7d8875bd62a993ca7166187525f44f61064c06cac25dd7f92fb09c188abc7952

Sharing

Copy URL Twitter E-mail

General

Target

7d8875bd62a993ca7166187525f44f61064c06cac25dd7f92fb09c188abc7952
Size

287KB
MD5

810acaa4becde3a3d9252cd625b3f753
SHA1

11afa7c289155298cf029c8cd402be296b15b9ea
SHA256

7d8875bd62a993ca7166187525f44f61064c06cac25dd7f92fb09c188abc7952
SHA512

0e3c24ff56e6aed6ff8dd6863ceb9b1e734643cefc7867552ef2aa4b428bc83e470fae85be06fe87c9c62d470290b9f3ea0b4b7fd2d4c3a4f484d5e03d008f9c
SSDEEP

6144:jQR3Q8PnT4JbebBRc5v7F4yh5YFAsHbguTsok:jQR3vPnT8b8Bsvx4yhBsHb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d8875bd62a993ca7166187525f44f61064c06cac25dd7f92fb09c188abc7952

Files

7d8875bd62a993ca7166187525f44f61064c06cac25dd7f92fb09c188abc7952
.dll windows:6 windows x86 arch:x86

343af899df052d5de69e9afcbe407af2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\core-yapd\std\20200327_ver3122331_release\src\driver\ui\mono\configimage\dll\colorbalance\objfre_wlh_x86\i386\colorbalance.pdb

Imports

msvcrt

_amsg_exit
_unlock
__dllonexit
_initterm
isalnum
??1type_info@@UAE@XZ
_except_handler4_common
free
_XcptFilter
memset
isdigit
abort
isspace
tolower
__mb_cur_max
__crtLCMapStringW
__crtGetStringTypeW
setlocale
___mb_cur_max_func
_errno
___lc_handle_func
___lc_codepage_func
isupper
__pctype_func
__crtLCMapStringA
malloc
_callnewh
_strtoui64
_strtoi64
memchr
localeconv
_onexit
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
_purecall
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
memcpy_s
memmove_s
_lock
__CxxFrameHandler3
strcspn
sprintf_s
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
islower
__uncaught_exception

user32

LoadBitmapW

kernel32

DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
OutputDebugStringA
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
Sleep
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte

gdi32

GetPixel
SetPixel
CreateCompatibleDC
SelectObject
GetCurrentObject
GetObjectW
DeleteDC
DeleteObject
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateCompatibleBitmap

Exports

Exports

DllMain
RCI_CreateObject
RCI_PaintImage
RCI_ReleaseObject

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

343af899df052d5de69e9afcbe407af2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 102KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 103KB - Virtual size: 102KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 6KB - Virtual size: 5KB