8cfbb31626cf1ca8f401080235930cd3406d18bd5c027ec4e98ddb3be2b97ab7

Sharing

Copy URL Twitter E-mail

General

Target

8cfbb31626cf1ca8f401080235930cd3406d18bd5c027ec4e98ddb3be2b97ab7
Size

414KB
MD5

4b924369b381461be367becd00412df8
SHA1

f4543133b9b01daa2082d764baa805f3962ee051
SHA256

8cfbb31626cf1ca8f401080235930cd3406d18bd5c027ec4e98ddb3be2b97ab7
SHA512

478295d988902027c5156126f1848e58a7671c51c702083e0f05a0114960fd2d24b7fab34911f088a346ebefdbf1e83cec4938e7020bc9c68b3dd829e77901b5
SSDEEP

6144:7EiSay0OE1+xZv/z85fKC4a9yD/DcdYHzykrrauS:79S10OE1+HvkfK5syjDcdsz4uS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cfbb31626cf1ca8f401080235930cd3406d18bd5c027ec4e98ddb3be2b97ab7

Files

8cfbb31626cf1ca8f401080235930cd3406d18bd5c027ec4e98ddb3be2b97ab7
.dll windows:5 windows x86 arch:x86

354d2f1c0895eacf7ce6c57f4399d7bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\ade\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u241\331\build\windows-i586\deploy\tmp\javacpl\obj\javacpl.pdb

Imports

user32

MessageBoxA
CloseDesktop
OpenInputDesktop
LoadStringA
wsprintfA
GetShellWindow
GetWindowThreadProcessId

kernel32

HeapAlloc
LoadLibraryW
CompareStringW
FlushFileBuffers
WriteConsoleW
GetProcAddress
GetModuleHandleA
InterlockedIncrement
GlobalMemoryStatusEx
GetVersionExA
VerifyVersionInfoA
VerSetConditionMask
GetCurrentProcess
GetNativeSystemInfo
CloseHandle
GlobalFree
LocalFree
GlobalAlloc
GetLastError
CreateFileA
LoadLibraryA
GetSystemDirectoryA
FreeLibrary
CreateProcessA
WaitForSingleObject
lstrlenA
GetEnvironmentVariableA
GetWindowsDirectoryA
LocalAlloc
FormatMessageA
WTSGetActiveConsoleSessionId
GetLongPathNameA
GetShortPathNameA
GetModuleFileNameA
InterlockedDecrement
GetTempPathA
GetLocalTime
OpenProcess
lstrcatA
SetEvent
OpenEventA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
InterlockedExchange
ReadFile
GetProcessHeap
SetEndOfFile
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
RtlUnwind
GetDriveTypeW
FindFirstFileExW
HeapFree
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
DecodePointer
GetCommandLineA
GetConsoleMode
EncodePointer
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
LCMapStringW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCurrentDirectoryW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetFullPathNameW
CreateFileW
InitializeCriticalSectionAndSpinCount
HeapCreate
HeapDestroy
ExitProcess
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetStartupInfoW
SetEnvironmentVariableW
SetEnvironmentVariableA
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
WriteFile
GetModuleFileNameW
HeapSize
GetStringTypeW
SetStdHandle
GetConsoleCP
HeapReAlloc

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString
VariantClear

Exports

Exports

CPlApplet
DllMain

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 262KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

354d2f1c0895eacf7ce6c57f4399d7bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 262KB - Virtual size: 264KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 262KB - Virtual size: 264KB