8f18c863c6f5e33efbb7daf3853c89f8bdd387c81d8aa5804cbf324215e24d15

General

Target

8f18c863c6f5e33efbb7daf3853c89f8bdd387c81d8aa5804cbf324215e24d15
Size

1.4MB
MD5

390972b8503a6c59ed10b409725c711f
SHA1

55f1bd1ec0657987df76d46642afc615544e33f6
SHA256

8f18c863c6f5e33efbb7daf3853c89f8bdd387c81d8aa5804cbf324215e24d15
SHA512

b0a45310b7477474aea6868aea0b2d83bcb232b7aff6b4ca499cba2b7ecb1c7e752a5f3784fa86800ff4ded96e69e61df1282c34e0918c00e16e2d0bf19e46d9
SSDEEP

24576:N+nMJaNOVvaNOVPkwiZP7mEqzhJ8z0/eyOhj:eFNOVyNOVcwiZzmEq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f18c863c6f5e33efbb7daf3853c89f8bdd387c81d8aa5804cbf324215e24d15

Files

8f18c863c6f5e33efbb7daf3853c89f8bdd387c81d8aa5804cbf324215e24d15
.dll windows:6 windows x86 arch:x86

20a798ed3f6edee80a41d60462040d36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\BuildAgent\work\5167e546c25f49bc\AspireUnified\Bin\Language\ENU\Win32\Resources_ENU.pdb

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess

vcruntime140

__std_type_info_destroy_list
__current_exception
__current_exception_context
memset
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_initialize_onexit_table

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a798ed3f6edee80a41d60462040d36

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 920B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 1024B - Virtual size: 540B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 920B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 1024B - Virtual size: 540B