922ee1294c5e174e4aee4bd250636e57084b6a6880b63d9b1d70b02d08bfd2d6

General

Target

922ee1294c5e174e4aee4bd250636e57084b6a6880b63d9b1d70b02d08bfd2d6
Size

10KB
MD5

2d06afe88f15bdd4f39b3ed0be7d2b00
SHA1

b581c11664dfc0ae3f0c42b8a7fc8268d95777b1
SHA256

922ee1294c5e174e4aee4bd250636e57084b6a6880b63d9b1d70b02d08bfd2d6
SHA512

413e787f079cd14f93f762771bdfdb6f42a222cd0ec21b86fd79052b7ef5468c80506f4028c2a342a4f0caa52f407f86e0b48345effe2f2174de3cb12bddf68f
SSDEEP

192:3fUp+rrr2Wxegr5kP09jtbB1fWJmIhjOLRIoVbDcYio:3fUp+rTeERbOJmYjYRJxDF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
922ee1294c5e174e4aee4bd250636e57084b6a6880b63d9b1d70b02d08bfd2d6

Files

922ee1294c5e174e4aee4bd250636e57084b6a6880b63d9b1d70b02d08bfd2d6
.dll windows:6 windows x86 arch:x86

1cf7f80920a005cd3424a5a2474e77db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\工作资料\EP40\E2E_EP40_CDCS\new\e2e_dll_demo\E2EDemo\bin\Release\E2EDemo.pdb

Imports

vcruntime140

memset
memcpy
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

DisableThreadLibraryCalls
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

Exports

Exports

E2E_Calculate

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cf7f80920a005cd3424a5a2474e77db

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 908B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 336B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 908B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 336B