414a2528c4c67ab35750caa2add9a843cca0e30617505d664774cd3a474dbaa6

Sharing

Copy URL Twitter E-mail

General

Target

414a2528c4c67ab35750caa2add9a843cca0e30617505d664774cd3a474dbaa6
Size

44KB
MD5

bddd5e8a96c29d22254042d4e9799382
SHA1

9deabf4db307e0158d949b89d52205e3fb8e8474
SHA256

414a2528c4c67ab35750caa2add9a843cca0e30617505d664774cd3a474dbaa6
SHA512

16d92e0eb21511b8e2b70a9ceaa05fbaa1d72443e4fdf12236246572e9eacb9369f731e55aa4f97c6321f773ce15f5844544570d52d700d047b12518b13c3e80
SSDEEP

768:1rbLv77dJV+HKf0sZ7IG1Bhed3U6HroEyhxotQ5Vc8Q9OABm5t:Zfv77dH+HKf0sZ7IGD+1oEANQ9OABm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
414a2528c4c67ab35750caa2add9a843cca0e30617505d664774cd3a474dbaa6

Files

414a2528c4c67ab35750caa2add9a843cca0e30617505d664774cd3a474dbaa6
.dll windows:6 windows x64 arch:x64

36e39c67b3ab391df98baf06980d49a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Ether\Develop\nheqminer-Windows\nheqminer\x64\Release\cpu_tromp_SSE2.pdb

Imports

kernel32

CloseHandle
DuplicateHandle
GetLastError
SetLastError
SetEvent
WaitForSingleObject
CreateEventA
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetThreadContext
SetThreadContext
GetSystemDirectoryA
FreeLibrary
GetProcAddress
CreateSemaphoreA
LoadLibraryA
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
DisableThreadLibraryCalls

msvcr120

_endthreadex
memset
_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit
__CppXcptFilter
_malloc_crt
_initterm
_initterm_e
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
longjmp
malloc
exit
??3@YAXPEAX@Z
_errno
??2@YAPEAX_K@Z
_amsg_exit
_purecall
qsort
calloc
free
memmove
strncat_s
_CxxThrowException
__CxxFrameHandler3
memcpy

msvcp120

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Xbad_function_call@std@@YAXXZ

Exports

Exports

??4cpu_tromp_sse2@@QEAAAEAU0@AEBU0@@Z
?getdevinfo@cpu_tromp_sse2@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getname@cpu_tromp_sse2@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?solve@cpu_tromp_sse2@@SAXPEBDI0IV?$function@$$A6A_NXZ@std@@V?$function@$$A6AXAEBV?$vector@IV?$allocator@I@std@@@std@@_KPEBE@Z@3@V?$function@$$A6AXXZ@3@AEAU1@@Z
?start@cpu_tromp_sse2@@SAXAEAU1@@Z
?stop@cpu_tromp_sse2@@SAXAEAU1@@Z

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctors
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dtors
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36e39c67b3ab391df98baf06980d49a9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr120

msvcp120

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 1KB

.ctors Size: 512B - Virtual size: 8B

.dtors Size: 512B - Virtual size: 8B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 140B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 1KB

.ctors
Size: 512B - Virtual size: 8B

.dtors
Size: 512B - Virtual size: 8B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 140B