8f40000[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8f40000.dll.exe
Size

468KB
MD5

d2b70c1c6069908de5a9b52656b253b7
SHA1

07c31c3d13a9570e047fe2324eab62cb5ce5f00a
SHA256

5c302f8166172614a05a26177ae1f39ea7195fb0469a81fdce5963b476258e1b
SHA512

7b22271e2c5b8c2cf973754cc36ad8b288137d00baf931e02f787d8054cf5fcae63cfd4e07c5c2c8b0f2753ec586be51fcb5b97a68743e9b9719421f4a994c7f
SSDEEP

12288:6YMavlXIrY2TEtqwDBjHH6cT247LRG8FMk9:iulYrY2TzwH6m2T8f9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f40000.dll.exe

Files

8f40000.dll.exe
.dll windows:5 windows x64

57e85ae55c00a26e06aca4a4599c63ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

_snwprintf
strcmp
memcmp
memmove
RtlNtStatusToDosError
memset
memcpy
strncmp
StrStrIA
StrCmpNA
StrToIntExA
StrChrW
PathCombineW
PathFindFileNameW
StrChrA
FlushFileBuffers
HeapValidate
GetVersionExW
lstrlenW
HeapAlloc
HeapFree
SetEvent
Sleep
CreateEventA
HeapDestroy
HeapCreate
GetLastError
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
FindClose
FindNextFileW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
GetFileSize
FreeLibrary
WaitForSingleObject
LoadLibraryW
GetTempPathW
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
FormatMessageW
InitializeCriticalSection
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
GetCurrentProcessId
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
WriteFile
CreateFileMappingW
CreateFileMappingA
GetDiskFreeSpaceW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
HeapSize
GetVersionExA
LeaveCriticalSection
DeleteFileW
LocalAlloc
LocalFree
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
QueryPerformanceCounter
UnlockFile
LockFile
OutputDebugStringW
GetTickCount
LockFileEx
SHGetFolderPathW
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CryptBinaryToStringW
CryptStringToBinaryA
CryptUnprotectData

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e85ae55c00a26e06aca4a4599c63ca

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 392KB - Virtual size: 392KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 12KB

.pdata Size: 12KB - Virtual size: 12KB

.bss0 Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 392KB - Virtual size: 392KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 12KB

.pdata
Size: 12KB - Virtual size: 12KB

.bss0
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB