d:\jk_9\workspace\Module_NetSdk_W_Android_package\code_path\Main\Bin\Release(PDB)\configsdk.pdb
Static task
static1
Behavioral task
behavioral1
Sample
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67.dll
Resource
win10v2004-20240412-en
General
-
Target
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
-
Size
4.8MB
-
MD5
3b601a644b9f3fe82d0ce2da002f4a7d
-
SHA1
22ceb199841ae0759b74e62f9f9db200a776c6e5
-
SHA256
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
-
SHA512
845df695c045b3614aee7f5876d3aa0da698c98c467de635929d7b121f3c0fcd4bb203c81e5b4c5a25f37c5ce8f3c705fd456462074f069956ebd8be3979c48f
-
SSDEEP
98304:b8bygsJjVRtlTP+QlbDl8VducCputYYnDEsBgW:b8GPZ0tNnZ/
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
Files
-
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67.dll windows:4 windows x86 arch:x86
47b4a80c01fca1124b4b9561ceb44867
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
ntohs
kernel32
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
GetLastError
CopyFileA
Sleep
CloseHandle
CreateEventA
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
GetTickCount
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
LoadLibraryExA
GetProcAddress
FreeLibrary
OutputDebugStringA
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadTimes
GetCurrentThread
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitThread
CreateThread
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
DeleteCriticalSection
LCMapStringW
GetFileAttributesA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
SetFilePointer
ReadFile
VirtualAlloc
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateDirectoryA
LCMapStringA
GetCPInfo
advapi32
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
Exports
Exports
CLIENT_PacketData
CLIENT_ParseAnalyzerEventData
CLIENT_ParseData
CLIENT_ParseDataByCallback
CLIENT_ParseVideoInAnalyse
Sections
.text Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 556KB - Virtual size: 555KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 248KB - Virtual size: 247KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