Overview

overview

8

Static

static

8

php7.2.34.zip

windows11-21h2-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    php7.2.34.zip

  • Size

    24.0MB

  • MD5

    561ed906f9e7b76e637db19eea4493de

  • SHA1

    32c85232f621b26ec8b67e38cd9f5999c549ee53

  • SHA256

    10997c4dbe1ad9a5b467a57c745d31261cebdd146ba6edb9160a7763dbd704e8

  • SHA512

    7e7f11aabf672c68cec5f7567113e37b4f6d46f3d61a57299d2e8a54a818e5e192669d9eeb689b93ca3f1a155eff8b7cbddd21bd4108cad28938f68e4909c43e

  • SSDEEP

    786432:lqebx6S/okbNl7CRDtrLoGIB8IGfNj8AqNf2G2bvv:lJx6J437CDsGPHqNmX

Score
8/10

Malware Config

Signatures

  • Patched UPX-packed file 1 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • Unsigned PE 62 IoCs

    Checks for missing Authenticode signature.

Files

  • php7.2.34.zip
    .zip
  • deplister.exe
    .exe windows:6 windows x64 arch:x64

    925eb04eddaa79eb767b12e66dc687ce


    Headers

    Imports

    Sections

  • dev/php7ts.lib
  • ext/php_apcu.dll
    .dll windows:6 windows x64 arch:x64

    f9f57e6884f0ad576c96a5a53ed6b7be


    Headers

    Imports

    Exports

    Sections

  • ext/php_bz2.dll
    .dll windows:6 windows x64 arch:x64

    4d069ee7856c6274490294a2c3c89332


    Headers

    Imports

    Exports

    Sections

  • ext/php_curl.dll
    .dll windows:6 windows x64 arch:x64

    0c587128b6b49743318f4cb71809505a


    Headers

    Imports

    Exports

    Sections

  • ext/php_exif.dll
    .dll windows:6 windows x64 arch:x64

    93764800fad4bc3dc7cec71e8589aa86


    Headers

    Imports

    Exports

    Sections

  • ext/php_fileinfo.dll
    .dll windows:6 windows x64 arch:x64

    c5edbb190830f381c1d91a7a6256444a


    Headers

    Imports

    Exports

    Sections

  • ext/php_ftp.dll
    .dll windows:6 windows x64 arch:x64

    3b3c48808c4de4bb4616ea209395dcbd


    Headers

    Imports

    Exports

    Sections

  • ext/php_gd2.dll
    .dll windows:6 windows x64 arch:x64

    013d01a92fd79c90a647f08f10f87c39


    Headers

    Imports

    Exports

    Sections

  • ext/php_gettext.dll
    .dll windows:6 windows x64 arch:x64

    041552180105f54b7b49d867ce8076d2


    Headers

    Imports

    Exports

    Sections

  • ext/php_gmp.dll
    .dll windows:6 windows x64 arch:x64

    24d618d8e8a8b87d74cf9bd8c0494887


    Headers

    Imports

    Exports

    Sections

  • ext/php_imagick.dll
    .dll windows:6 windows x64 arch:x64

    bea199dd8d8777986a43b8dbd0cc1bec


    Headers

    Imports

    Exports

    Sections

  • ext/php_imap.dll
    .dll windows:6 windows x64 arch:x64

    4a4ff67b01bbdaddf18d100666bc8fe5


    Headers

    Imports

    Exports

    Sections

  • ext/php_intl.dll
    .dll windows:6 windows x64 arch:x64

    fcbb8e92d97dd244a5b55f5cc0240635


    Headers

    Imports

    Exports

    Sections

  • ext/php_ldap.dll
    .dll windows:6 windows x64 arch:x64

    86c6a3ec2ab1048efa30a6b619897833


    Headers

    Imports

    Exports

    Sections

  • ext/php_mbstring.dll
    .dll windows:6 windows x64 arch:x64

    af383c80dc836a86e05b88eff70ea70f


    Headers

    Imports

    Exports

    Sections

  • ext/php_memcache.dll
    .dll windows:6 windows x64 arch:x64

    e88c64fe515692e57beccb95ccdc47f0


    Headers

    Imports

    Exports

    Sections

  • ext/php_mysqli.dll
    .dll windows:6 windows x64 arch:x64

    3695a08e2bffcd95e79c301ac04b7413


