653fb79efdb442c49cbe8265abdca5bb

General

Target

653fb79efdb442c49cbe8265abdca5bb
Size

8KB
MD5

653fb79efdb442c49cbe8265abdca5bb
SHA1

bce8f4e270526396941c525f99e1611d2bb5ff05
SHA256

97775ccc4ed5fdcc874f2c045ee2c7ef92f4ebc2898efb717cec76d7f0e0e9ae
SHA512

7390646da1930e0194ab21da7e844bc6498d1cde1066fc0ec34d913c3898fc2d69a80a50470dad9f05f72f22ee6ed88ebabda4698f61ad4c7318ca5cb9cfd691
SSDEEP

96:bC07kFrmm0ZCu88JyiDzHNC/o5wLFc3XA+pVAAD6AwC7tCE9kLi+:OWMfjRANso5wLS3XfVlD6AhuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
653fb79efdb442c49cbe8265abdca5bb

Files

653fb79efdb442c49cbe8265abdca5bb
.dll windows:5 windows x86 arch:x86

e850c8752de58f0abe869781d694318f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\build\httpd-2.4.10\srclib\apr-iconv\Release\iconv\utf-16.pdb

Imports

libapriconv-1

apr_iconv_ces_open_func
apr_iconv_ces_close_func
apr_iconv_ces_reset_func
apr_iconv_ces_nbits8
apr_iconv_ces_zero
apr_iconv_mod_noevent

msvcr90

_adjust_fdiv
_amsg_exit
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
__CppXcptFilter

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Exports

Exports

iconv_module

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e850c8752de58f0abe869781d694318f

Headers

File Characteristics

PDB Paths

Imports

libapriconv-1

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 876B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 384B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 876B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 384B