G:\php-sdk\lib_builds\vc9\x86\glib\build\win32\vs9\Release\glib-2.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
glib-2.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
glib-2.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
glib-2.dll
-
Size
1.0MB
-
MD5
82f913eaaee6be45850f89acd4cf506d
-
SHA1
4d8935368eb3ab9563e6ee31168bf4a9257fa0c0
-
SHA256
6866aa4b84d7f567514769d1ce67815322aaffd781821799d05d728f0d06906f
-
SHA512
56f76850efff7a12f96200001488ce2fdb940632d295e70bdf9f446d2c84c42fbcd99a7f6842cfff6e81b4932be5cd51288fa374a04f7bfc05e66cfeabe9c43c
-
SSDEEP
24576:Yjv0zOeIQthJY4fMOaM6N+E6aT28XnDdj5d0HlGzrVmPEU:Y70zOeIuhtfaVK83Ddj5d0F2Vm8U
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource glib-2.dll
Files
-
glib-2.dll.dll windows:5 windows x86 arch:x86
f80156e535c9389793ca71d42e3ffcc0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
send
getsockopt
WSACloseEvent
WSASetEvent
ioctlsocket
WSAGetLastError
WSAEnumNetworkEvents
WSAEventSelect
recv
WSACreateEvent
closesocket
kernel32
GetCurrentThreadId
CreateEventW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
InterlockedCompareExchange
InterlockedExchangeAdd
IsDebuggerPresent
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetLastError
IsDBCSLeadByteEx
GetProcAddress
IsValidCodePage
LoadLibraryA
GetCPInfoExA
GetDateFormatW
GetLocaleInfoW
GetTimeFormatW
GetTimeZoneInformation
GetThreadLocale
GetFileAttributesW
PeekNamedPipe
WaitForSingleObject
SetEvent
WriteFile
InitializeCriticalSection
ReadConsoleInputA
CreateEventA
LeaveCriticalSection
ReadFile
EnterCriticalSection
ResetEvent
PeekConsoleInputA
DeleteCriticalSection
CloseHandle
GetSystemTimeAsFileTime
GetExitCodeProcess
CreateSemaphoreA
ReleaseSemaphore
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetSystemInfo
GetCurrentProcess
GetStdHandle
GetConsoleCursorInfo
DuplicateHandle
MoveFileExW
Sleep
GetComputerNameA
GetEnvironmentVariableW
VirtualQuery
SetEnvironmentVariableW
GetEnvironmentStringsW
GetSystemDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
GetModuleHandleA
FreeEnvironmentStringsW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
GetLocaleInfoA
GetModuleHandleW
FormatMessageW
GetShortPathNameW
GetVersion
LocalFree
SleepEx
WaitForMultipleObjectsEx
InterlockedIncrement
user32
PostMessageA
MessageBoxA
MsgWaitForMultipleObjectsEx
PeekMessageA
IsWindow
advapi32
GetUserNameW
shell32
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ole32
CoTaskMemFree
msvcr90
_fdopen
_lseek
_write
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_getpid
wcscat
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
memcpy
memmove
qsort
memset
abort
_exit
strlen
strchr
atoi
strcmp
atol
_time64
strncmp
strncpy
_stricmp
_strnicmp
free
calloc
strcpy
_errno
strstr
wcslen
setlocale
_localtime64
_getcwd
malloc
_wfindfirst64i32
_findclose
_wfindnext64i32
_wfullpath
wcscmp
wcscpy
feof
memcmp
fflush
fread
ferror
fwrite
strrchr
fclose
_fstat64i32
_beginthreadex
_get_osfhandle
getenv
_kbhit
strtol
strtoul
realloc
fputs
__iob_func
strcat
exit
strerror
fprintf
vfprintf
_wspawnvp
_pipe
_wspawnve
_wspawnv
_open_osfhandle
_wspawnvpe
_wopen
_wchmod
_wmkdir
_wrmdir
_wfopen
_wstat64i32
_wremove
_wcreat
_wchdir
_waccess
_wunlink
_wutime64
_wfreopen
strtod
localeconv
tolower
isdigit
isupper
toupper
islower
strpbrk
printf
_mktime64
_gmtime64
strcoll
strxfrm
bsearch
wcschr
_wputenv
_chsize
sprintf
___mb_cur_max_func
isspace
isalnum
isalpha
strcspn
vsprintf
_snprintf
_strdup
_open
_read
_close
raise
putc
fopen
fgets
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
Exports
Exports
_g_debug_flags
_g_debug_initialized
g_access
g_allocator_free
g_allocator_new
g_array_append_vals
g_array_free
g_array_get_element_size
g_array_insert_vals
g_array_new
g_array_prepend_vals
g_array_ref
g_array_remove_index
g_array_remove_index_fast
g_array_remove_range
g_array_set_size
g_array_sized_new
g_array_sort
g_array_sort_with_data
g_array_unref
g_ascii_digit_value
g_ascii_dtostr
g_ascii_formatd
g_ascii_strcasecmp
g_ascii_strdown
g_ascii_strncasecmp
g_ascii_strtod
g_ascii_strtoll
g_ascii_strtoull
g_ascii_strup
g_ascii_table
g_ascii_tolower
g_ascii_toupper
g_ascii_xdigit_value
g_assert_warning
g_assertion_message
g_assertion_message_cmpnum
g_assertion_message_cmpstr
g_assertion_message_error
g_assertion_message_expr
g_async_queue_length
g_async_queue_length_unlocked
g_async_queue_lock
g_async_queue_new
g_async_queue_new_full
g_async_queue_pop
g_async_queue_pop_unlocked
g_async_queue_push
g_async_queue_push_sorted
g_async_queue_push_sorted_unlocked
g_async_queue_push_unlocked
g_async_queue_ref
g_async_queue_ref_unlocked
g_async_queue_sort
g_async_queue_sort_unlocked
g_async_queue_timed_pop
g_async_queue_timed_pop_unlocked
g_async_queue_try_pop
g_async_queue_try_pop_unlocked
g_async_queue_unlock
g_async_queue_unref
g_async_queue_unref_and_unlock
g_atexit
g_atomic_int_add
g_atomic_int_compare_and_exchange
g_atomic_int_exchange_and_add
g_atomic_int_get
g_atomic_int_set
g_atomic_pointer_compare_and_exchange
g_atomic_pointer_get
g_atomic_pointer_set
g_base64_decode
g_base64_decode_inplace
g_base64_decode_step
g_base64_encode
g_base64_encode_close
g_base64_encode_step
g_basename
g_bit_nth_lsf
g_bit_nth_msf
g_bit_storage
g_blow_chunks
g_bookmark_file_add_application
g_bookmark_file_add_group
g_bookmark_file_error_quark
g_bookmark_file_free
g_bookmark_file_get_added
g_bookmark_file_get_app_info
g_bookmark_file_get_applications
g_bookmark_file_get_description
g_bookmark_file_get_groups
g_bookmark_file_get_icon
g_bookmark_file_get_is_private
g_bookmark_file_get_mime_type
g_bookmark_file_get_modified
g_bookmark_file_get_size
g_bookmark_file_get_title
g_bookmark_file_get_uris
g_bookmark_file_get_visited
g_bookmark_file_has_application
g_bookmark_file_has_group
g_bookmark_file_has_item
g_bookmark_file_load_from_data
g_bookmark_file_load_from_data_dirs
g_bookmark_file_load_from_file
g_bookmark_file_move_item
g_bookmark_file_new
g_bookmark_file_remove_application
g_bookmark_file_remove_group
g_bookmark_file_remove_item
g_bookmark_file_set_added
g_bookmark_file_set_app_info
g_bookmark_file_set_description
g_bookmark_file_set_groups
g_bookmark_file_set_icon
g_bookmark_file_set_is_private
g_bookmark_file_set_mime_type
g_bookmark_file_set_modified
g_bookmark_file_set_title
g_bookmark_file_set_visited
g_bookmark_file_to_data
g_bookmark_file_to_file
g_build_filename
g_build_filenamev
g_build_path
g_build_pathv
g_byte_array_append
g_byte_array_free
g_byte_array_new
g_byte_array_prepend
g_byte_array_ref
g_byte_array_remove_index
g_byte_array_remove_index_fast
g_byte_array_remove_range
g_byte_array_set_size
g_byte_array_sized_new
g_byte_array_sort
g_byte_array_sort_with_data
g_byte_array_unref
g_cache_destroy
g_cache_insert
g_cache_key_foreach
g_cache_new
g_cache_remove
g_cache_value_foreach
g_chdir
g_checksum_copy
g_checksum_free
g_checksum_get_digest
g_checksum_get_string
g_checksum_new
g_checksum_reset
g_checksum_type_get_length
g_checksum_update
g_child_watch_add
g_child_watch_add_full
g_child_watch_funcs
g_child_watch_source_new
g_chmod
g_clear_error
g_completion_add_items
g_completion_clear_items
g_completion_complete
g_completion_complete_utf8
g_completion_free
g_completion_new
g_completion_remove_items
g_completion_set_compare
g_compute_checksum_for_data
g_compute_checksum_for_string
g_convert
g_convert_error_quark
g_convert_with_fallback
g_convert_with_iconv
g_creat
g_datalist_clear
g_datalist_foreach
g_datalist_get_flags
g_datalist_id_get_data
g_datalist_id_remove_no_notify
g_datalist_id_set_data_full
g_datalist_init
g_datalist_set_flags
g_datalist_unset_flags
g_dataset_destroy
g_dataset_foreach
g_dataset_id_get_data
g_dataset_id_remove_no_notify
g_dataset_id_set_data_full
g_date_add_days
g_date_add_months
g_date_add_years
g_date_clamp
g_date_clear
g_date_compare
g_date_days_between
g_date_free
g_date_get_day
g_date_get_day_of_year
g_date_get_days_in_month
g_date_get_iso8601_week_of_year
g_date_get_julian
g_date_get_monday_week_of_year
g_date_get_monday_weeks_in_year
g_date_get_month
g_date_get_sunday_week_of_year
g_date_get_sunday_weeks_in_year
g_date_get_weekday
g_date_get_year
g_date_is_first_of_month
g_date_is_last_of_month
g_date_is_leap_year
g_date_new
g_date_new_dmy
g_date_new_julian
g_date_order
g_date_set_day
g_date_set_dmy
g_date_set_julian
g_date_set_month
g_date_set_parse
g_date_set_time
g_date_set_time_t
g_date_set_time_val
g_date_set_year
g_date_strftime
g_date_subtract_days
g_date_subtract_months
g_date_subtract_years
g_date_to_struct_tm
g_date_valid
g_date_valid_day
g_date_valid_dmy
g_date_valid_julian
g_date_valid_month
g_date_valid_weekday
g_date_valid_year
g_dgettext
g_dir_close
g_dir_open
g_dir_open_utf8
g_dir_read_name
g_dir_read_name_utf8
g_dir_rewind
g_direct_equal
g_direct_hash
g_dngettext
g_double_equal
g_double_hash
g_dpgettext
g_dpgettext2
g_error_copy
g_error_free
g_error_matches
g_error_new
g_error_new_literal
g_error_new_valist
g_file_error_from_errno
g_file_error_quark
g_file_get_contents
g_file_get_contents_utf8
g_file_open_tmp
g_file_open_tmp_utf8
g_file_read_link
g_file_set_contents
g_file_test
g_file_test_utf8
g_filename_display_basename
g_filename_display_name
g_filename_from_uri
g_filename_from_uri_utf8
g_filename_from_utf8
g_filename_from_utf8_utf8
g_filename_to_uri
g_filename_to_uri_utf8
g_filename_to_utf8
g_filename_to_utf8_utf8
g_find_program_in_path
g_find_program_in_path_utf8
g_fopen
g_format_size_for_display
g_fprintf
g_free
g_freopen
g_get_application_name
g_get_charset
g_get_codeset
g_get_current_dir
g_get_current_dir_utf8
g_get_current_time
g_get_filename_charsets
g_get_home_dir
g_get_home_dir_utf8
g_get_host_name
g_get_language_names
g_get_prgname
g_get_real_name
g_get_real_name_utf8
g_get_system_config_dirs
g_get_system_data_dirs
g_get_tmp_dir
g_get_tmp_dir_utf8
g_get_user_cache_dir
g_get_user_config_dir
g_get_user_data_dir
g_get_user_name
g_get_user_name_utf8
g_get_user_special_dir
g_getenv
g_getenv_utf8
g_hash_table_destroy
g_hash_table_find
g_hash_table_foreach
g_hash_table_foreach_remove
g_hash_table_foreach_steal
g_hash_table_get_keys
g_hash_table_get_values
g_hash_table_insert
g_hash_table_iter_get_hash_table
g_hash_table_iter_init
g_hash_table_iter_next
g_hash_table_iter_remove
g_hash_table_iter_steal
g_hash_table_lookup
g_hash_table_lookup_extended
g_hash_table_new
g_hash_table_new_full
g_hash_table_ref
g_hash_table_remove
g_hash_table_remove_all
g_hash_table_replace
g_hash_table_size
g_hash_table_steal
g_hash_table_steal_all
g_hash_table_unref
g_hook_alloc
g_hook_compare_ids
g_hook_destroy
g_hook_destroy_link
g_hook_find
g_hook_find_data
g_hook_find_func
g_hook_find_func_data
g_hook_first_valid
g_hook_free
g_hook_get
