ddcae1a053ff207eeede69b7819ab2b453190bae2fff46e4695c6f299a66a1b1

Sharing

Copy URL Twitter E-mail

General

Target

ddcae1a053ff207eeede69b7819ab2b453190bae2fff46e4695c6f299a66a1b1
Size

72KB
MD5

768d2ad5fd9a9aa46f0c7b79004d4208
SHA1

e79411ad0d87e5b63b9072a571720390810b1d53
SHA256

ddcae1a053ff207eeede69b7819ab2b453190bae2fff46e4695c6f299a66a1b1
SHA512

ebd0cf19698f32bb77e4a5b15a244b12c92c245a5548058f8ca8a1de06fc7f1a08d41d570fa834243724ae7c1ca39439fc4d46fd6536706c2bd503e08229b423
SSDEEP

768:pXOuTuQJR+RF451MIfeeJvBjK+8Hx8L0bCzOAWUtXhWL97OuM/9tEziM9GB4csXZ:pX//860RrOuMizNjcwBkpGdYIbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddcae1a053ff207eeede69b7819ab2b453190bae2fff46e4695c6f299a66a1b1

Files

ddcae1a053ff207eeede69b7819ab2b453190bae2fff46e4695c6f299a66a1b1
.dll windows:6 windows x86 arch:x86

786fe8b9e04703eafa37fb385535f885

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\JDEdwardsPPack\E920\packages\D170820FA\bin32\CDDICT.pdb

Imports

jdekrnl

_jdeSpecClose@4
_jdeSpecDelete@12
_jdeSpecFetchSingle@16
_jdeSpecFreeData@4
_jdeSpecInsert@8
_jdeSpecOpenLocal@12
_jdeSpecUpdate@8
_JDBRS_DeleteGlblTableSpecsAlias@8
_IntToMathNumeric@8
_MathDivide@24
_jdeValidateUDC@8
_MathNumericToInt@8
_jdeSpecOpenLocalIndexed@16
_JDB_SelectAll@4
_JDB_SetSequencing@16
_JDB_ClearSelection@4
_JDEGTTextFree@4
_AddGenericTextName@16
_GetAllGenericTextName@12
_jdeDDValidation@32
_jdeMemoryManagementInit@0
_MathNumericToLong@8
_GetGenericTextName@12
_jdeGetUserInfo@8
_jdeTextFree@4
_ParseNumericString@8
_FormatMathNumeric@8
_IsStringBlank@4
_JDB_ClearColBuffer@8
_MathCopy@8
_jdeCallObject@40
_JDB_InsertTable@16
_JDB_DeleteTable@24
_JDB_UpdateTable@28
_JDB_FetchMatchingKey@20
_JDB_SelectKeyedPosition@16
_StripKey@4
_JDEGTDelete@16
_AllocBuildStrFromDstmpl@16
_JDB_SetSelection@16
_JDB_CloseTable@4
_JDB_OpenTableX@40
_JDB_FetchKeyed@24
_JDB_Fetch@12
_JDB_SelectKeyed@16
_JDB_FreeBhvr@4
_JDB_InitBhvr@16
_jdeErrorSetEx@28
_jdeGetSystemDecimalSeparator@4

jdel

_jdeStrcpyFillAndTerminate@16
_jdeIsBlankOrNull@4
_jdeStripBlanks@4
_jdeCallocInternal@16
_jdeFreeInternal@4
_jdestrncmp@12
_jdeWriteLogEntry@24
jdeVWriteLogEntry
_jdeStripTrailingBlanks@4

jdeunicode

_jdeStrlen@4
_jdeStrcat@8
_jdeAtoi@4
_jdeStrcmp@8
_jdeStrcpy@8
_jdeStrncpy@12
_jdeStrchr@8
_jdeStrncmp@12
_jdeItoa@12
_jdeStrcspn@8
_jdeStrrchr@8
_jdeStrspn@8
_jdeToUnicode@16
_jdeFromUnicode@16
_jdeToupper@4

msvcr120

__crtUnhandledException
__crtTerminateProcess
_lock
_crt_debugger_hook
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
memset
_unlock
malloc

kernel32

GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

Exports

Exports

_AddChildDataItems@12
_AssignNextErrorNumber@12
_CheckForSpaces@12
_ChildRecExistCheck@12
_ClearF99101Records@12
_CompressOutBlanks@12
_DDValidation@12
_DeleteChildDataItems@12
_DeleteItemText@12
_DeleteTAMDataDict@12
_DetermineIfParentItem@12
_DuplicateRecordCheck@12
_EditForSpecialCharacters@12
_FillWorkFile@12
_FormatValueForDatabase@12
_FormatValueForDisplay@12
_GenGlbltblSpec@12
_GetDDAlphaDescription@12
_GetDDRowColumn@12
_GetDDRowColumnTranslation@12
_GetLongDataItem@12
_GetNextDDID@12
_GetObjDesc@12
_GlossaryItemDelete@12
_IsDTAIUnique@12
_LanguageTypeEdit@12
_RetrieveDDInfoFromDataSource@12
_RetrieveDataItemClassData@12
_RetrieveErrorMsgInfo@12
_RetrieveF9200InfoFromDataSource@12
_RetrieveF9202InfoFromDataSource@12
_RetrieveF9203InfoFromDataSource@12
_RetrieveF9207InfoFromDataSource@12
_RetrieveF9212InfoFromDataSource@12
_ScrubEditRules@12
_UpdateChildDataItems@12
_UpdateCompressedDescription@12
_UpdateDataDictItem@12
_UpdateDisplayDecimals@12
_UpdateF9203@12
_UpdateRelatedGlossaryTables@12
_UpdateTAMDataDict@12
_UpdateTAMGlossary@12
_UpdateTAMRowColumns@12
_ValidateDataItemClass@12
_ValidateDisplayRuleCodes@12
_ValidateLongItem@12
_VerifyDataNameLength@12

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

786fe8b9e04703eafa37fb385535f885

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jdekrnl

jdel

jdeunicode

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB