28f596062c613d21f79e572f450fe00dc35df64335eb7be02cb7d37bf23989e9

Sharing

Copy URL

Twitter E-mail

General

Target

28f596062c613d21f79e572f450fe00dc35df64335eb7be02cb7d37bf23989e9
Size

1.0MB
MD5

c5579d0b54883f5c3911938663891f22
SHA1

a8b116106fffe365aea12e5d597a64abacd16d46
SHA256

28f596062c613d21f79e572f450fe00dc35df64335eb7be02cb7d37bf23989e9
SHA512

ab171e9d97bcead7f26faf18ad08abccc4e0c0cec2b8094a9c8611f55de18245abcb07081afc6f5949426df74a194bf9adfd89aef1780364db77ff84e2d20077
SSDEEP

6144:IBHIzh4kNYZMy2nheXtlK0rr6K3IhsgQ47m6hKuBwErE+XzKhUzxhbpNxHHaqDq0:IL3YXzsCjwywBX7c+SQyN0vOd6q00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f596062c613d21f79e572f450fe00dc35df64335eb7be02cb7d37bf23989e9

Files

28f596062c613d21f79e572f450fe00dc35df64335eb7be02cb7d37bf23989e9
.dll windows:6 windows x86 arch:x86

c244f662131e6f7e6fa7282136a54b66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Proton\Git\ECGPatchProject\Release\ArrhythmiaClassifierNew.pdb

Imports

msvcp140

_Exp
?_Xlength_error@std@@YAXPBD@Z

vcruntime140

memset
__std_type_info_destroy_list
memmove
_CxxThrowException
__std_exception_destroy
__std_exception_copy
_except_handler4_common
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initterm
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_initterm_e
_seh_filter_dll

api-ms-win-crt-math-l1-1-0

floor
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise

kernel32

IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsProcessorFeaturePresent

Exports

Exports

?classifierByHb@@YAHPBHHPBMHHPAHUscores_SVQ@@@Z

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c244f662131e6f7e6fa7282136a54b66

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 738KB - Virtual size: 737KB

.rdata Size: 246KB - Virtual size: 246KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 67KB - Virtual size: 67KB

.text
Size: 738KB - Virtual size: 737KB

.rdata
Size: 246KB - Virtual size: 246KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 67KB - Virtual size: 67KB