AnalyzeData[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

AnalyzeData.dll
Size

426KB
MD5

76b23ff1b76818cc186448db57ec595f
SHA1

0c93c44a8e204f145c88a216ab1702b3706d123e
SHA256

7316c70c1ba6dc73add7c0c15ce6c4cf0bc18f20e057ebebc5985ca4c27aa293
SHA512

cfa5fcbd8d6ab570c9b0b941e779432f216daed06f8ff30e400b30f51f66730f99f4880a38cf8539d39abf03e8a54c78ac739c02869946f1a7fd93a678ba8fd1
SSDEEP

6144:npHu5nZQAmoZKtRiClF8KgfNZh0YyaEMC6epXMpAOZleX:pH+nZQANZ/HfNrepMwXMp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AnalyzeData.dll

Files

AnalyzeData.dll
.dll windows:5 windows x86 arch:x86

4a46ebda75d48a64024dd3574e283ffe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\工程项目\SVN\Analyse\trunk\New_AnalyzeData\project\windows\Bin\VC60\Release\AnalyzeData.pdb

Imports

kernel32

OutputDebugStringA
IsBadReadPtr
IsBadWritePtr
SetThreadPriority
WaitForSingleObject
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateFileA
ReadFile
WriteFile
GetLastError
SetFilePointer
GetFileSize
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
ExitThread
CreateThread
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleA
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
FreeLibrary
InterlockedExchange
CreateFileW
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

HIKANA_ClearBuffer
HIKANA_CreateHandleByPath
HIKANA_CreateStreamEx
HIKANA_Destroy
HIKANA_GetLastErrorH
HIKANA_GetOnePacketEx
HIKANA_GetRemainData
HIKANA_GetVersion
HIKANA_InputData
HIKANA_RegistStreamInforCB
HIKANA_SetAnalyzeFrameType
HIKANA_SetOutputPacketType

Sections

.text
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a46ebda75d48a64024dd3574e283ffe

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 334KB - Virtual size: 333KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 40KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 334KB - Virtual size: 333KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 40KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB