0887d49857a8d7b4d3a31e42aae39dbc

Sharing

Copy URL

Twitter E-mail

General

Target

0887d49857a8d7b4d3a31e42aae39dbc
Size

151KB
MD5

0887d49857a8d7b4d3a31e42aae39dbc
SHA1

29176af3a7af76d2584f49961511bea6e1e6e937
SHA256

6ce715ebbf55741915646a7112e3432036fe9b92ae7739677e3b27ed8e194624
SHA512

b458835472d9b673099e6c27f9cd55b2767f1a2ec0046965b76a639567923ec4752f16e0882b4129ec443fabec6561866aa9780226e9535ec7aa2045dd15c8e6
SSDEEP

1536:i/ZhB07JYrUUQz4LXgT6pwE61HmeEURv/fS9Gh3+0hFoDUo/uovcHCAax1as5G:ih0bUQz4Lw4SGVURnfSa34DdfcsZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0887d49857a8d7b4d3a31e42aae39dbc

Files

0887d49857a8d7b4d3a31e42aae39dbc
.dll windows:4 windows x86 arch:x86

9501a623019d310e22435c07e8f4f5cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

jvm

_JVM_GetMethodIxLocalsCount@12
_JVM_GetCPMethodNameUTF@12
_JVM_GetMethodIxExceptionTableEntry@20
_JVM_GetMethodIxExceptionTableLength@12
_JVM_GetMethodIxMaxStack@12
_JVM_GetMethodIxExceptionIndexes@16
_JVM_GetCPFieldSignatureUTF@12
_JVM_GetClassMethodsCount@8
_JVM_GetClassFieldsCount@8
_JVM_GetClassCPTypes@12
_JVM_GetClassCPEntriesCount@8
jio_fprintf
_JVM_GetCPMethodSignatureUTF@12
_JVM_GetCPFieldModifiers@16
_JVM_GetCPMethodModifiers@16
_JVM_IsSameClassPackage@12
_JVM_IsInterface@8
_JVM_GetCPMethodClassNameUTF@12
_JVM_GetCPFieldClassNameUTF@12
_JVM_GetCPClassNameUTF@12
_JVM_GetMethodIxArgsSize@12
_JVM_GetMethodIxModifiers@12
_JVM_IsConstructorIx@12
_JVM_GetMethodIxByteCodeLength@12
_JVM_GetMethodIxByteCode@16
_JVM_GetFieldIxModifiers@12
_JVM_FindClassFromClass@16
jio_vsnprintf
_JVM_GetClassNameUTF@8
_JVM_GetMethodIxNameUTF@12
jio_snprintf
_JVM_GetMethodIxSignatureUTF@12
_JVM_GetMethodIxExceptionsCount@12
_JVM_ReleaseUTF@4

msvcr71

_onexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_iob
_setjmp3
strchr
memcpy
memset
strcmp
strlen
strcpy
calloc
malloc
longjmp
free
_assert
__dllonexit

kernel32

DisableThreadLibraryCalls

Exports

Exports

VerifyClass
VerifyClassForMajorVersion
VerifyClassname
VerifyFixClassname

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9501a623019d310e22435c07e8f4f5cc

Headers

File Characteristics

Imports

jvm

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 120KB - Virtual size: 120KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 2KB - Virtual size: 1KB