CloudNetDataIO-3[.]25[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

CloudNetDataIO-3.25.dll
Size

227KB
MD5

d97b878cf277e6fe114140834a186c2c
SHA1

e357e78939695963c47cbcaa9879e5b71bee565e
SHA256

4752e5af55585939ec0102c57d5b6f566beb7f6f7f0b15ce3a409e6024e31514
SHA512

8bd6488ec21e8fe4f0a3704b18436e6ebc454ebec76326b2deaaf9b093993c531f4fc8826958b1c90c7aaca7441635d3b3bea1e888ebbcdce38f23afb062b542
SSDEEP

6144:M5etHXXCI9q/16kQ2DpYvLITTBgcaPOlw27:M8t3XCIk/16yiLITTac/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CloudNetDataIO-3.25.dll

Files

CloudNetDataIO-3.25.dll
.dll windows:5 windows x64 arch:x64

45dfe66ec09d1fc90bf18c62c89f8b04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\WorkDir\DataPeek\DOUBLE\NEWCloudNetDataIOLv2\CloudNetDataIO\bin_R64\CloudNetDataIO.pdb

Imports

msvcr100

_onexit
?terminate@@YAXXZ
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__CppXcptFilter
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
memcpy
_stricmp
memset
memcmp
_lock
__dllonexit
_unlock
__C_specific_handler
__CxxFrameHandler3
_errno
_vsnprintf
_strnicmp
toupper
_ctime64
atol
strncmp
_vsnprintf_s
strncpy
printf
_time64
strpbrk
sprintf_s
_purecall
??_V@YAXPEAX@Z
??_U@YAPEAX_K@Z
??3@YAXPEAX@Z
free
malloc
sprintf
sscanf
??2@YAPEAX_K@Z
??0exception@std@@QEAA@AEBQEBD@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBV01@@Z
memmove
__clean_type_info_names_internal
_CxxThrowException

mfc100

ord1844
ord1906
ord2002
ord1945
ord11107
ord12927
ord6806
ord12925
ord8182
ord3535
ord3477
ord11489
ord6823
ord1709
ord13700
ord10609
ord12808
ord11099
ord6868
ord13109
ord13106
ord13111
ord13108
ord13110
ord13107
ord3288
ord396
ord11106
ord10867
ord7063
ord9145
ord10871
ord10840
ord11470
ord4458
ord4722
ord4892
ord8135
ord4700
ord4895
ord4461
ord4597
ord4445
ord6640
ord6641
ord6631
ord4595
ord7065
ord8977
ord8000
ord5871
ord3934
ord1947
ord6865
ord1266
ord876
ord6580
ord1895
ord2116
ord4555
ord13393
ord11410
ord7213
ord7286
ord893
ord13144
ord2051
ord321
ord3285
ord2014
ord2012
ord10859
ord2040
ord1914
ord2050
ord322
ord2048
ord859
ord1275
ord1463
ord5031
ord2024
ord2028
ord5554
ord1247

kernel32

GetLastError
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
LocalFree
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
CloseHandle
GetPrivateProfileIntA
GetPrivateProfileStringA
GetCurrentProcessId
CreateSemaphoreA
CreateThread
ReleaseSemaphore
TerminateThread
WaitForSingleObject
LocalAlloc
DeleteCriticalSection

ws2_32

WSAStartup
recv
send
connect
getsockopt
setsockopt
inet_addr
bind
htons
htonl
WSAGetLastError
socket
closesocket
select
accept
listen

msvcp100

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
??1_Container_base12@std@@QEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_BADOFF@std@@3_JB
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

jsonirpc

JsonBinClientRPC
JsonBinClientRPC_async
IJsonMutiResultFree
DeleteJsonICERPC
RegisterJsonICEClient2
CreateJsonICEClient
JsonBinClientPUT

libzmq

zmq_msg_close
zmq_ctx_new
zmq_ctx_shutdown
zmq_ctx_term
zmq_socket
zmq_setsockopt
zmq_connect
zmq_poll
zmq_errno
zmq_close
zmq_msg_init
zmq_msg_recv
zmq_msg_size
zmq_msg_data

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

Exports

Exports

?DelJrjNetStockIO@JrjNetDataIO@Finance@@YAXPEAVICloudNetDataIO@@@Z
?NewJrjNetStockIO@JrjNetDataIO@Finance@@YAPEAVICloudNetDataIO@@XZ

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45dfe66ec09d1fc90bf18c62c89f8b04

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100

mfc100

kernel32

ws2_32

msvcp100

jsonirpc

libzmq

rpcrt4

Exports

Exports

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB