Update 10 (16.10.4) compiler 30040) | 1 |
151 | 1 |
Linker (VS2019 Update 10 (16.10.4) compiler 30040) | 1 |