94a29abd4e137ce1c0075be04ec53f21225411ddf894a8b64ddce03a68455d2b

Sharing

Copy URL Twitter E-mail

General

Target

94a29abd4e137ce1c0075be04ec53f21225411ddf894a8b64ddce03a68455d2b
Size

56KB
MD5

18c864ded44371e3091b3af350984cda
SHA1

9a088544534ea5211d7b2ee3740388ab982aabfe
SHA256

94a29abd4e137ce1c0075be04ec53f21225411ddf894a8b64ddce03a68455d2b
SHA512

1d84c75793ada5169abb8b723e90be260af624ce1a7c12792c1a0ca8c8e90fe7958a2e63d21d22ee73b5c5ff6692a8486a181c1a38c2b59c4f000cc2a4c02026
SSDEEP

1536:rT/5Fd2Xw45WgDQEnx5myKgZDA0XAVzEpnrIUcsNU7Ugq:rT/5Fd2Xwk/DQE5myVZDAvzEpnrIUcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a29abd4e137ce1c0075be04ec53f21225411ddf894a8b64ddce03a68455d2b

Files

94a29abd4e137ce1c0075be04ec53f21225411ddf894a8b64ddce03a68455d2b
.dll windows x86

70025ab807e9068832d4265fa419d08d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php8ts

_estrndup@@8
zend_multibyte_fetch_encoding
php_error_docref
display_ini_entries
zend_wrong_parameter_error@@20
add_assoc_stringl_ex
zend_wrong_parameters_count_error@@8
_zend_hash_init@@16
zend_vspprintf
php_file_le_pstream
zend_argument_value_error
zend_fetch_resource2
zend_try_assign_typed_ref_long
php_file_le_stream
_efree@@4
zend_unregister_ini_entries_ex
_emalloc@@4
_php_stream_tell
zend_spprintf
php_info_print_table_start
ap_php_snprintf
add_index_string
_zend_new_array@@4
tsrm_get_ls_cache
zend_multibyte_parse_encoding_list
zend_parse_parameters
zend_register_long_constant
_php_stream_read
_php_stream_free
php_stream_stdio_ops
_php_stream_open_wrapper_ex
virtual_stat
add_assoc_long_ex
zend_parse_arg_bool_slow@@12
zend_hash_str_find@@12
_php_stream_seek
_estrdup@@4
zend_error
module_registry
php_image_type_to_mime_type
add_assoc_double_ex
php_getimagetype
php_verror
_safe_emalloc@@12
_try_convert_to_string@@4
zend_hash_destroy@@4
zval_ptr_dtor
zend_hash_index_add@@12
zend_multibyte_encoding_converter
php_info_print_table_end
_safe_erealloc@@16
php_basename
add_assoc_zval_ex
OnUpdateString
php_info_print_table_row
zend_register_ini_entries_ex
add_assoc_string_ex
zend_parse_arg_str_slow@@12
zend_hash_index_find@@8
zend_hash_index_add_new@@12
add_assoc_null_ex
add_index_double
_php_stream_getc
add_index_long

vcruntime140

__std_type_info_destroy_list
memcpy
memmove
memset
strstr
_except_handler4_common

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_cexit
_execute_onexit_table
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

api-ms-win-crt-math-l1-1-0

_libm_sse2_log_precise
_libm_sse2_exp_precise

Exports

Exports

get_module

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70025ab807e9068832d4265fa419d08d

Headers

DLL Characteristics

File Characteristics

Imports

php8ts

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB