266cade310c9df68eafb894f4b6fcf1f62e33f907d265c7a4b3766598a441718

Sharing

Copy URL

Twitter E-mail

General

Target

266cade310c9df68eafb894f4b6fcf1f62e33f907d265c7a4b3766598a441718
Size

809KB
MD5

837e2ef150bb66aabc99d8118bb02226
SHA1

a78e8dbcd52f0085c38aaebeaaa25e1d2ce71bb2
SHA256

266cade310c9df68eafb894f4b6fcf1f62e33f907d265c7a4b3766598a441718
SHA512

e6b13d4c7cf8582bf1ac6a6045886e37bed654d70bae3b43d61ca9a021f5bf32ad5c2d57435c0296909daec9e1592f03083652c9a56994c9db1947df3f338036
SSDEEP

12288:B3Ik7UMS7vmZkmnagVHorBfXZ3zr4ubKOkMM+3BtxJZkz2ALE9vi24PUswE:N9LSLmZkUorBlzxAiB7JZkCOOviv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266cade310c9df68eafb894f4b6fcf1f62e33f907d265c7a4b3766598a441718

Files

266cade310c9df68eafb894f4b6fcf1f62e33f907d265c7a4b3766598a441718
.dll windows:6 windows x86 arch:x86

33098cc4824dad351dd20e90314631d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Cef3_模块\新版本_CEF3\CEF3_4183易\Cef3-Library\libtransfer.pdb

Imports

libcef

cef_parse_json
cef_write_json
cef_api_hash
cef_value_create
cef_process_message_create
cef_v8context_get_current_context
cef_v8context_get_entered_context
cef_v8value_create_bool
cef_v8value_create_int
cef_v8value_create_double
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_array
cef_v8value_create_function
cef_waitable_event_create
cef_cookie_manager_get_global_manager
cef_list_value_create
cef_post_data_create
cef_post_data_element_create
cef_string_multimap_alloc
cef_string_multimap_free
cef_server_create
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_map_alloc
cef_string_map_free
cef_zip_reader_create
cef_enable_highdpi_support
cef_shutdown
cef_initialize
cef_execute_process
cef_register_extension
cef_post_task
cef_currently_on
cef_browser_host_create_browser_sync
cef_browser_host_create_browser
cef_request_context_create_context
cef_stream_reader_create_for_handler
cef_stream_reader_create_for_data
cef_dictionary_value_create
cef_string_list_free
cef_string_list_alloc
cef_string_userfree_utf16_free
cef_log
cef_string_wide_to_utf8
cef_string_utf16_to_utf8
cef_string_utf16_cmp
cef_string_utf8_clear
cef_string_ascii_to_utf16
cef_string_utf8_to_utf16
cef_string_utf16_clear
cef_string_utf16_set

shlwapi

PathMatchSpecW

user32

GetCursorPos
SetParent
GetParent
WindowFromPoint
VkKeyScanA
MapVirtualKeyW
MoveWindow
MessageBoxA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
ShowWindow
ClientToScreen
SetWindowPos
GetSystemMetrics
GetClientRect
GetWindowRect

dbghelp

MiniDumpWriteDump

ws2_32

socket
WSAGetLastError
getaddrinfo
freeaddrinfo
htons
inet_addr
setsockopt
closesocket
connect
ioctlsocket
recv
select
send

kernel32

HeapSize
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
ExitThread
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
CreateFileW
CloseHandle
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetModuleHandleW
VirtualProtectEx
GlobalAlloc
GlobalUnlock
GlobalLock
FormatMessageW
GetLastError
Sleep
HeapAlloc
HeapFree
GetProcessHeap
MultiByteToWideChar
WideCharToMultiByte
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread
EncodePointer
DecodePointer
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
QueryPerformanceCounter
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
SetEvent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList

Exports

Exports

CharRelease
InitializationCef3
addEClass
iscall

Sections

.text
Size: 618KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33098cc4824dad351dd20e90314631d5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcef

shlwapi

user32

dbghelp

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 618KB - Virtual size: 617KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 840B

.reloc Size: 37KB - Virtual size: 36KB

.text
Size: 618KB - Virtual size: 617KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 37KB - Virtual size: 36KB