g_hook_insert_before
g_hook_insert_sorted
g_hook_list_clear
g_hook_list_init
g_hook_list_invoke
g_hook_list_invoke_check
g_hook_list_marshal
g_hook_list_marshal_check
g_hook_next_valid
g_hook_prepend
g_hook_ref
g_hook_unref
g_hostname_is_ascii_encoded
g_hostname_is_ip_address
g_hostname_is_non_ascii
g_hostname_to_ascii
g_hostname_to_unicode
g_iconv
g_iconv_close
g_iconv_open
g_idle_add
g_idle_add_full
g_idle_funcs
g_idle_remove_by_data
g_idle_source_new
g_int64_equal
g_int64_hash
g_int_equal
g_int_hash
g_intern_static_string
g_intern_string
g_io_add_watch
g_io_add_watch_full
g_io_channel_close
g_io_channel_error_from_errno
g_io_channel_error_quark
g_io_channel_flush
g_io_channel_get_buffer_condition
g_io_channel_get_buffer_size
g_io_channel_get_buffered
g_io_channel_get_close_on_unref
g_io_channel_get_encoding
g_io_channel_get_flags
g_io_channel_get_line_term
g_io_channel_init
g_io_channel_new_file
g_io_channel_new_file_utf8
g_io_channel_read
g_io_channel_read_chars
g_io_channel_read_line
g_io_channel_read_line_string
g_io_channel_read_to_end
g_io_channel_read_unichar
g_io_channel_ref
g_io_channel_seek
g_io_channel_seek_position
g_io_channel_set_buffer_size
g_io_channel_set_buffered
g_io_channel_set_close_on_unref
g_io_channel_set_encoding
g_io_channel_set_flags
g_io_channel_set_line_term
g_io_channel_shutdown
g_io_channel_unix_get_fd
g_io_channel_unix_new
g_io_channel_unref
g_io_channel_win32_get_fd
g_io_channel_win32_make_pollfd
g_io_channel_win32_new_fd
g_io_channel_win32_new_messages
g_io_channel_win32_new_socket
g_io_channel_win32_new_stream_socket
g_io_channel_win32_poll
g_io_channel_win32_set_debug
g_io_channel_write
g_io_channel_write_chars
g_io_channel_write_unichar
g_io_create_watch
g_io_watch_funcs
g_key_file_error_quark
g_key_file_free
g_key_file_get_boolean
g_key_file_get_boolean_list
g_key_file_get_comment
g_key_file_get_double
g_key_file_get_double_list
g_key_file_get_groups
g_key_file_get_integer
g_key_file_get_integer_list
g_key_file_get_keys
g_key_file_get_locale_string
g_key_file_get_locale_string_list
g_key_file_get_start_group
g_key_file_get_string
g_key_file_get_string_list
g_key_file_get_value
g_key_file_has_group
g_key_file_has_key
g_key_file_load_from_data
g_key_file_load_from_data_dirs
g_key_file_load_from_dirs
g_key_file_load_from_file
g_key_file_new
g_key_file_remove_comment
g_key_file_remove_group
g_key_file_remove_key
g_key_file_set_boolean
g_key_file_set_boolean_list
g_key_file_set_comment
g_key_file_set_double
g_key_file_set_double_list
g_key_file_set_integer
g_key_file_set_integer_list
g_key_file_set_list_separator
g_key_file_set_locale_string
g_key_file_set_locale_string_list
g_key_file_set_string
g_key_file_set_string_list
g_key_file_set_value
g_key_file_to_data
g_list_alloc
g_list_append
g_list_concat
g_list_copy
g_list_delete_link
g_list_find
g_list_find_custom
g_list_first
g_list_foreach
g_list_free
g_list_free_1
g_list_index
g_list_insert
g_list_insert_before
g_list_insert_sorted
g_list_insert_sorted_with_data
g_list_last
g_list_length
g_list_nth
g_list_nth_data
g_list_nth_prev
g_list_pop_allocator
g_list_position
g_list_prepend
g_list_push_allocator
g_list_remove
g_list_remove_all
g_list_remove_link
g_list_reverse
g_list_sort
g_list_sort_with_data
g_listenv
g_locale_from_utf8
g_locale_to_utf8
Sections
.text Size: 569KB - Virtual size: 568KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 250KB - Virtual size: 249KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 176KB - Virtual size: 177KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