22992c26be3373e4f63d2ff26542b5f7bd514547d172ac1686c79a249ac0949f

Sharing

Copy URL Twitter E-mail

General

Target

22992c26be3373e4f63d2ff26542b5f7bd514547d172ac1686c79a249ac0949f
Size

337KB
MD5

c31e846788292ba1806418041a71c597
SHA1

7bb80039233e3b781ec968013dd9d9506abcf43c
SHA256

22992c26be3373e4f63d2ff26542b5f7bd514547d172ac1686c79a249ac0949f
SHA512

678539db731447cd22ce45ee6070d6e36ca040e559ee7b6f9f74bb9a69051133b9e5998f301b40cf7ddda542dd536bc9a33ea90b2253582192539ba851dc9fa1
SSDEEP

6144:6TtM87L08L0KzqCUdAkBXYCUbrgmnVOYkQA2jFSoP2kgxw:65v7L08L0sIASJmVvkvbw2kgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22992c26be3373e4f63d2ff26542b5f7bd514547d172ac1686c79a249ac0949f

Files

22992c26be3373e4f63d2ff26542b5f7bd514547d172ac1686c79a249ac0949f
.dll windows:6 windows x86 arch:x86

4edcd6d6106398ed32511bf5ba5471b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

BIB.pdb

Imports

kernel32

SwitchToThread
GetCurrentThreadId
CloseHandle
QueryPerformanceCounter
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetSystemTimeAsFileTime
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
SetCurrentDirectoryA
GetCurrentDirectoryA
EnterCriticalSection
LeaveCriticalSection
Sleep
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetCurrentProcessId

msvcr120

_i64toa_s
_ui64toa_s
_ltoa_s
_ultoa_s
_itow_s
_ltow_s
_ultow_s
_i64tow_s
_ui64tow_s
_makepath_s
_splitpath_s
gets_s
vprintf_s
vsprintf_s
vwprintf_s
memcpy_s
memset
memmove_s
_itoa_s
qsort
log
??3@YAXPAX@Z
strlen
_purecall
__RTDynamicCast
free
malloc
fclose
feof
ferror
fflush
fopen
fread
fseek
ftell
fwrite
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_vsnprintf_s
_except1
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
strtok_s
__CxxFrameHandler3
_CxxThrowException
_hypot
strcmp

Exports

Exports

BIBGetGetProcAddress
BIBGetVersion
BIBInitialize
BIBInitialize2
BIBInitialize3
BIBInitialize4
BIBLockSmithAssertNoLocksImpl
BIBLockSmithDeleteImpl
BIBLockSmithLockImpl
BIBLockSmithUnlockImpl
BIBTerminate

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4edcd6d6106398ed32511bf5ba5471b5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr120

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 236KB - Virtual size: 236KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 236KB - Virtual size: 236KB