CreateCCFileRepoManager
GetFileRepoManager
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8
-
Size
553KB
-
MD5
5351df85b375b1d55d704f36bc426a9a
-
SHA1
e637976b391a8bcc7cb7a6fc4b8affe485621a49
-
SHA256
4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8
-
SHA512
a1c03cff1587acc56e2fbba73d453163920117a584683d7b42fb60d474a877712f1020883c7503e0c17cb9f93ec5a7aa56fe875ce7211d082b4a7c0dd0a45d7c
-
SSDEEP
6144:OKDsN2TCa85/3aArq216wgrA8AVswBCRwwm:JI2TCX/3Vrq216wgrDH1RY
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8
Files
-
4d70424b0e48fffbdfaac634a612d0a04379d7f64ec3edba6790c1dfebc8bae8.dll windows:5 windows x86 arch:x86
a32581fd8e39db286a958861b16f7d0b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Imports
rtl150.bpl
@System@initialization$qqrv
@System@Finalization$qqrv
@System@LoadResString$qqrp20System@TResStringRec
@System@TInterfacedObject@_Release$qqsv
@System@TInterfacedObject@_AddRef$qqsv
@System@TInterfacedObject@QueryInterface$qqsrx5_GUIDpv
@System@TInterfacedObject@NewInstance$qqrv
@System@TInterfacedObject@BeforeDestruction$qqrv
@System@TInterfacedObject@AfterConstruction$qqrv
@System@@IntfCopy$qqrr45System@%DelphiInterface$t17System@IInterface%x45System@%DelphiInterface$t17System@IInterface%
@System@@IntfClear$qqrr45System@%DelphiInterface$t17System@IInterface%
@System@RegisterModule$qqrp17System@TLibModule
@System@@DynArrayAsg$qqrv
@System@@DynArrayClear$qqrrpvpv
@System@@DynArraySetLength$qqrv
@System@@DynArrayHigh$qqrv
@System@@DynArrayLength$qqrv
@System@@CopyRecord$qqrv
@System@@FinalizeArray$qqrpvt1ui
@System@@FinalizeRecord$qqrpvt1
@System@@InitializeRecord$qqrpvt1
@System@@UStrCopy$qqrx20System@UnicodeStringii
@System@@UStrCatN$qqrv
@System@@UStrCat3$qqrr20System@UnicodeStringx20System@UnicodeStringt2
@System@@UStrCat$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrLen$qqrx20System@UnicodeString
@System@@UStrLAsg$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrAsg$qqrr20System@UnicodeStringx20System@UnicodeString
@System@@UStrArrayClr$qqrpvi
@System@@UStrClr$qqrpv
@System@@RunError$qqruc
@System@@Halt0$qqrv
@System@@StartLib$qqrv
@System@@DoneExcept$qqrv
@System@@RaiseAgain$qqrv
@System@@RaiseExcept$qqrv
@System@@HandleFinally$qqrv
@System@@HandleOnException$qqrv
@System@@BeforeDestruction$qqrp14System@TObjectzc
@System@@AfterConstruction$qqrp14System@TObject
@System@@ClassDestroy$qqrp14System@TObject
@System@@ClassCreate$qqrp17System@TMetaClasso
@System@TObject@Dispatch$qqrpv
@System@TObject@BeforeDestruction$qqrv
@System@TObject@AfterConstruction$qqrv
@System@TObject@DefaultHandler$qqrpv
@System@TObject@ToString$qqrv
@System@TObject@SafeCallException$qqrp14System@TObjectpv
@System@@AsClass$qqrp14System@TObjectp17System@TMetaClass
@System@TObject@GetHashCode$qqrv
@System@TObject@Equals$qqrp14System@TObject
@System@TObject@Free$qqrv
@System@TObject@$bdtr$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrv
@System@TObject@ClassName$qqrv
@System@@FillChar$qqrpvic
@System@@AbstractError$qqrv
@System@ParamStr$qqri
@System@Move$qqrpxvpvi
@System@IsMemoryManagerSet$qqrv
@System@SetMemoryManager$qqrrx23System@TMemoryManagerEx
@$xp$16System@TDateTime
@$xp$24System@TInterfacedObject
@System@TInterfacedObject@
@$xp$18System@IEnumerable
@$xp$17System@IInvokable
@$xp$17System@IInterface
@$xp$14System@TObject
@System@TObject@
@$xp$13System@string
@$xp$5Int64
@$xp$8Cardinal
@$xp$7Integer
@$xp$7Boolean
@Rtlconsts@_SGenericDuplicateItem
@Rtlconsts@_SArgumentOutOfRange
@Excutils@initialization$qqrv
@Excutils@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@TEncoding@$bcdtr$qqrv
@Sysutils@TLanguages@$bcdtr$qqrv
@Sysutils@FreeAndNil$qqrpv
@Sysutils@ExcludeTrailingPathDelimiter$qqrx20System@UnicodeString
@Sysutils@IncludeTrailingPathDelimiter$qqrx20System@UnicodeString
@Sysutils@Exception@$bcdtr$qqrv
@Sysutils@Exception@$bcctr$qqrv
@Sysutils@Exception@$bctr$qqrp20System@TResStringRec
@Sysutils@Exception@$bctr$qqrx20System@UnicodeString
@Sysutils@OutOfMemoryError$qqrv
@Sysutils@ExtractFileName$qqrx20System@UnicodeString
@Sysutils@ExtractFilePath$qqrx20System@UnicodeString
@Sysutils@LastDelimiter$qqrx20System@UnicodeStringt1
@Sysutils@DeleteFile$qqrx20System@UnicodeString
@Sysutils@ForceDirectories$qqr20System@UnicodeString
@Sysutils@FileExists$qqrx20System@UnicodeStringo
@Sysutils@Trim$qqrx20System@UnicodeString
@Sysutils@SameText$qqrx20System@UnicodeStringt1
@Sysutils@TEncoding@$bcctr$qqrv
@Sysutils@EOSError@
@Sysutils@EAccessViolation@
@Sysutils@EArgumentOutOfRangeException@
@Sysutils@Exception@
@Sysutils@TLanguages@$bcctr$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TBinaryWriter@$bcdtr$qqrv
@Classes@TThread@$bcdtr$qqrv
@Classes@TThread@$bcctr$qqrv
@Classes@TFileStream@$bctr$qqrx20System@UnicodeStringus
@Classes@TStream@CopyFrom$qqrp15Classes@TStreamj
@Classes@TStringList@$bctr$qqrv
@Classes@TInterfacedPersistent@QueryInterface$qqsrx5_GUIDpv
@Classes@TInterfacedPersistent@_Release$qqsv
@Classes@TInterfacedPersistent@_AddRef$qqsv
@Classes@TInterfacedPersistent@AfterConstruction$qqrv
@Classes@TPersistent@DefineProperties$qqrp14Classes@TFiler
@Classes@TPersistent@AssignTo$qqrp19Classes@TPersistent
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Classes@TPersistent@$bdtr$qqrv
@Classes@TList@SetCapacity$qqri
@Classes@TList@Grow$qqrv
@Classes@TList@Error$qqrx20System@UnicodeStringi
@Classes@TList@Clear$qqrv
@Classes@TList@$bdtr$qqrv
@Classes@TBinaryWriter@$bcctr$qqrv
@Classes@TFileStream@
@$xp$15Classes@TStream
@$xp$19Classes@TStringList
@Classes@TStringList@
@$xp$16Classes@TStrings
@$xp$29Classes@TInterfacedPersistent
@Classes@TInterfacedPersistent@
@Classes@EListError@
@Timespan@TTimeSpan@$bcctr$qqrv
@Timespan@TTimeSpan@$bcdtr$qqrv
@Syncobjs@initialization$qqrv
@Syncobjs@Finalization$qqrv
@Generics_defaults@_LookupVtableInfo$qqr42Generics_defaults@TDefaultGenericInterfacep17Typinfo@TTypeInfoi
@Generics_collections@InCircularRange$qqriii
@$xp$44Generics_collections@TCollectionNotification
@Generics_collections@TArray@
@Rtti@initialization$qqrv
@Rtti@Finalization$qqrv
@Dateutils@TTimeZone@$bcdtr$qqrv
@Dateutils@TTimeZone@$bcctr$qqrv
@Ioutils@initialization$qqrv
@Ioutils@Finalization$qqrv
@Ioutils@TPath@IsRelativePath$qqrx20System@UnicodeString
@Ioutils@TPath@$bcctr$qqrv
@Ioutils@TPath@Combine$qqrx20System@UnicodeStringt1
@Ioutils@TPath@$bcdtr$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Comobj@initialization$qqrv
@Comobj@Finalization$qqrv
@Comobj@TComServerObject@$bcctr$qqrv
@Comobj@CreateClassID$qqrv
@Comobj@TComServerObject@$bcdtr$qqrv
@Contnrs@TObjectList@Remove$qqrp14System@TObject
@Contnrs@TObjectList@Notify$qqrpv25Classes@TListNotification
@Contnrs@TObjectList@Insert$qqrip14System@TObject
@Contnrs@TObjectList@IndexOf$qqrp14System@TObject
@Contnrs@TObjectList@GetItem$qqri
@Contnrs@TObjectList@$bctr$qqro
@Contnrs@TObjectList@Add$qqrp14System@TObject
@Regularexpressions@initialization$qqrv
@Regularexpressions@Finalization$qqrv
kernel32
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetProcAddress
GetModuleHandleW
SetLastError
GetVersionExW
GetLastError
FreeLibrary
borlndmm
@Borlndmm@SysGetMem$qqri
acmpcore.bpl
@$xp$48Serverrequestprogressintf@IServerRequestProgress
@$xp$55Aagon_persistence_serializers_abstract@TSerializerClass
@$xp$58Aagon_persistence_serializers_abstract@TAbstractSerializer
@Acmpitemkind@initialization$qqrv
@Acmpitemkind@Finalization$qqrv
@Smartinspect@initialization$qqrv
@Smartinspect@Finalization$qqrv
@Aagonloggerinterface@initialization$qqrv
@Aagonloggerinterface@Finalization$qqrv
@$xp$33Aagonloggerinterface@IAagonLogger
@Aagondebug@initialization$qqrv
@Aagondebug@Finalization$qqrv
@Aagondebug@AagonLogger$qqrv
@Aagon_stringutils@initialization$qqrv
@Aagon_stringutils@Finalization$qqrv
@Spring_collections_base@%TEnumerableBase__1$p18Acmpdata@TAcmpData%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p18Acmpdata@TAcmpData%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$20System@UnicodeString%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$20System@UnicodeString%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$83Aagon_core_collectionupdater@%TPair__2$20System@UnicodeStringp18Acmpdata@TAcmpData%%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$83Aagon_core_collectionupdater@%TPair__2$20System@UnicodeStringp18Acmpdata@TAcmpData%%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p30Mappedproperty@TMappedProperty%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p30Mappedproperty@TMappedProperty%@$bcdtr$qqrv
@Mappedproperty@initialization$qqrv
@Mappedproperty@Finalization$qqrv
@Mappedproperty@TMappedProperty@$bcctr$qqrv
@Mappedproperty@TMappedProperty@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p15Classes@TStream%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p15Classes@TStream%@$bcdtr$qqrv
@$xp$42Streamanswerreaderintf@IStreamAnswerReader
@$xp$44Serverrequestsenderintf@IServerRequestSender
@Dcuinstalledsolutions@initialization$qqrv
@Dcuinstalledsolutions@Finalization$qqrv
@$xp$35Dcuinstalledsolutions@TACMPSolution
@Aagon_ioutils@initialization$qqrv
@Aagon_ioutils@Finalization$qqrv
@Sddebug@initialization$qqrv
@Sddebug@Finalization$qqrv
@Nativexml@initialization$qqrv
@Nativexml@Finalization$qqrv
@$xp$25Serializers@ISerializable
@$xp$23Serializers@TSerializer
@Dcucustomservercommandxmlobj@TCustomServerCommandXMLObj@Serialize$qqrp23Serializers@TSerializer
@Dcucustomservercommandxmlobj@TCustomServerCommandXMLObj@IsEncryptionAvailable$qqrv
@Dcucustomservercommandxmlobj@TCustomServerCommandXMLObj@$bdtr$qqrv
@Dcucustomservercommandxmlobj@TCustomServerCommandXMLObj@Deserialize$qqrp23Serializers@TSerializer
@Dcucustomservercommandxmlobj@TCustomServerCommandXMLObj@AddBinaryReference$qqrpx15Classes@TStream
@Dcuservercommandxmlrequest@TServerCommandXMLRequest@$bctr$qqrv
@$xp$51Dcuservercommandxmlrequest@TServerCommandXMLRequest
@Dcuservercommandxmlrequest@TServerCommandXMLRequest@
@Dcuservercommandxmlanswer@TServerCommandXMLAnswer@$bctr$qqrv
@$xp$49Dcuservercommandxmlanswer@TServerCommandXMLAnswer
@Dcuservercommandxmlanswer@TServerCommandXMLAnswer@
@Basebuffercollection@TBaseBufferCollection@$bctr$qqrv
@Basebuffercollection@TBaseBufferCollection@$bdtr$qqrv
@$xp$47Basebuffercollection@TBaseBufferCollectionClass
@$xp$42Basebuffercollection@TBaseBufferCollection
@Basebuffercollection@TBaseBufferCollection@
@$xp$61Dcuactionindependentrequestdata@TActionIndependentRequestData
@Simplexmlserializer@TSimpleXmlSerializer@$bctr$qqr52System@%DelphiInterface$t24Xmlreaderintf@IXmlReader%52System@%DelphiInterface$t24Xmlwriterintf@IXmlWriter%
@Simplexmlserializer@TSimpleXmlSerializer@
@Xmlconsts@initialization$qqrv
@Xmlconsts@Finalization$qqrv
@Xmlreader@TXmlReader@$bctr$qqrp15Classes@TStream
@Xmlreader@TXmlReader@
@Xmlwriter@TXmlWriter@$bctr$qqrp15Classes@TStream
@Xmlwriter@TXmlWriter@
@Interfacedclasses@TInterfacedObjectList@QueryInterface$qqsrx5_GUIDpv
@Interfacedclasses@TInterfacedObjectList@NewInstance$qqrv
@Interfacedclasses@TInterfacedObjectList@BeforeDestruction$qqrv
@Interfacedclasses@TInterfacedObjectList@AfterConstruction$qqrv
@Interfacedclasses@TInterfacedObjectList@_Release$qqsv
@Interfacedclasses@TInterfacedObjectList@_AddRef$qqsv
@$xp$39Interfacedclasses@TInterfacedObjectList
@Interfacedclasses@TInterfacedObjectList@
@Acmpexceptions@EInvalidParameter@
@Tempfilestream@TTempFileStream@CloseAndMoveTo$qqrx20System@UnicodeString
spring.base.delphixe.bpl
@Spring_valueconverters@initialization$qqrv
@Spring_valueconverters@Finalization$qqrv
@Spring_valueconverters@TValueConverterFactory@$bcdtr$qqrv
@Spring_valueconverters@TValueConverterFactory@$bcctr$qqrv
@Spring@initialization$qqrv
@Spring@Finalization$qqrv
@Spring@TType@$bcdtr$qqrv
@Spring@TType@$bcctr$qqrv
@Spring@TActivator@$bcdtr$qqrv
@Spring@TActivator@$bcctr$qqrv
@Spring@TWeakReference@$bcdtr$qqrv
@Spring@TWeakReference@$bcctr$qqrv
@Spring@TFieldTable@$bcdtr$qqrv
@Spring@TFieldTable@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$i%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$i%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$45System@%DelphiInterface$t17System@IInterface%%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p14System@TObject%@$bcdtr$qqrv
