10a5f50657d4aa82d8db5468e7e03145f91b051cd19623280235e0b00571274e

Sharing

Copy URL

Twitter E-mail

General

Target

10a5f50657d4aa82d8db5468e7e03145f91b051cd19623280235e0b00571274e
Size

576KB
MD5

a14d8ea1e938de7394b4dd36fce70951
SHA1

7e776a3f3bf643d479522f86e7300f8499af0e71
SHA256

10a5f50657d4aa82d8db5468e7e03145f91b051cd19623280235e0b00571274e
SHA512

0c50a396e050e5a770ae25113872dc0bbdd25506ec0abb1a43af171f7ec89b9591b22eb22f9249ebd5d30796600a5cf248b1618248777b3a97d998014e11a2f5
SSDEEP

12288:tyz5GEeRrksFt6vXv35DilVSOC6aTUR4jgW:tyzsEeBksFsv3NilI/6aTIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a5f50657d4aa82d8db5468e7e03145f91b051cd19623280235e0b00571274e

Files

10a5f50657d4aa82d8db5468e7e03145f91b051cd19623280235e0b00571274e
.dll windows:6 windows x86 arch:x86

07b7edae49b7c962290d7af2f6494c22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Projects\haxeTools\lib\hashlink\Release\fmt.pdb

Imports

libhl

hlt_i32
hlt_abstract
hl_buffer_char
hl_blocking
hl_buffer_cstr
hl_to_utf8
hl_throw
hlt_bytes
hl_buffer_val
hl_alloc_strbytes
hl_alloc_dynamic
hl_gc_alloc_gen
hl_alloc_buffer
hl_buffer_content

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
IsDebuggerPresent
InitializeSListHead

vcruntime140

memcpy
longjmp
memmove
memchr
__std_type_info_destroy_list
memset
_except_handler4_common
_setjmp3

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
free

api-ms-win-crt-math-l1-1-0

_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
ldexp
_libm_sse2_pow_precise
_libm_sse2_log_precise
_libm_sse2_cos_precise
floor
_libm_sse2_atan_precise
_libm_sse2_acos_precise
_libm_sse2_exp_precise
_except1

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsnprintf_s
__stdio_common_vsscanf
__stdio_common_vsprintf
fclose
fread

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
exit
_execute_onexit_table
_register_onexit_function
_errno
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
abort
_initterm

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-environment-l1-1-0

getenv
_putenv

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

fmt_compute_mikkt_tangents
fmt_deflate_bound
fmt_deflate_buffer
fmt_deflate_init
fmt_digest
fmt_dxt_decode
fmt_img_scale
fmt_inflate_buffer
fmt_inflate_init
fmt_jpg_decode
fmt_mp3_decode_frame
fmt_mp3_frame_info
fmt_mp3_open
fmt_ogg_info
fmt_ogg_open
fmt_ogg_read
fmt_ogg_seek
fmt_ogg_tell
fmt_png_decode
fmt_zip_end
fmt_zip_flush_mode
hlp_compute_mikkt_tangents
hlp_deflate_bound
hlp_deflate_buffer
hlp_deflate_init
hlp_digest
hlp_dxt_decode
hlp_img_scale
hlp_inflate_buffer
hlp_inflate_init
hlp_jpg_decode
hlp_mp3_decode_frame
hlp_mp3_frame_info
hlp_mp3_open
hlp_ogg_info
hlp_ogg_open
hlp_ogg_read
hlp_ogg_seek
hlp_ogg_tell
hlp_png_decode
hlp_zip_end
hlp_zip_flush_mode

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07b7edae49b7c962290d7af2f6494c22

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libhl

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

Exports

Exports

Sections

.text Size: 390KB - Virtual size: 390KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 20B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 390KB - Virtual size: 390KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 20B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 9KB