ea15450c7875f5d6a249ca1ee9b195c3ce22b321caa49c3cb6426ca200719d93

Sharing

Copy URL Twitter E-mail

General

Target

ea15450c7875f5d6a249ca1ee9b195c3ce22b321caa49c3cb6426ca200719d93
Size

131KB
MD5

b4b5b0e5c4c63470e51cbf8ac600aa76
SHA1

88874ef94cc593e391f4c0cc1f95063b573f4d38
SHA256

ea15450c7875f5d6a249ca1ee9b195c3ce22b321caa49c3cb6426ca200719d93
SHA512

f73f7e9aceecec89c06368ad899220a89d7551ae2bdd24f73fa81990b51fc0b533c63f093f6589bacce301168beacb74516c0dda028f05a923fab15cee1013b5
SSDEEP

3072:C94c8MAtk5ElIp+4xkOhYE8SFlhTP7loVY/H4:LnMAtk5ElIp+4xJYEPhLsgH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea15450c7875f5d6a249ca1ee9b195c3ce22b321caa49c3cb6426ca200719d93

Files

ea15450c7875f5d6a249ca1ee9b195c3ce22b321caa49c3cb6426ca200719d93
.dll windows:5 windows x86 arch:x86

81dfe04b95a8ebada78f6021b2dcd2b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode\Common\ImageLib\Format\Release\PNG.pdb

Imports

kernel32

GlobalHandle
DeleteFileA
GlobalAlloc
DeleteFileW
GlobalFree
GlobalLock
GlobalUnlock
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

vcruntime140

_except_handler4_common
memcpy
longjmp
_setjmp3
memset
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

_wfopen
fclose
fopen
__stdio_common_vsprintf
fwrite
fflush
fread
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
abort
_seh_filter_dll
_initterm
_initterm_e

api-ms-win-crt-convert-l1-1-0

strtod

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
_except1

Exports

Exports

ILF_DeleteImage
ILF_DeleteImageW
ILF_GetCapability
ILF_GetCapabilityW
ILF_GetFileInfo
ILF_GetFileInfoW
ILF_GetImageInfo
ILF_GetImageInfoW
ILF_ReadImage
ILF_ReadImageW
ILF_SaveImage
ILF_SaveImageW

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81dfe04b95a8ebada78f6021b2dcd2b6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 6KB

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB