a0f1632f362d2c50c5148ab950aa7715

Sharing

Copy URL Twitter E-mail

General

Target

a0f1632f362d2c50c5148ab950aa7715
Size

516KB
MD5

a0f1632f362d2c50c5148ab950aa7715
SHA1

9ef831fa0c870f6cbd9519e263b8027f920021c6
SHA256

d04bb1fa9f7e83b7076acd749423ca875f77d8f4244897fec31f0a8bfbd24450
SHA512

26e6c1e3206237d8d615163827e7369d432c42acd0b79410d61f2c2809f1afce35698562009bbf5873bb890135fb9ad84b537637364f5f2bb18f8202945cf508
SSDEEP

6144:62AohOTYxYLH4YoJ9CjyCXpAk3hffDz584Spl/5D/ZlAxKjS7i:627bY4912fDz5IZwa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0f1632f362d2c50c5148ab950aa7715

Files

a0f1632f362d2c50c5148ab950aa7715
.dll windows:6 windows x64 arch:x64

71174f6c3cf36cba8c6b0cef6b3549a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\GitLab-Runner\builds\651dcee5\0\BC\public\linphone-sdk\build-desktop\WORK\uwp-x64\Build\turbojpeg\RelWithDebInfo\jpeg62.pdb

Imports

vcruntime140_app

memcpy
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-stdio-l1-1-0

fread
fwrite
fflush
ferror
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_cexit
_seh_filter_dll
_initialize_onexit_table
_configure_narrow_argv
_initterm_e
_initterm
exit

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

Exports

Exports

jcopy_block_row
jcopy_sample_rows
jdiv_round_up
jinit_1pass_quantizer
jinit_2pass_quantizer
jinit_c_coef_controller
jinit_c_main_controller
jinit_c_master_control
jinit_c_prep_controller
jinit_color_converter
jinit_color_deconverter
jinit_compress_master
jinit_d_coef_controller
jinit_d_main_controller
jinit_d_post_controller
jinit_downsampler
jinit_forward_dct
jinit_huff_decoder
jinit_huff_encoder
jinit_input_controller
jinit_inverse_dct
jinit_marker_reader
jinit_marker_writer
jinit_master_decompress
jinit_memory_mgr
jinit_merged_upsampler
jinit_phuff_decoder
jinit_phuff_encoder
jinit_upsampler
jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_abort
jpeg_abort_compress
jpeg_abort_decompress
jpeg_add_quant_table
jpeg_alloc_huff_table
jpeg_alloc_quant_table
jpeg_calc_output_dimensions
jpeg_consume_input
jpeg_copy_critical_parameters
jpeg_crop_scanline
jpeg_default_colorspace
jpeg_destroy
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_fdct_float
jpeg_fdct_ifast
jpeg_fdct_islow
jpeg_fill_bit_buffer
jpeg_finish_compress
jpeg_finish_decompress
jpeg_finish_output
jpeg_free_large
jpeg_free_small
jpeg_gen_optimal_table
jpeg_get_large
jpeg_get_small
jpeg_has_multiple_scans
jpeg_huff_decode
jpeg_idct_1x1
jpeg_idct_2x2
jpeg_idct_4x4
jpeg_idct_float
jpeg_idct_ifast
jpeg_idct_islow
jpeg_input_complete
jpeg_make_c_derived_tbl
jpeg_make_d_derived_tbl
jpeg_mem_available
jpeg_mem_dest
jpeg_mem_init
jpeg_mem_src
jpeg_mem_term
jpeg_new_colormap
jpeg_open_backing_store
jpeg_quality_scaling
jpeg_read_coefficients
jpeg_read_header
jpeg_read_icc_profile
jpeg_read_raw_data
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_save_markers
jpeg_set_colorspace
jpeg_set_defaults
jpeg_set_linear_quality
jpeg_set_marker_processor
jpeg_set_quality
jpeg_simple_progression
jpeg_skip_scanlines
jpeg_start_compress
jpeg_start_decompress
jpeg_start_output
jpeg_std_error
jpeg_stdio_dest
jpeg_stdio_src
jpeg_suppress_tables
jpeg_write_coefficients
jpeg_write_icc_profile
jpeg_write_m_byte
jpeg_write_m_header
jpeg_write_marker
jpeg_write_raw_data
jpeg_write_scanlines
jpeg_write_tables
jround_up
jzero_far

Sections

.text
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71174f6c3cf36cba8c6b0cef6b3549a3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140_app

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-interlocked-l1-1-0

Exports

Exports

Sections

.text Size: 285KB - Virtual size: 284KB

.rdata Size: 221KB - Virtual size: 220KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 304B

.text
Size: 285KB - Virtual size: 284KB

.rdata
Size: 221KB - Virtual size: 220KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 304B