f887e4e9928f448d6ee36dccf4bc90c3f945570163b50c806b11a3520ef008ec

Sharing

Copy URL Twitter E-mail

General

Target

f887e4e9928f448d6ee36dccf4bc90c3f945570163b50c806b11a3520ef008ec
Size

364KB
MD5

58dc49577c705be0698059f9155a26d3
SHA1

82270c78ce2c066ed1f18f88dbaf7060fa2186e7
SHA256

f887e4e9928f448d6ee36dccf4bc90c3f945570163b50c806b11a3520ef008ec
SHA512

b2074daaa732fc553fefd6e70404c9142decf87c7a894681353e2b7c9bafe89f921b81560aa1bf0558408e14b296af6769a44b65b1bc31d333ae057d396c60c7
SSDEEP

6144:k/iffN6o62MSYbE/9LyNQyDaWHjw/oe9rancvrnFvgIY6L1aKHqmElyYgWsSrX/a:siHYoxMnQ/krbH8TMnUFvTYpKKm5VWh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f887e4e9928f448d6ee36dccf4bc90c3f945570163b50c806b11a3520ef008ec

Files

f887e4e9928f448d6ee36dccf4bc90c3f945570163b50c806b11a3520ef008ec
.dll windows:6 windows x86 arch:x86

e8fde26bd778f8b61c378e64a770e253

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

BIB.pdb

Imports

kernel32

SwitchToThread
GetCurrentThreadId
CloseHandle
QueryPerformanceCounter
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetSystemTimeAsFileTime
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
SetCurrentDirectoryA
GetCurrentDirectoryA
EnterCriticalSection
LeaveCriticalSection
Sleep
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead

vcruntime140

__std_type_info_destroy_list
__RTDynamicCast
_except_handler4_common
__current_exception_context
memset
memmove
memcpy
_purecall
__std_terminate
__CxxFrameHandler3
_CxxThrowException
__current_exception

api-ms-win-crt-string-l1-1-0

strlen
strtok_s
strcmp

api-ms-win-crt-convert-l1-1-0

_ui64toa_s
_itow_s
_ltow_s
_ultow_s
_i64toa_s
_i64tow_s
_ui64tow_s
_ultoa_s
_itoa_s
_ltoa_s

api-ms-win-crt-filesystem-l1-1-0

_makepath_s
_splitpath_s

api-ms-win-crt-stdio-l1-1-0

ftell
__stdio_common_vfwprintf_s
fread
fopen
__acrt_iob_func
fflush
ferror
feof
fwrite
gets_s
__stdio_common_vfprintf_s
__stdio_common_vsnprintf_s
fseek
fclose
__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
terminate
_errno
_invalid_parameter_noinfo
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

_except1
log

api-ms-win-crt-heap-l1-1-0

free
malloc

Exports

Exports

BIBGetGetProcAddress
BIBGetVersion
BIBInitialize
BIBInitialize2
BIBInitialize3
BIBInitialize4
BIBLockSmithAssertNoLocksImpl
BIBLockSmithDeleteImpl
BIBLockSmithLockImpl
BIBLockSmithUnlockImpl
BIBTerminate

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8fde26bd778f8b61c378e64a770e253

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 253KB - Virtual size: 256KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 253KB - Virtual size: 256KB