librdkafka[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

librdkafka.dll
Size

419KB
MD5

dfdd68c67bbfcbc5e1a085ba0e4e864c
SHA1

75c3a6d34afacfbea95e2d77183fb7fc4ef1c114
SHA256

90621d18cbda2f5b9c4f528a57ab5dca21d2123d79eb68c30c000fda58f51776
SHA512

481d6744dd5505e5b6cd817a1ab878a758de050ff0d7cbd88de5257dcf11c1c153e14195f497110dad53998a5a8b35230c30910204d0bad8dd567ef8beaea9a8
SSDEEP

6144:+k3/YkeHcTmx1/88LyM6jwhuGoWSFpKAj9xpz7rP5OvPbNMfiyu6pNmJ:F/MgMCwhGWwpzJaNMF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
librdkafka.dll

Files

librdkafka.dll
.dll windows:6 windows x64 arch:x64

229e5f61ef8a7f049dc8a6b03429d828

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\Quant\kafka\librdkafka-master\win32\x64\Release\librdkafka.pdb

Imports

zlib

deflate
deflateEnd
deflateBound
deflateInit2_
crc32
inflateInit2_
inflate
inflateEnd
inflateGetHeader

kernel32

RtlVirtualUnwind
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
FormatMessageA
InitializeSRWLock
GetCurrentThreadId
Sleep
GetTickCount64
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
SystemTimeToFileTime
GetSystemTime
EnterCriticalSection
WaitForMultipleObjects
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
ReleaseMutex
CreateEventW
SetEvent
CloseHandle
CreateThread
ResetEvent
GetThreadId
DeleteCriticalSection
RtlLookupFunctionEntry
RtlCaptureContext
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId

ws2_32

closesocket
WSAStartup
send
connect
recv
WSAPoll
getnameinfo
freeaddrinfo
ioctlsocket
getaddrinfo
socket
setsockopt
WSAGetLastError
getsockopt

vcruntime140

__intrinsic_setjmp
memcpy
memcmp
memset
__std_type_info_destroy_list
__C_specific_handler
longjmp
memmove
strchr
strrchr
strstr

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
realloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fread
_write
fseek
fwrite
_fileno
_sopen_s
__stdio_common_vsprintf
fclose
fflush
_chsize_s
__stdio_common_vsnprintf_s
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

_strdup
strcmp
isspace
toupper
strncmp
strncpy
_strnicmp
_stricmp

api-ms-win-crt-runtime-l1-1-0

_errno
_cexit
_crt_atexit
_configure_narrow_argv
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
strerror_s
abort

