479512c2de9baf694db69b2a38bc5273192717e60a7e5120313c13f3ec02f971

Sharing

Copy URL Twitter E-mail

General

Target

479512c2de9baf694db69b2a38bc5273192717e60a7e5120313c13f3ec02f971
Size

119KB
MD5

076167feebd019df7bfc371a74727be0
SHA1

af3309e56b7e65a25c89bc0491e61e1f9bff933d
SHA256

479512c2de9baf694db69b2a38bc5273192717e60a7e5120313c13f3ec02f971
SHA512

c6f0398543be2a5a1134b468b9a5c4115b668e3a67aa0896aef75446fd75b6f135871390a1836421a1c70bd4e1f77738a07e2af81c3e883779611e2e373b4928
SSDEEP

3072:IlR/yPhvdIIKsfdmf50qbcGRvjiTV8zAytGnIe:w1Ghv+IK6dmfigcGMs/ne

Score

N/A

Malware Config

Signatures

Files

479512c2de9baf694db69b2a38bc5273192717e60a7e5120313c13f3ec02f971
.dll windows x86

14c2ca20a680fad21ec516feadd1de4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

php5ts

shmctl
shmat
zend_register_list_destructors_ex
php_info_print_table_end
_zend_list_find
php_info_print_table_start
_efree
_emalloc
php_error_docref0
shmdt
zend_parse_parameters
shmget
php_info_print_table_row
_zend_list_delete
zend_list_insert

msvcr90

__CppXcptFilter
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
memcpy
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep

Exports

Exports

get_module

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14c2ca20a680fad21ec516feadd1de4c

Headers

DLL Characteristics

File Characteristics

Imports

php5ts

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 964B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 628B

.text Size: 108KB - Virtual size: 108KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 964B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 628B

.text
Size: 108KB - Virtual size: 108KB