@Spring_collections_base@%TEnumerableBase__1$45System@%DelphiInterface$t17System@IInterface%%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p14System@TObject%@$bcctr$qqrv
@Spring_collections_lists@initialization$qqrv
@Spring_collections_lists@Finalization$qqrv
@Spring_collections_base@%TEnumerableBase__1$p23Classes@TCollectionItem%@$bcctr$qqrv
@Spring_collections_base@%TEnumerableBase__1$p23Classes@TCollectionItem%@$bcdtr$qqrv
@Spring_collections@initialization$qqrv
@Spring_collections@Finalization$qqrv
@Spring_collections@TStringComparer@$bcdtr$qqrv
@Spring_collections@TStringComparer@$bcctr$qqrv
vcl150.bpl
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
dbrtl150.bpl
@Sqltimst@initialization$qqrv
@Sqltimst@Finalization$qqrv
@Fmtbcd@initialization$qqrv
@Fmtbcd@Finalization$qqrv
@Db@initialization$qqrv
@Db@Finalization$qqrv
vclimg150.bpl
@Jpeg@initialization$qqrv
@Jpeg@Finalization$qqrv
jcl150.bpl
@Jclbase@initialization$qqrv
@Jclbase@Finalization$qqrv
@Jclcharsets@initialization$qqrv
@Jclcharsets@Finalization$qqrv
@Snmp@initialization$qqrv
@Snmp@Finalization$qqrv
@Jclsysinfo@initialization$qqrv
@Jclsysinfo@Finalization$qqrv
@Jclshell@initialization$qqrv
@Jclshell@Finalization$qqrv
@Jclfileutils@initialization$qqrv
@Jclfileutils@Finalization$qqrv
@Jclfileutils@ForceDirectories$qqr20System@UnicodeString
@Jclfileutils@FileExists$qqrx20System@UnicodeString
@Jclfileutils@DirectoryExists$qqrx20System@UnicodeString
@Jclfileutils@PathIsAbsolute$qqrx20System@UnicodeString
@Jclsysutils@initialization$qqrv
@Jclsysutils@Finalization$qqrv
@Jclunicode@initialization$qqrv
@Jclunicode@Finalization$qqrv
@Jclregistry@initialization$qqrv
@Jclregistry@Finalization$qqrv
@Jclmath@initialization$qqrv
@Jclmath@Finalization$qqrv
@Jclansistrings@initialization$qqrv
@Jclansistrings@Finalization$qqrv
@Jclstrings@initialization$qqrv
@Jclstrings@Finalization$qqrv
dsharp.core.delphixe.bpl
@Rttipatch@initialization$qqrv
@Rttipatch@Finalization$qqrv
@Dsharp_core_framework@TFramework@$bcctr$qqrv
@Dsharp_core_framework@TFramework@$bcdtr$qqrv
@Dsharp_core_dependencyproperty@TDependencyProperty@$bcdtr$qqrv
@Dsharp_core_dependencyproperty@TDependencyProperty@$bcctr$qqrv
@Dsharp_core_reflection@initialization$qqrv
@Dsharp_core_reflection@Finalization$qqrv
@Dsharp_core_reflection@TRttiDependencyProperty@$bcctr$qqrv
@Dsharp_core_reflection@TRttiPropertyExtension@$bcdtr$qqrv
@Dsharp_core_reflection@TRttiPropertyExtension@$bcctr$qqrv
@Dsharp_core_reflection@TRttiDependencyProperty@$bcdtr$qqrv
compr
StoreDir
ExtractFile
Exports
Exports
Sections
.text Size: 94KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 1024B - Virtual size: 856B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 56B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 129B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 425KB - Virtual size: 425KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