    Headers

    Imports

    Exports

    Sections

  • ext/php_oauth.dll
    .dll windows:6 windows x64 arch:x64

    364db7dd2221e4803d3dd0db6c4bdd96


    Headers

    Imports

    Exports

    Sections

  • ext/php_opcache.dll
    .dll windows:6 windows x64 arch:x64

    2018e03e72713064fc161e2d93aedd83


    Headers

    Imports

    Exports

    Sections

  • ext/php_openssl.dll
    .dll windows:6 windows x64 arch:x64

    09a07e2dc8dbd0b48ecb32f00a663de8


    Headers

    Imports

    Exports

    Sections

  • ext/php_pdo_firebird.dll
    .dll windows:6 windows x64 arch:x64

    591f3c5ab0501ef2549700d82122fc33


    Headers

    Imports

    Exports

    Sections

  • ext/php_pdo_mysql.dll
    .dll windows:6 windows x64 arch:x64

    1bc70883457d73efb745b9c690901d47


    Headers

    Imports

    Exports

    Sections

  • ext/php_pdo_odbc.dll
    .dll windows:6 windows x64 arch:x64

    bed953015b658b4b91dfe7e18dbb9ce5


    Headers

    Imports

    Exports

    Sections

  • ext/php_pdo_pgsql.dll
    .dll windows:6 windows x64 arch:x64

    8420ca39ba968eb60d85fea9d5688569


    Headers

    Imports

    Exports

    Sections

  • ext/php_pdo_sqlite.dll
    .dll windows:6 windows x64 arch:x64

    38cb0270bc915053e4fad8a94ce5dad1


    Headers

    Imports

    Exports

    Sections

  • ext/php_pgsql.dll
    .dll windows:6 windows x64 arch:x64

    18f9dd44e83e2c0019d40fc7304906e1


    Headers

    Imports

    Exports

    Sections

  • ext/php_redis.dll
    .dll windows:6 windows x64 arch:x64

    a60cc85d03af253c21c4f68022c95fe8


    Headers

    Imports

    Exports

    Sections

  • ext/php_shmop.dll
    .dll windows:6 windows x64 arch:x64

    09ddf4638be5a0c7c2e6ec2dd7a71837


    Headers

    Imports

    Exports

    Sections

  • ext/php_sodium.dll
    .dll windows:6 windows x64 arch:x64

    19f392754545bb0c0f6fa476130c1f14


    Headers

    Imports

    Exports

    Sections

  • ext/php_sqlite3.dll
    .dll windows:6 windows x64 arch:x64

    c1625c066c807df884e4b04dd2c25406


    Headers

    Imports

    Exports

    Sections

  • ext/php_tidy.dll
    .dll windows:6 windows x64 arch:x64

    3b4eed37c59df5ce776acfc9528208a5


    Headers

    Imports

    Exports

    Sections

  • ext/php_xdebug.dll
    .dll windows:6 windows x64 arch:x64

    f4ecd5ac4c0f4c750deee2419f98be23


    Headers

    Imports

    Exports

    Sections

  • glib-2.dll
    .dll windows:6 windows x64 arch:x64

    a18ef03d1a23f5092f0e0eff0762e1bf


    Headers

    Imports

    Exports

    Sections

  • gmodule-2.dll
    .dll windows:6 windows x64 arch:x64

    6645e6ea7ff4ce3e0542d8170ffe3fe4


    Headers

    Imports

    Exports

    Sections

  • icudt60.dll
    .dll windows:6 windows x86 arch:x86


    Headers

    Exports

    Sections

  • icuin60.dll
    .dll windows:6 windows x64 arch:x64

    5954113b8b3ab699fe6f946b5f05cdd9


    Headers

    Imports

    Exports

    Sections

  • icuio60.dll
    .dll windows:6 windows x64 arch:x64

    74eda715e5c2ff8d367d2077ffd25aad


    Headers

    Imports

    Exports

    Sections

  • icuuc60.dll
    .dll windows:6 windows x64 arch:x64

    69c3dc8530d4698aa7f1c54e5119631a


    Headers

    Imports

    Exports

    Sections

  • install.txt
    .wsf
  • lib/enchant/libenchant_ispell.dll
    .dll windows:6 windows x64 arch:x64