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-utility-l1-1-0

qsort
rand
bsearch

api-ms-win-crt-convert-l1-1-0

strtoull
strtol
atoi

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

rd_kafka_assign
rd_kafka_assignment
rd_kafka_brokers_add
rd_kafka_commit
rd_kafka_commit_message
rd_kafka_commit_queue
rd_kafka_committed
rd_kafka_conf_destroy
rd_kafka_conf_dump
rd_kafka_conf_dump_free
rd_kafka_conf_dup
rd_kafka_conf_get
rd_kafka_conf_new
rd_kafka_conf_properties_show
rd_kafka_conf_set
rd_kafka_conf_set_consume_cb
rd_kafka_conf_set_default_topic_conf
rd_kafka_conf_set_dr_cb
rd_kafka_conf_set_dr_msg_cb
rd_kafka_conf_set_error_cb
rd_kafka_conf_set_events
rd_kafka_conf_set_log_cb
rd_kafka_conf_set_offset_commit_cb
rd_kafka_conf_set_opaque
rd_kafka_conf_set_rebalance_cb
rd_kafka_conf_set_socket_cb
rd_kafka_conf_set_stats_cb
rd_kafka_conf_set_throttle_cb
rd_kafka_consume
rd_kafka_consume_batch
rd_kafka_consume_batch_queue
rd_kafka_consume_callback
rd_kafka_consume_callback_queue
rd_kafka_consume_queue
rd_kafka_consume_start
rd_kafka_consume_start_queue
rd_kafka_consume_stop
rd_kafka_consumer_close
rd_kafka_consumer_poll
rd_kafka_destroy
rd_kafka_dump
rd_kafka_err2name
rd_kafka_err2str
rd_kafka_errno
rd_kafka_errno2err
rd_kafka_event_destroy
rd_kafka_event_error
rd_kafka_event_error_string
rd_kafka_event_log
rd_kafka_event_message_array
rd_kafka_event_message_count
rd_kafka_event_message_next
rd_kafka_event_name
rd_kafka_event_opaque
rd_kafka_event_topic_partition
rd_kafka_event_topic_partition_list
rd_kafka_event_type
rd_kafka_flush
rd_kafka_get_debug_contexts
rd_kafka_get_err_descs
rd_kafka_get_watermark_offsets
rd_kafka_group_list_destroy
rd_kafka_last_error
rd_kafka_list_groups
rd_kafka_log_print
rd_kafka_mem_free
rd_kafka_memberid
rd_kafka_message_destroy
rd_kafka_message_timestamp
rd_kafka_metadata
rd_kafka_metadata_destroy
rd_kafka_msg_partitioner_consistent
rd_kafka_msg_partitioner_consistent_random
rd_kafka_msg_partitioner_random
rd_kafka_name
rd_kafka_new
rd_kafka_offset_store
rd_kafka_opaque
rd_kafka_outq_len
rd_kafka_pause_partitions
rd_kafka_poll
rd_kafka_poll_set_consumer
rd_kafka_position
rd_kafka_produce
rd_kafka_produce_batch
rd_kafka_query_watermark_offsets
rd_kafka_queue_destroy
rd_kafka_queue_forward
rd_kafka_queue_get_consumer
rd_kafka_queue_get_main
rd_kafka_queue_io_event_enable
rd_kafka_queue_length
rd_kafka_queue_new
rd_kafka_queue_poll
rd_kafka_resume_partitions
rd_kafka_seek
rd_kafka_set_log_level
rd_kafka_set_logger
rd_kafka_subscribe
rd_kafka_subscription
rd_kafka_thread_cnt
rd_kafka_topic_conf_destroy
rd_kafka_topic_conf_dump
rd_kafka_topic_conf_dup
rd_kafka_topic_conf_get
rd_kafka_topic_conf_new
rd_kafka_topic_conf_set
rd_kafka_topic_conf_set_opaque
rd_kafka_topic_conf_set_partitioner_cb
rd_kafka_topic_destroy
rd_kafka_topic_name
rd_kafka_topic_new
rd_kafka_topic_opaque
rd_kafka_topic_partition_available
rd_kafka_topic_partition_destroy
rd_kafka_topic_partition_list_add
rd_kafka_topic_partition_list_add_range
rd_kafka_topic_partition_list_copy
rd_kafka_topic_partition_list_del
rd_kafka_topic_partition_list_del_by_idx
rd_kafka_topic_partition_list_destroy
rd_kafka_topic_partition_list_find
rd_kafka_topic_partition_list_new
rd_kafka_topic_partition_list_set_offset
rd_kafka_unsubscribe
rd_kafka_version
rd_kafka_version_str
rd_kafka_wait_destroyed
rd_kafka_yield

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

229e5f61ef8a7f049dc8a6b03429d828

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

zlib

kernel32

ws2_32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 282KB - Virtual size: 282KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 512B - Virtual size: 12KB

.pdata Size: 13KB - Virtual size: 12KB

.gfids Size: 512B - Virtual size: 16B

.tls Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 282KB - Virtual size: 282KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 512B - Virtual size: 12KB

.pdata
Size: 13KB - Virtual size: 12KB

.gfids
Size: 512B - Virtual size: 16B

.tls
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB