976b7b17f2663fee38d4c4b1c251269f862785b17343f34479732bf9ddd29657

General

Target

976b7b17f2663fee38d4c4b1c251269f862785b17343f34479732bf9ddd29657
Size

12KB
MD5

69eab91a34647d8ef0ff0152391160f2
SHA1

752b16c7159b9706ac0a1c872de2e44c568a6f04
SHA256

976b7b17f2663fee38d4c4b1c251269f862785b17343f34479732bf9ddd29657
SHA512

dcb3c3f037440d2fea97eba41220e023c1a9b7e7d7d79e667266785bd74ae8d0df5fea356565df58f19ce71e1c69260ea07552fb5008df2399c03fed84dfca99
SSDEEP

192:6no3Yz7C6Tn7/vo5yKycd+UgG+ikw65xUuMXS4KfegaeKaMQ03X7Z6CkpbbpguT8:6QKCMv2RP+liXSGeMdrZ69/p58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976b7b17f2663fee38d4c4b1c251269f862785b17343f34479732bf9ddd29657

Files

976b7b17f2663fee38d4c4b1c251269f862785b17343f34479732bf9ddd29657
.dll windows:4 windows x86 arch:x86

5ca78c03fb5923ac682e2dd084a26113

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\diego\home\luasocket-2.0.2\src\mime.pdb

Imports

lua5.1

luaL_openlib
lua_rawset
luaL_checkinteger
lua_tolstring
lua_pushlstring
luaL_addlstring
luaL_checknumber
luaL_optlstring
luaL_optnumber
lua_pushstring
lua_pushnil
luaL_buffinit
luaL_addstring
luaL_prepbuffer
luaL_pushresult
lua_pushnumber

msvcr80

_except_handler4_common
_onexit
memset
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

luaopen_mime_core

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ca78c03fb5923ac682e2dd084a26113

Headers

File Characteristics

PDB Paths

Imports

lua5.1

msvcr80

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 1024B - Virtual size: 542B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 1024B - Virtual size: 542B