    e99eb73c2c8b2ec1f955da2ff5203262


    Headers

    Imports

    Exports

    Sections

  • lib/enchant/libenchant_myspell.dll
    .dll windows:6 windows x64 arch:x64

    1915215b749fd445c57a9e7708757570


    Headers

    Imports

    Exports

    Sections

  • libcrypto-1_1-x64.dll
    .dll windows:6 windows x64 arch:x64

    f53812aba577fc4542e3180f32603d8b


    Headers

    Imports

    Exports

    Sections

  • libpq.dll
    .dll windows:6 windows x64 arch:x64

    d562c6a9faf14cdac6ec0c60d4b9150c


    Headers

    Imports

    Exports

    Sections

  • libsasl.dll
    .dll windows:6 windows x64 arch:x64

    901edaacb08f31471f4773e404f58271


    Headers

    Imports

    Exports

    Sections

  • libsodium.dll
    .dll windows:6 windows x64 arch:x64

    38236461eace5db7409e0d03dd9a01d5


    Headers

    Imports

    Exports

    Sections

  • libssh2.dll
    .dll windows:6 windows x64 arch:x64

    ff2ba23229f19a4cb810b450b17f627f


    Headers

    Imports

    Exports

    Sections

  • libssl-1_1-x64.dll
    .dll windows:6 windows x64 arch:x64

    01107f9bf2f14d81c28a253c73ac1800


    Headers

    Imports

    Exports

    Sections

  • license.txt
  • news.txt
  • nghttp2.dll
    .dll windows:6 windows x64 arch:x64

    6bc8717070c5968adb87244135e4fe45


    Headers

    Imports

    Exports

    Sections

  • phar.phar.bat
  • pharcommand.phar
    .js
  • php-cgi.exe
    .exe windows:6 windows x64 arch:x64

    b34d1cd25683be48e4845733bc59b932


    Headers

    Imports

    Exports

    Sections

  • php.exe
    .exe windows:6 windows x64 arch:x64

    5fdef56ea896c893c1902b97e3cd211b


    Headers

    Imports

    Exports

    Sections

  • php.gif
    .gif
  • php.ini-development
  • php.ini-production
  • php7apache2_2.dll
    .dll windows:6 windows x64 arch:x64

    214cf94a74e60c99ba9a4f6c95ba5678


    Headers

    Imports

    Exports

    Sections

  • php7apache2_4.dll
    .dll windows:6 windows x64 arch:x64

    79c253fb8c624bcd496c85f5edb4d47d


    Headers

    Imports

    Exports

    Sections

  • php7ts.dll
    .dll windows:6 windows x64 arch:x64

    bf668e6f82cbd9ce0eb45edd8149b86b


    Headers

    Imports

    Exports

    Sections

  • readme-redist-bins.txt
  • sasl2/saslANONYMOUS.dll
    .dll windows:6 windows x64 arch:x64

    de0f5a04d994999d63903a23673faf91


    Headers

    Imports

    Sections

  • sasl2/saslCRAMMD5.dll
    .dll windows:6 windows x64 arch:x64

    19b6978191f01d11cffa663fa0d23e46


    Headers

    Imports

    Sections

  • sasl2/saslDIGESTMD5.dll
    .dll windows:6 windows x64 arch:x64

    0b59422a44fe9d9b6ccca3908f86cf08


    Headers

    Imports

    Sections

  • sasl2/saslLOGIN.dll
    .dll windows:6 windows x64 arch:x64

    4f30de07413c025357c8f507a443c3c4


    Headers

    Imports

    Sections

  • sasl2/saslNTLM.dll
    .dll windows:6 windows x64 arch:x64

    6e6c292271dd2e029c09ac9b8433807d


    Headers

    Imports

    Sections

  • sasl2/saslOTP.dll
    .dll windows:6 windows x64 arch:x64

    41f219f1b60c049feb8b78ec53b964c1


    Headers

    Imports

    Sections

  • sasl2/saslPLAIN.dll
    .dll windows:6 windows x64 arch:x64

    4f30de07413c025357c8f507a443c3c4


    Headers

    Imports

    Sections

  • sasl2/saslSASLDB.dll
    .dll windows:6 windows x64 arch:x64

    8c73c7bb5dec92c1857cdcb73b908eaa


    Headers

    Imports

    Exports

    Sections

  • sasl2/saslSCRAM.dll
    .dll windows:6 windows x64 arch:x64

    2a1cf650a8083d70489f8c8d2509e5e4


    Headers

    Imports

    Sections

  • sasl2/saslSQLITE.dll
    .dll windows:6 windows x64 arch:x64

    82cd517d5a63cf8819dc5c24acc24772


    Headers

    Imports

    Sections

  • snapshot.txt