24fb7950d7dd001954dec5414fec27664ceffd62fa9ea75a0eeaf2c82cacfcdb

Sharing

Copy URL Twitter E-mail

General

Target

24fb7950d7dd001954dec5414fec27664ceffd62fa9ea75a0eeaf2c82cacfcdb
Size

9.5MB
MD5

91313f1b3a80a399f60b79e7be03ac84
SHA1

771f1148bf5391aa2f7dcb3d80fccaaf4e23e1ad
SHA256

24fb7950d7dd001954dec5414fec27664ceffd62fa9ea75a0eeaf2c82cacfcdb
SHA512

579aea9d43161ff982516d005c8434e372cf0ad61a6bcc958d17c33e2f5a275ef11106a1a0aaa1962c877a0ec0db23a9b7a5780a12dced81e1374286fbf8b081
SSDEEP

49152:QalIVBlwvjzZXcCHn9m/fNLxfUkqrC4zfBdQoHeR6HGj6sdB72vFJ20JfB7qE8D8:iB5/fNyz9IpEwaSzy9M/rRvtvZTY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24fb7950d7dd001954dec5414fec27664ceffd62fa9ea75a0eeaf2c82cacfcdb

Files

24fb7950d7dd001954dec5414fec27664ceffd62fa9ea75a0eeaf2c82cacfcdb
.dll regsvr32 windows:6 windows x64 arch:x64

2058eb0dd0f998a295ff0210c17177be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\jenkins\workspace\Git-NLEPlatformPro\Src\SymbolTable\Win\x64_Release\NLEImageProc.pdb

Imports

nlelogger

NLEGetDefaultLogger

kernel32

DeleteCriticalSection
DecodePointer
GetCurrentThreadId
GetCurrentProcessId
GetLastError
lstrlenW
InitializeCriticalSectionEx
GetModuleFileNameW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
OutputDebugStringW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegSetValueExW

ole32

StringFromGUID2

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPEBDH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z

msvcr120

??_V@YAXPEAX@Z
wcsrchr
fmin
round
fmax
_purecall
??2@YAPEAX_K@Z
printf
_vsnwprintf
malloc
memcpy
realloc
ceil
floor
cos
sin
memset
??3@YAXPEAX@Z
_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
memmove
fabs
_CxxThrowException
__CxxFrameHandler3
free
calloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IPPDATA
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2058eb0dd0f998a295ff0210c17177be

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

nlelogger

kernel32

advapi32

ole32

msvcp120

msvcr120

Exports

Exports

Sections

.text Size: 7.3MB - Virtual size: 7.3MB

IPPCODE Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 333KB - Virtual size: 332KB

.data Size: 43KB - Virtual size: 45KB

.pdata Size: 157KB - Virtual size: 157KB

IPPDATA Size: 35KB - Virtual size: 35KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 7.3MB - Virtual size: 7.3MB

IPPCODE
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 333KB - Virtual size: 332KB

.data
Size: 43KB - Virtual size: 45KB

.pdata
Size: 157KB - Virtual size: 157KB

IPPDATA
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 7KB