b009cd3eb261e33e16ea7fb2d1f953095e1b8d86b056159b504df6514f613140

Sharing

Copy URL Twitter E-mail

General

Target

b009cd3eb261e33e16ea7fb2d1f953095e1b8d86b056159b504df6514f613140
Size

26KB
MD5

2b91faf5549110362c6c074cb2b786c1
SHA1

10ebbb6b280df885a45fd4f8e89d8bb9f2ebc90c
SHA256

b009cd3eb261e33e16ea7fb2d1f953095e1b8d86b056159b504df6514f613140
SHA512

25f5535ff654189f0ba74111bf4321bacf7255d6de8900342e3371866b617dea4ca95ef8505ee9203c765098fcd64785ba4fd8abcfca0a0ef20eb2544e252fe7
SSDEEP

384:DdLdHAojnQbCxO/DcbNCecU3rDoTopYZsVvYFmNn0equhkfuBy:D3THxCDcbNYU3rDFpkM4mNn0/uIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b009cd3eb261e33e16ea7fb2d1f953095e1b8d86b056159b504df6514f613140

Files

b009cd3eb261e33e16ea7fb2d1f953095e1b8d86b056159b504df6514f613140
.dll windows x86

7f08e47588f08b50d41277dc2ecbbc15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php8ts

php_pdo_unregister_driver
php_pdo_register_driver
zend_register_ini_entries_ex
php_info_print_table_row
php_pdo_get_dbh_ce
php_info_print_table_end
_efree@@4
instanceof_function_slow@@8
zend_unregister_ini_entries_ex
rc_dtor_func@@4
mysqlnd_reverse_api_register_api
php_info_print_table_header
php_info_print_table_start
zend_u64_to_str@@8
mysqlnd_get_client_info
pdo_throw_exception
zval_get_long_func@@8
php_check_open_basedir
_estrdup@@4
php_file_le_stream
php_file_le_pstream
_php_stream_copy_to_mem
php_pdo_stmt_set_column_count
add_assoc_long_ex
zend_fetch_resource2_ex
_zend_new_array@@4
tsrm_get_ls_cache
executor_globals_offset
zval_ptr_dtor
zend_strpprintf
add_assoc_zval_ex
add_assoc_string_ex
zend_empty_string
pdo_raise_impl_error
mysqlnd_connection_connect
php_error_docref
_emalloc@@4
_safe_emalloc@@12
mysqlnd_connection_init
__zend_strdup
pdo_get_long_param
__zend_calloc
pdo_parse_params
php_pdo_parse_data_source
add_next_index_long
add_next_index_string
_ecalloc@@8
zend_hash_index_find@@8
pdo_get_bool_param
zend_declare_class_constant_long
zval_try_get_string_func@@4

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common
memcpy

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment
_cexit
_initialize_onexit_table

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

get_module

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f08e47588f08b50d41277dc2ecbbc15

Headers

DLL Characteristics

File Characteristics

Imports

php8ts

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1020B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1020B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB