b8734819a3d0df06d75db985d0c046f366c1b6979a0b92d6e6eff50a7a21f50a

Sharing

Copy URL Twitter E-mail

General

Target

b8734819a3d0df06d75db985d0c046f366c1b6979a0b92d6e6eff50a7a21f50a
Size

123KB
MD5

c81f48b2dc02a138342ccd6bec906e63
SHA1

ea634eed91be5b2fe66614896b9eeb4f614bb6b5
SHA256

b8734819a3d0df06d75db985d0c046f366c1b6979a0b92d6e6eff50a7a21f50a
SHA512

7f9861827d0b93d63103c8169a99c1cee48ae3ed11049bed3ca05d34bb0bae2df05596a312928d26c4a26cd44a3ed5ef3ec8add17f5da49b5ae1615f7c3d1dc7
SSDEEP

3072:wn9WGX026rM29oTqB9fApxFNYF8RErDj07x1:FlzrRBapxGr30d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8734819a3d0df06d75db985d0c046f366c1b6979a0b92d6e6eff50a7a21f50a

Files

b8734819a3d0df06d75db985d0c046f366c1b6979a0b92d6e6eff50a7a21f50a
.dll windows:5 windows x86 arch:x86

5441175a9d4c25c50e4c629b0dc15c02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\b\build\slave\Win\build\src\out\Release\chrome_elf.dll.pdb

Imports

kernel32

LocalFree
GetVersionExW
RtlCaptureContext
CreateFileW
SetUnhandledExceptionFilter
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
CreateThread
GetCurrentThreadId
GetModuleFileNameW
FreeLibrary
LoadLibraryW
WriteFile
GetLastError
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW
SetEvent
ResetEvent
WaitForMultipleObjects
ReadProcessMemory
WriteProcessMemory
GetModuleHandleExW
VirtualProtectEx
GetCurrentProcess
CloseHandle
GetTempPathW
GetEnvironmentVariableW
GetCommandLineW
GetProcAddress
GetProcessId
GetCurrentProcessId
GetModuleHandleW
VirtualQueryEx
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
InterlockedFlushSList
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
SetLastError
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
DecodePointer
VirtualProtect

advapi32

SystemFunction036
ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCreateKeyExW
RegCloseKey

Exports

Exports

AddDllToBlacklist
GetBlacklistIndex
IsBlacklistInitialized
SignalChromeElf
SuccessfullyBlocked

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5441175a9d4c25c50e4c629b0dc15c02

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 7KB

.crthunk Size: 512B - Virtual size: 64B

.gfids Size: 512B - Virtual size: 260B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 7KB

.crthunk
Size: 512B - Virtual size: 64B

.gfids
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB