c33c6e2acf867397e9f0bdeac5776b578fe3ff95dc5e382fdd485043078d9fd0

Sharing

Copy URL Twitter E-mail

General

Target

c33c6e2acf867397e9f0bdeac5776b578fe3ff95dc5e382fdd485043078d9fd0
Size

240KB
MD5

6d15e4a574c932f067c4cfe4ffec2d9d
SHA1

1141ba38bcb5dfd2d087c92f239d963ca8ca457d
SHA256

c33c6e2acf867397e9f0bdeac5776b578fe3ff95dc5e382fdd485043078d9fd0
SHA512

3d6e4163d5f65974dfa74bf2f3d486b676e93bf665d46453e013eaa427817d0c65af01c716166b37dc146062064764369546ab66e3482140ea546a3d14c30b44
SSDEEP

6144:Q6LdG23AxB+SK4bm8aoKCxN1/Fx1tXxler3fuL:Q6LdhQxBF68aoKG19x1tPer2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c33c6e2acf867397e9f0bdeac5776b578fe3ff95dc5e382fdd485043078d9fd0

Files

c33c6e2acf867397e9f0bdeac5776b578fe3ff95dc5e382fdd485043078d9fd0
.dll windows x86

95ede014d1333d519e4dad2dde1073a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php8ts

zend_std_get_properties
zend_objects_clone_members@@8
object_properties_load
php_combined_lcg
zend_throw_error
php_info_print_table_end
zend_register_internal_class_ex
zend_object_std_init@@8
_emalloc@@4
php_info_print_table_start
zend_hash_copy@@12
php_var_unserialize_init
zval_add_ref
php_var_unserialize_destroy
zend_wrong_parameters_none_error@@0
zend_wrong_parameter_error@@20
_estrndup@@8
object_properties_init
zend_proptable_to_symtable@@8
zend_register_string_constant
zend_hash_str_update@@16
zend_wrong_parameters_count_error@@8
zend_argument_type_error
zval_get_long_func@@8
zend_value_error
zend_array_dup@@4
zend_hash_next_index_insert@@8
instanceof_function_slow@@8
_safe_emalloc@@12
zend_argument_value_error
_zend_new_array@@4
tsrm_get_ls_cache
zend_parse_parameters
zend_register_long_constant
zend_ce_division_by_zero_error
executor_globals_offset
zend_string_init_interned
zend_throw_exception
zval_ptr_dtor
std_object_handlers
zend_parse_arg_long_slow@@12
zend_type_error
zend_zval_type_name
var_tmp_var
php_var_serialize_init
add_assoc_zval_ex
php_info_print_table_row
zend_object_std_dtor
zend_parse_arg_str_or_long_slow@@16
php_var_unserialize
php_var_serialize
zend_hash_index_find@@8
zend_empty_string
php_var_serialize_destroy
zend_throw_exception_ex
_efree@@4
zend_ce_value_error

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcessId
IsDebuggerPresent

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
memset

api-ms-win-crt-time-l1-1-0

_time32

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc

api-ms-win-crt-string-l1-1-0

isspace

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initterm
_initialize_narrow_environment
_initialize_onexit_table
_cexit
abort
_execute_onexit_table
_initterm_e

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func

Exports

Exports

get_module
php_gmp_class_entry

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95ede014d1333d519e4dad2dde1073a5

Headers

DLL Characteristics

File Characteristics

Imports

php8ts

kernel32

vcruntime140

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB