57749da37fda1a3fa2676658058011de

Sharing

Copy URL Twitter E-mail

General

Target

57749da37fda1a3fa2676658058011de
Size

30KB
MD5

57749da37fda1a3fa2676658058011de
SHA1

e79e4118241494e1b3c8c8982b4104fe638b932d
SHA256

b5bea0fb102de7ae5b66b46d1c3d8f87eaa2073c8ae0245f1487b7b84d075794
SHA512

c4b3ba3e6604a518ecd9e2fe14ff27a9e82e70dd83557d9d89226341d3a24c153e85cfa4a609b0fcbf396acd95c1579df037e25872d8133c9ae5638ddaceb42e
SSDEEP

768:pRJpRcyDZLD8SRCsDJDTN9Sj0IyrcIld:LJpCyRISRCsDJTN9tIyrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57749da37fda1a3fa2676658058011de

Files

57749da37fda1a3fa2676658058011de
.dll windows:5 windows x86 arch:x86

80559cbf281c82dfe0016686139962b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\php-sdk\php54dev\vc9\x86\obj\Release_TS\php_sybase_ct.pdb

Imports

php5ts

empty_fcall_info_cache
add_property_string_ex
zend_ini_boolean_displayer_cb
zend_make_printable_zval
_convert_to_string
_zval_dtor_func
_safe_emalloc
zend_hash_exists
zend_register_list_destructors_ex
empty_fcall_info
php_info_print_table_end
call_user_function_ex
zend_register_ini_entries
le_index_ptr
_safe_erealloc
_zend_list_find
_zend_hash_add_or_update
_array_init
php_info_print_table_start
_zval_ptr_dtor
_efree
display_ini_entries
_zval_copy_ctor_func
spprintf
OnUpdateString
zend_hash_del_key_or_index
_zend_hash_index_update_or_next_insert
executor_globals_id
_emalloc
zend_lookup_class
zend_strtod
convert_to_long
_object_init
_estrdup
zend_hash_apply
zend_register_resource
_object_and_properties_init
php_error_docref0
display_link_numbers
zend_parse_parameters
ts_resource_ex
php_info_print_table_header
zend_fetch_resource
cfg_get_long
OnUpdateLong
zend_standard_class_def
zend_hash_find
_zend_list_addref
php_info_print_table_row
_zend_list_delete
_estrndup
ap_php_snprintf
add_property_long_ex
zend_unregister_ini_entries
zend_get_class_entry

libcs

cs_dt_info
cs_loc_alloc
cs_ctx_drop
cs_locale
cs_ctx_alloc

libct

ct_fetch
ct_command
ct_describe
ct_cmd_alloc
ct_init
ct_exit
ct_res_info
ct_config
ct_con_props
ct_con_drop
ct_send
ct_close
ct_cmd_drop
ct_callback
ct_bind
ct_connect
ct_results
ct_cancel
ct_con_alloc

msvcr90

_stricmp
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
strtol
_errno
malloc
free

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep

Exports

Exports

get_module

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80559cbf281c82dfe0016686139962b1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

php5ts

libcs

libct

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 976B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 976B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB