9444904455f16320b8be56702e538d3beacf5bb3c3cf8198bd7c0d96eb11f424

Sharing

Copy URL Twitter E-mail

General

Target

9444904455f16320b8be56702e538d3beacf5bb3c3cf8198bd7c0d96eb11f424
Size

30KB
MD5

d21e299eb82d62bce0f0955accc5a21b
SHA1

71e395ebcff6898c35815a31ba59d86ee8af2f04
SHA256

9444904455f16320b8be56702e538d3beacf5bb3c3cf8198bd7c0d96eb11f424
SHA512

0630260ca0842f05243f55c02da09631264b23a2f2bbcbd1da092c92665054a92ccf00e3e6d263cdee0f8da0af2776e0986ad82095f8a7b450c1578b5e3aef93
SSDEEP

384:N2S1GiRgh4Np+japMBaS2sUAwdL6PpJSomGedd1s2In7gRVzjAIn/+f:NpTRgONpCSg3WndLSjmGeG2IsLFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9444904455f16320b8be56702e538d3beacf5bb3c3cf8198bd7c0d96eb11f424

Files

9444904455f16320b8be56702e538d3beacf5bb3c3cf8198bd7c0d96eb11f424
.dll windows:6 windows x64 arch:x64

174a342ffdcfc4d49261a2ec136b4293

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\runner\builds\gstreamer\cerbero\cerbero-build\sources\msvc_x86_64\cairo-1.18.0\_builddir\util\cairo-gobject\cairo-gobject-2.pdb

Imports

cairo-2

cairo_scaled_font_destroy
cairo_scaled_font_reference
cairo_font_face_destroy
cairo_font_face_reference
cairo_font_options_destroy
cairo_font_options_copy
cairo_reference
cairo_destroy
cairo_device_reference
cairo_device_destroy
cairo_region_destroy
cairo_region_reference
cairo_pattern_destroy
cairo_pattern_reference
cairo_surface_destroy
cairo_surface_reference

glib-2.0-0

g_intern_static_string
g_once_init_enter
g_once_init_leave
g_free
g_memdup2

gobject-2.0-0

g_boxed_type_register_static
g_enum_register_static

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__current_exception_context
__current_exception
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
terminate
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm
_initterm_e
_seh_filter_dll

kernel32

InitializeSListHead
GetCurrentProcessId
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter

Exports

Exports

cairo_gobject_antialias_get_type
cairo_gobject_content_get_type
cairo_gobject_context_get_type
cairo_gobject_device_get_type
cairo_gobject_device_type_get_type
cairo_gobject_extend_get_type
cairo_gobject_fill_rule_get_type
cairo_gobject_filter_get_type
cairo_gobject_font_face_get_type
cairo_gobject_font_options_get_type
cairo_gobject_font_slant_get_type
cairo_gobject_font_type_get_type
cairo_gobject_font_weight_get_type
cairo_gobject_format_get_type
cairo_gobject_glyph_get_type
cairo_gobject_hint_metrics_get_type
cairo_gobject_hint_style_get_type
cairo_gobject_line_cap_get_type
cairo_gobject_line_join_get_type
cairo_gobject_matrix_get_type
cairo_gobject_operator_get_type
cairo_gobject_path_data_type_get_type
cairo_gobject_pattern_get_type
cairo_gobject_pattern_type_get_type
cairo_gobject_rectangle_get_type
cairo_gobject_rectangle_int_get_type
cairo_gobject_region_get_type
cairo_gobject_region_overlap_get_type
cairo_gobject_scaled_font_get_type
cairo_gobject_status_get_type
cairo_gobject_subpixel_order_get_type
cairo_gobject_surface_get_type
cairo_gobject_surface_type_get_type
cairo_gobject_text_cluster_flags_get_type
cairo_gobject_text_cluster_get_type

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

174a342ffdcfc4d49261a2ec136b4293

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cairo-2

glib-2.0-0

gobject-2.0-0

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 600B

.pdata Size: 1024B - Virtual size: 960B

.reloc Size: 1024B - Virtual size: 740B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 600B

.pdata
Size: 1024B - Virtual size: 960B

.reloc
Size: 1024B - Virtual size: 740B