54ce28745aa4be4bfb1c4781b3906fcfcedea87c1fc3a3928d3dafcc6d70f68a

Sharing

Copy URL Twitter E-mail

General

Target

54ce28745aa4be4bfb1c4781b3906fcfcedea87c1fc3a3928d3dafcc6d70f68a
Size

754KB
MD5

3430dad92ec40e5faf47dc0b4699e2ac
SHA1

de365ee47b94d66b3ec88bd3096367c3cdc1bcb6
SHA256

54ce28745aa4be4bfb1c4781b3906fcfcedea87c1fc3a3928d3dafcc6d70f68a
SHA512

5b66c9152922f72608edef3260070d167350b599f3fd1fd514c874b08693a546d6a32205f4e6c75b0186b2786a048ba8be3b46a5318bf1d29fa9b32bdf4208e4
SSDEEP

12288:02WxlxHii3IWw4LAIAsDjAl5+SqHyv6ZkoHX:3OlxHiiZw49ju+ShB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54ce28745aa4be4bfb1c4781b3906fcfcedea87c1fc3a3928d3dafcc6d70f68a

Files

54ce28745aa4be4bfb1c4781b3906fcfcedea87c1fc3a3928d3dafcc6d70f68a
.dll windows:6 windows x64 arch:x64

c2dedf30b21169c87ddfb852feeccfa8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\git\http_sdk_dev\httpunisdk\src\project\windows\all_api\x64\Release\libusc.pdb

Imports

ws2_32

closesocket
freeaddrinfo
WSAStartup
connect
inet_ntoa
getaddrinfo
select
htons
setsockopt
recv
socket
send

kernel32

SetLastError
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
WriteConsoleW
GetStringTypeW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
Sleep
GetTickCount
LCMapStringW
CompareStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
RtlUnwindEx
GetStdHandle
GetFileType
GetStartupInfoW
RtlPcToFileHeader
RaiseException
HeapSize
GetProcessHeap
WriteFile
GetModuleFileNameW
CloseHandle
SetEnvironmentVariableA
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapReAlloc
LoadLibraryExW

ole32

CoCreateGuid

netapi32

Netbios

Exports

Exports

Java_cn_unisound_UniVprJni_create__
Java_cn_unisound_UniVprJni_create__Ljava_lang_String_2I
Java_cn_unisound_UniVprJni_feedBuffer
Java_cn_unisound_UniVprJni_getResult
Java_cn_unisound_UniVprJni_login
Java_cn_unisound_UniVprJni_release
Java_cn_unisound_UniVprJni_setOptionInt
Java_cn_unisound_UniVprJni_setOptionString
Java_cn_unisound_UniVprJni_start
Java_cn_unisound_UniVprJni_stop
usc_cancel_recognizer
usc_cancel_service
usc_cancel_service_ext
usc_clear_option
usc_create_service
usc_create_service_ext
usc_feed_buffer
usc_get_option
usc_get_result
usc_get_result_begin_time
usc_get_result_end_time
usc_get_version
usc_get_volume
usc_login_service
usc_release_service
usc_set_nlu_option_str
usc_set_option
usc_set_option_str
usc_set_sample_rate
usc_set_vad_time
usc_start_recognizer
usc_stop_recognizer
usc_tts_cancel
usc_tts_create_service
usc_tts_create_service_ext
usc_tts_get_option
usc_tts_get_result
usc_tts_get_version
usc_tts_release_service
usc_tts_set_option
usc_tts_start_synthesis
usc_tts_stop_synthesis
usc_tts_text_put
usc_vad_set_timeout
usc_vpr_clear_option
usc_vpr_create_service
usc_vpr_create_service_ext
usc_vpr_feed_buffer
usc_vpr_get_option
usc_vpr_get_result
usc_vpr_get_version
usc_vpr_login_service
usc_vpr_release_service
usc_vpr_set_option
usc_vpr_set_option_str
usc_vpr_start_recognizer
usc_vpr_stop_recognizer
usc_vpr_vad_set_timeout

Sections

.text
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2dedf30b21169c87ddfb852feeccfa8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

ole32

netapi32

Exports

Exports

Sections

.text Size: 614KB - Virtual size: 613KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 8KB - Virtual size: 17KB

.pdata Size: 20KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 614KB - Virtual size: 613KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 8KB - Virtual size: 17KB

.pdata
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 2KB