d:\fb25\svn_prod\R2_5_0\temp\Win32\Release\ib_util\ib_util.pdb
Static task
static1
Behavioral task
behavioral1
Sample
ib_util.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ib_util.dll
Resource
win10v2004-20240508-en
General
-
Target
ib_util.dll
-
Size
7KB
-
MD5
23c495d326e5fd22154db62d2731a9a0
-
SHA1
085285578a882d168f4effc96a11b0e5b892f0e2
-
SHA256
6283b2d072e1586d31bf505418d07022f58d7c458c3c57a6ef5153215bc2f85a
-
SHA512
511a0bcc1b6007a35dd816f0712f23724150daec400859e57d9c220747e0c7c441e0252df4963e6360e30c32a9c014d4a8f668de8acd91c7d517164f34d49368
-
SSDEEP
96:n/bSRSmV+E4hW77XQUvB0OU1+daixLa/N3XN6c1bAEk7flJ1MXJ1rRB:n+RSmehWXgUdU1aaya/N3XN6MbrkGRB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ib_util.dll
Files
-
ib_util.dll.dll windows:4 windows x86 arch:x86
74d4230dc95ec6dec0a4896601f164f8
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcr80
_lock
__dllonexit
_except_handler4_common
_crt_debugger_hook
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
free
_encoded_null
_malloc_crt
_encode_pointer
_onexit
malloc
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent
Exports
Exports
ib_util_init
ib_util_malloc
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 868B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