35cd36976044ff22cd694310acf25b41

General

Target

35cd36976044ff22cd694310acf25b41
Size

10KB
MD5

35cd36976044ff22cd694310acf25b41
SHA1

6ea7313ea8fc09c582ec119e77c9b6b9d92fefc2
SHA256

d1cb6c6f1e4fed269d739f569b7868221971f00a6a6c10cae2ff3082f9178580
SHA512

d7526f24a782edf6355662698598eb263255d532e11667dcfd4e2b276432cfc2cea7e7229cbeef307a2c4aa27f5a9dccbd96b8916a1800c9c8017c3204adf6a9
SSDEEP

192:ZyzJT8rv1TgLKdZsUJ9ny3XvVlD6gsOq8FcmHa:ohK1TV8uefVlplq8Fcm6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35cd36976044ff22cd694310acf25b41

Files

35cd36976044ff22cd694310acf25b41
.dll windows:5 windows x86 arch:x86

3ce124dce494c1a4ab75fa17723c9a85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\build\httpd-2.4.10\modules\aaa\Release\mod_authn_dbm.pdb

Imports

libapr-1

_apr_palloc@8
apr_pstrcat
_apr_pstrmemdup@12
_apr_pstrdup@8

libhttpd

ap_log_rerror_
_ap_register_auth_provider@24
_ap_hook_optional_fn_retrieve@16
ap_set_file_slot

libaprutil-1

_apr_dbm_open_ex@24
_apr_password_validate@8
_apr_dynamic_fn_retrieve@4
_apr_dbm_close@4
_apr_dbm_fetch@16

msvcr90

_crt_debugger_hook
strchr
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

authn_dbm_module

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ce124dce494c1a4ab75fa17723c9a85

Headers

File Characteristics

PDB Paths

Imports

libapr-1

libhttpd

libaprutil-1

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 480B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 480B