MySqlBackupALL_v2022-09-05[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

MySqlBackupALL_v2022-09-05.zip
Size

657KB
MD5

b78b2e21b18c14c4868403e32906acc3
SHA1

f6cf8379c5633fe13f6a34cc81988ddfa651c374
SHA256

f5d5ff1dd84ca7f940c65a93e42dfae06f0f54b7e32ff7a01a749587c7ec7804
SHA512

70f7bbe57990013a50bf9406d630c8bb527bf10fb94e0746eb992d0f272efa92c86bf94a6860b922875845fbe1e0159cd07d7db04be3aa7639f05d520aa22d81
SSDEEP

12288:QI7D/51uhBt8EqQORNPyCZiXnNGuyN2Rx+Pal/jrxPyad43UvSYoU3frVkVWyXu9:f7D/50PZi3Py7NvxRPVya2g4U3f5kVpU

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MySqlBackupAll.exe
unpack001/MySqlBackupNet.MySqlConnector.dll
unpack001/MySqlConnector.dll

Files

MySqlBackupALL_v2022-09-05.zip
.zip
MySqlBackupAll.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MySqlBackupAll.exe.config
MySqlBackupAll.pdb
MySqlBackupNet.MySqlConnector.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MySqlConnector.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 597KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MySqlConnector.xml
.xml .js
System.Buffers.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:65:dc:35:86:93:2f:fb:0d:d0:c1:ac:2f:31:92:bd:28:75:14:21:57:3f:3b:7d:55:33:05:32:59:3d:d4:62
Signer

Actual PE Digest

d4:65:dc:35:86:93:2f:fb:0d:d0:c1:ac:2f:31:92:bd:28:75:14:21:57:3f:3b:7d:55:33:05:32:59:3d:d4:62

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Buffers.xml
System.Diagnostics.DiagnosticSource.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:13:8c:0c:1c:31:35:bc:d2:5f:00:00:00:00:02:13
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/02/2021, 20:09

Not After

10/02/2022, 20:09

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

37:45:17:ca:0a:43:d2:4e:27:6c:d5:88:f0:ee:29:de:46:ca:c3:f2:27:53:cc:f9:a3:e5:d5:e3:de:20:68:fa
Signer

Actual PE Digest

37:45:17:ca:0a:43:d2:4e:27:6c:d5:88:f0:ee:29:de:46:ca:c3:f2:27:53:cc:f9:a3:e5:d5:e3:de:20:68:fa

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Diagnostics.DiagnosticSource.xml
System.Memory.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:52:8b:33:aa:f8:95:f3:39:db:00:00:00:00:02:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:32

Not After

01/09/2022, 18:32

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:6c:07:cf:a9:38:ad:dd:05:7b:ae:24:e4:ad:78:9e:fa:07:82:fb:e0:b3:ea:d5:f5:bc:8e:78:ff:71:9b:27
Signer

Actual PE Digest

a4:6c:07:cf:a9:38:ad:dd:05:7b:ae:24:e4:ad:78:9e:fa:07:82:fb:e0:b3:ea:d5:f5:bc:8e:78:ff:71:9b:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Memory.xml
System.Numerics.Vectors.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:c2:a0:09:c5:37:76:e9:f6:cd:00:00:00:00:00:c2
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=Thales TSS ESN:C3B0-0F6A-4111,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:c4:e9:89:f8:7a:81:50:e9:ff:00:00:00:00:00:c4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:20

Not After

11/08/2018, 20:20

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:0e:22:c8:fb:bc:e4:62:63:f1:99:41:db:03:50:70:a9:f7:d6:99:5f:43:9a:3b:2d:d5:4b:9c:fc:3d:7c:e6
Signer

Actual PE Digest

99:0e:22:c8:fb:bc:e4:62:63:f1:99:41:db:03:50:70:a9:f7:d6:99:5f:43:9a:3b:2d:d5:4b:9c:fc:3d:7c:e6

Digest Algorithm

sha256

PE Digest Matches

true

12:57:a0:40:75:36:a1:51:f8:dd:f2:97:bc:f9:16:a8:2c:bd:f3:8d
Signer

Actual PE Digest

12:57:a0:40:75:36:a1:51:f8:dd:f2:97:bc:f9:16:a8:2c:bd:f3:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Numerics.Vectors.xml
System.Runtime.CompilerServices.Unsafe.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:13:8c:0c:1c:31:35:bc:d2:5f:00:00:00:00:02:13
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/02/2021, 20:09

