bf72712634ca3d8ac7c8535b19afe21704a7225335f604d5670cf8f4e40d8eb7

Sharing

Copy URL

Twitter E-mail

General

Target

bf72712634ca3d8ac7c8535b19afe21704a7225335f604d5670cf8f4e40d8eb7
Size

64KB
MD5

3e8e1613f9b6d173b85bfe7480eec2c1
SHA1

395018d1a4741305f5b1ce3da54072e6c7adbe26
SHA256

bf72712634ca3d8ac7c8535b19afe21704a7225335f604d5670cf8f4e40d8eb7
SHA512

280305bc004f1e1296abde5092f815e47eb13b73384b987ff22a5b0ba3431ef209a7e103b5debfdcaad204f9ef23ab957cd31acde1614c8377c3b3a8d60f5505
SSDEEP

1536:PRFzdF5G9rfEVUDYn8nClzeN5ibpW4+BluEF78AcP:5ddF5G9EVl8MQ5D4+BluEFoAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf72712634ca3d8ac7c8535b19afe21704a7225335f604d5670cf8f4e40d8eb7

Files

bf72712634ca3d8ac7c8535b19afe21704a7225335f604d5670cf8f4e40d8eb7
.dll windows x86

5cd6c438f5c701499418dcac95b2449b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

php8ts

zend_is_true@@4
zend_fetch_resource2_ex
zend_argument_type_error
php_stream_filter_unregister_factory
_safe_malloc@@12
add_assoc_long_ex
virtual_filepath_ex
php_stream_bucket_delref
_estrndup@@8
php_error_docref
zval_get_long_func@@8
php_unregister_url_stream_wrapper
_ecalloc@@8
php_stream_bucket_append
php_stream_bucket_new
php_info_print_table_start
_emalloc@@4
_efree@@4
php_file_le_stream
zif_fwrite@@8
php_file_le_pstream
zif_fclose@@8
zif_fflush@@8
php_stream_read_to_str
php_register_url_stream_wrapper
zend_hash_str_find@@12
_php_stream_filter_alloc
php_check_open_basedir
_php_stream_cast
__zend_calloc
virtual_unlink
php_stream_bucket_make_writeable
_safe_emalloc@@12
zend_argument_value_error
_zend_new_array@@4
zend_parse_parameters
_php_stream_free
_php_stream_open_wrapper_ex
__zend_malloc
zend_zval_type_name
php_info_print_table_end
_safe_erealloc@@16
php_info_print_table_row
_php_stream_alloc
add_assoc_string_ex
php_stream_filter_register_factory

vcruntime140

memcpy
memchr
__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-string-l1-1-0

_strnicmp
_stricmp
isdigit

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
exit

api-ms-win-crt-stdio-l1-1-0

fread
_setmode
_fileno
__stdio_common_vfprintf
fwrite
ungetc
fopen
fgetc
fflush
ferror
fclose
__acrt_iob_func

api-ms-win-crt-math-l1-1-0

_fdopen

kernel32

TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter

Exports

Exports

_php_stream_bz2open
_php_stream_bz2open_from_BZFILE
get_module

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cd6c438f5c701499418dcac95b2449b

Headers

DLL Characteristics

File Characteristics

Imports

php8ts

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB