8a597d69f0d9c434ccc1e698f79735c7eceb6c5381b7338bae0588b4a5cfe4e7

Sharing

Copy URL Twitter E-mail

General

Target

8a597d69f0d9c434ccc1e698f79735c7eceb6c5381b7338bae0588b4a5cfe4e7
Size

445KB
MD5

d166612a2468eb7f89dc49a72296b383
SHA1

91a88e6db71cedacb1b9de315baf2bd309641a53
SHA256

8a597d69f0d9c434ccc1e698f79735c7eceb6c5381b7338bae0588b4a5cfe4e7
SHA512

30f138cb36ade6b22b1ddace5ded9809812d185c109d6e58b5d526d11625576eca83ce6ef0f09f73c526955d0ecd2e0eb91b83c20ba4d704c2434191045c7c21
SSDEEP

12288:egWC4R8CLPXISEJ3vU5Km5BKTMZlgi1ix7KCD7bfBQ+:kH8CLfKJlmvKOgL7KCHBQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a597d69f0d9c434ccc1e698f79735c7eceb6c5381b7338bae0588b4a5cfe4e7

Files

8a597d69f0d9c434ccc1e698f79735c7eceb6c5381b7338bae0588b4a5cfe4e7
.dll windows:6 windows x86 arch:x86

33ab52c1af9d1e62b730d53fedef2287

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u281\880\build\windows-i586\deploy\tmp\javacpl\obj\javacpl.pdb

Imports

user32

OpenInputDesktop
CloseDesktop
GetShellWindow
MessageBoxA
LoadStringA
GetWindowThreadProcessId
wsprintfA

kernel32

RtlUnwind
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleCP
WriteFile
LoadLibraryExA
VirtualQuery
VirtualProtect
VerSetConditionMask
GetEnvironmentVariableA
CreateFileA
GetLongPathNameA
GetTempPathA
DecodePointer
CloseHandle
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
GetCurrentProcess
CreateProcessA
OpenProcess
GlobalMemoryStatusEx
GetLocalTime
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetNativeSystemInfo
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
GlobalAlloc
GlobalFree
LocalAlloc
LocalFree
GetShortPathNameA
FormatMessageA
lstrlenA
VerifyVersionInfoA
WTSGetActiveConsoleSessionId
SetEvent
OpenEventA
lstrcatA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
GetSystemInfo
WriteConsoleW
ReadConsoleW
GetStringTypeW
GetProcessHeap
FreeEnvironmentStringsW
ReadFile
MultiByteToWideChar
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetEnvironmentStringsW
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
SetEnvironmentVariableW
GetStdHandle
GetCurrentDirectoryW
GetFullPathNameW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
SetStdHandle
HeapSize
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
SetEndOfFile

ole32

CoTaskMemFree
StringFromCLSID

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen
VariantClear

Exports

Exports

CPlApplet
DllMain

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33ab52c1af9d1e62b730d53fedef2287

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 248KB - Virtual size: 252KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 248KB - Virtual size: 252KB