745797187edd9c26a643a6e1f522c3ddfb23f76ef5c15db5402073ac512867e2

Sharing

Copy URL Twitter E-mail

General

Target

745797187edd9c26a643a6e1f522c3ddfb23f76ef5c15db5402073ac512867e2
Size

145KB
MD5

77613f13c6a277e80d680b8d6d002f1a
SHA1

978b50550e22b1fa52c5037b3cd8613669cf490b
SHA256

745797187edd9c26a643a6e1f522c3ddfb23f76ef5c15db5402073ac512867e2
SHA512

45ae9ce6a364b2c945237f54a7c2230ada5708fe1c1aa85ed4b6e98dbec65ad5457cdf10fdc6330a719b07b9a26e16af9934f7458f8037001d7ce541c4e52a52
SSDEEP

3072:r7cBJEAz7PndWR/dmyoTb24G3dw06L1lqTR9:ro57/dWR/cyoTb24V06ZU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
745797187edd9c26a643a6e1f522c3ddfb23f76ef5c15db5402073ac512867e2

Files

745797187edd9c26a643a6e1f522c3ddfb23f76ef5c15db5402073ac512867e2
.dll windows x86

40076f84752a787ddedb56f2252adec0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php8ts

zend_string_concat3
php_info_print_table_header
zend_throw_error
_convert_to_string@@4
_emalloc@@4
zend_hash_add_new@@12
php_info_print_table_start
zend_known_strings
zend_is_callable_ex
zend_error
zend_hash_next_index_insert@@8
zend_hash_add@@12
zend_objects_store_put@@4
zend_objects_store_del@@4
gc_possible_root@@4
zend_vspprintf
zend_empty_array
tsrm_get_ls_cache
zend_write
__zend_malloc
_erealloc@@8
compiler_globals_offset
executor_globals_offset
zend_string_init_interned
zend_hash_destroy@@4
instanceof_function_slow@@8
zend_wrong_parameter_class_error@@12
zend_throw_exception
zval_ptr_dtor
zend_parse_arg_long_slow@@12
zend_hash_index_add@@12
_zend_hash_init@@16
zend_wrong_parameters_count_error@@8
zend_register_internal_class_ex
zend_wrong_parameters_none_error@@0
zend_wrong_parameter_error@@20
zend_hash_next_index_insert_new@@8
zend_declare_class_constant_ex
display_ini_entries
_estrndup@@8
zend_ini_parse_bool
zend_one_char_string
zend_parse_arg_bool_slow@@12
zval_get_long_func@@8
zend_hash_str_find@@12
glob
zend_call_function
zend_zval_type_name
std_object_handlers
php_info_print_table_end
zend_hash_find@@8
_zend_new_array@@4
is_zend_ptr
zend_ce_error
zend_strpprintf
zend_binary_strcasecmp@@16
zend_is_true@@4
globfree
zend_hash_str_add_new@@16
zend_hash_str_add@@16
OnUpdateString
zend_register_ini_entries_ex
_ecalloc@@8
zend_parse_arg_str_slow@@12
zval_get_string_func@@4
zend_iterator_init
zend_hash_index_find@@8
zend_hash_index_add_new@@12
zval_get_double_func@@4
_efree@@4
sapi_module

kernel32

VirtualAlloc
VirtualQuery
VirtualFree
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryA
GetProcAddress
GetSystemInfo
FreeLibrary
Sleep

vcruntime140

memchr
_setjmp3
memcpy
longjmp
_except_handler4_common
memset
__std_type_info_destroy_list

api-ms-win-crt-convert-l1-1-0

strtoull
strtold
strtoll

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-filesystem-l1-1-0

_stat32

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_cexit
abort
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

_close
_read
_open

Exports

Exports

get_module

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40076f84752a787ddedb56f2252adec0

Headers

DLL Characteristics

File Characteristics

Imports

php8ts

kernel32

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Exports

Exports

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 7KB