0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67

Sharing

Copy URL

Twitter E-mail

General

Target

0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
Size

4.8MB
MD5

3b601a644b9f3fe82d0ce2da002f4a7d
SHA1

22ceb199841ae0759b74e62f9f9db200a776c6e5
SHA256

0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
SHA512

845df695c045b3614aee7f5876d3aa0da698c98c467de635929d7b121f3c0fcd4bb203c81e5b4c5a25f37c5ce8f3c705fd456462074f069956ebd8be3979c48f
SSDEEP

98304:b8bygsJjVRtlTP+QlbDl8VducCputYYnDEsBgW:b8GPZ0tNnZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67

Files

0e882de5af6d5910d5ebdd98eb7577a13c7a24e0c277631a9405e020c302cf67
.dll windows:4 windows x86 arch:x86

47b4a80c01fca1124b4b9561ceb44867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\jk_9\workspace\Module_NetSdk_W_Android_package\code_path\Main\Bin\Release(PDB)\configsdk.pdb

Imports

ws2_32

ntohs

kernel32

EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
GetLastError
CopyFileA
Sleep
CloseHandle
CreateEventA
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
GetTickCount
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
LoadLibraryExA
GetProcAddress
FreeLibrary
OutputDebugStringA
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
GetThreadTimes
GetCurrentThread
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitThread
CreateThread
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
DeleteCriticalSection
LCMapStringW
GetFileAttributesA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FatalAppExitA
SetFilePointer
ReadFile
VirtualAlloc
HeapReAlloc
SetConsoleCtrlHandler
LoadLibraryW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
CreateDirectoryA
LCMapStringA
GetCPInfo

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

Exports

Exports

CLIENT_PacketData
CLIENT_ParseAnalyzerEventData
CLIENT_ParseData
CLIENT_ParseDataByCallback
CLIENT_ParseVideoInAnalyse

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47b4a80c01fca1124b4b9561ceb44867

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 556KB - Virtual size: 555KB

.data Size: 124KB - Virtual size: 139KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 248KB - Virtual size: 247KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 556KB - Virtual size: 555KB

.data
Size: 124KB - Virtual size: 139KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 248KB - Virtual size: 247KB