Not After

10/02/2022, 20:09

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a0:70:99:f3:f5:b7:ef:fb:27:e6:01:6f:08:b5:3a:37:53:0b:75:67:14:d0:60:c5:7a:94:ea:2c:97:22:88:f7
Signer

Actual PE Digest

a0:70:99:f3:f5:b7:ef:fb:27:e6:01:6f:08:b5:3a:37:53:0b:75:67:14:d0:60:c5:7a:94:ea:2c:97:22:88:f7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Runtime.CompilerServices.Unsafe.xml
System.Threading.Tasks.Extensions.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

da:fb:83:40:c8:c2:8e:cb:07:b8:6a:f1:de:5f:60:bf:04:02:39:30:51:4d:e3:8a:90:db:7a:5d:d3:4f:71:f0
Signer

Actual PE Digest

da:fb:83:40:c8:c2:8e:cb:07:b8:6a:f1:de:5f:60:bf:04:02:39:30:51:4d:e3:8a:90:db:7a:5d:d3:4f:71:f0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Threading.Tasks.Extensions.xml

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 278KB - Virtual size: 278KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 63KB - Virtual size: 62KB

.rsrc Size: 265KB - Virtual size: 265KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 597KB - Virtual size: 597KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

d4:65:dc:35:86:93:2f:fb:0d:d0:c1:ac:2f:31:92:bd:28:75:14:21:57:3f:3b:7d:55:33:05:32:59:3d:d4:62Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:13:8c:0c:1c:31:35:bc:d2:5f:00:00:00:00:02:13Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

37:45:17:ca:0a:43:d2:4e:27:6c:d5:88:f0:ee:29:de:46:ca:c3:f2:27:53:cc:f9:a3:e5:d5:e3:de:20:68:faSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 150KB - Virtual size: 150KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:52:8b:33:aa:f8:95:f3:39:db:00:00:00:00:02:52Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

a4:6c:07:cf:a9:38:ad:dd:05:7b:ae:24:e4:ad:78:9e:fa:07:82:fb:e0:b3:ea:d5:f5:bc:8e:78:ff:71:9b:27Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 63KB - Virtual size: 62KB

.rsrc
Size: 265KB - Virtual size: 265KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 597KB - Virtual size: 597KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

d4:65:dc:35:86:93:2f:fb:0d:d0:c1:ac:2f:31:92:bd:28:75:14:21:57:3f:3b:7d:55:33:05:32:59:3d:d4:62
Signer

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:13:8c:0c:1c:31:35:bc:d2:5f:00:00:00:00:02:13
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

37:45:17:ca:0a:43:d2:4e:27:6c:d5:88:f0:ee:29:de:46:ca:c3:f2:27:53:cc:f9:a3:e5:d5:e3:de:20:68:fa
Signer

.text
Size: 150KB - Virtual size: 150KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:52:8b:33:aa:f8:95:f3:39:db:00:00:00:00:02:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

a4:6c:07:cf:a9:38:ad:dd:05:7b:ae:24:e4:ad:78:9e:fa:07:82:fb:e0:b3:ea:d5:f5:bc:8e:78:ff:71:9b:27
Signer

.text
Size: 126KB - Virtual size: 126KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:00:c2:a0:09:c5:37:76:e9:f6:cd:00:00:00:00:00:c2
Certificate

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:c4:e9:89:f8:7a:81:50:e9:ff:00:00:00:00:00:c4
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

99:0e:22:c8:fb:bc:e4:62:63:f1:99:41:db:03:50:70:a9:f7:d6:99:5f:43:9a:3b:2d:d5:4b:9c:fc:3d:7c:e6
Signer

12:57:a0:40:75:36:a1:51:f8:dd:f2:97:bc:f9:16:a8:2c:bd:f3:8d
Signer

.text
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:13:8c:0c:1c:31:35:bc:d2:5f:00:00:00:00:02:13
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

a0:70:99:f3:f5:b7:ef:fb:27:e6:01:6f:08:b5:3a:37:53:0b:75:67:14:d0:60:c5:7a:94:ea:2c:97:22:88:f7
Signer

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

da:fb:83:40:c8:c2:8e:cb:07:b8:6a:f1:de:5f:60:bf:04:02:39:30:51:4d:e3:8a:90:db:7a:5d:d3:4f:71:f0
Signer

.text
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B