4ab7264e8ed15cb88354e30ab43b2a0fbc56f05f8c65903cd0e5d7aee99258c9

Sharing

Copy URL Twitter E-mail

General

Target

4ab7264e8ed15cb88354e30ab43b2a0fbc56f05f8c65903cd0e5d7aee99258c9
Size

23KB
MD5

9d57c616b4d681f05073781b56fdd292
SHA1

9742c00083df44cdeafe920e98f05ec1bfc34c3e
SHA256

4ab7264e8ed15cb88354e30ab43b2a0fbc56f05f8c65903cd0e5d7aee99258c9
SHA512

bb82d4257ecb13287f7b84b216f28775689e4118914a4aa7782ba1c7f2c4b646079e28616346fd53b23bc978be3c006a82c938d524d37a24ef88f2f1f3ca95ec
SSDEEP

384:PrbaVQCV49rOHBfFnFHc2fQy0Fd/kQ87c18lmcFQyy1mgoXwoqzW:PreJsrenF8eQZFd/kf7cyBnT7qzW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab7264e8ed15cb88354e30ab43b2a0fbc56f05f8c65903cd0e5d7aee99258c9

Files

4ab7264e8ed15cb88354e30ab43b2a0fbc56f05f8c65903cd0e5d7aee99258c9
.dll windows:6 windows x86 arch:x86

52015fc24776c306ffe177d28db97248

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC11\Win32\httpd-2.4.23\modules\arch\win32\Release\mod_isapi.pdb

Imports

kernel32

GetLastError
SetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
DisableThreadLibraryCalls

libhttpd

_ap_setup_client_block@8
ap_scan_script_header_err_strs_ex
_ap_add_common_vars@4
_ap_add_cgi_vars@4
ap_log_rerror_
ap_log_error_
_ap_internal_redirect@8
_ap_destroy_sub_req@4
_ap_sub_req_lookup_uri@12
_ap_get_client_block@12
_ap_get_status_line@4
_ap_allow_options@4
_ap_pass_brigade@8
_ap_hook_handler@16
_ap_hook_pre_config@16
_ap_server_root_relative@8
ap_set_int_slot
ap_set_flag_slot
_ap_should_client_block@4

libaprutil-1

_apr_bucket_transient_create@12
_apr_bucket_flush_create@4
_apr_bucket_eos_create@4
_apr_brigade_insert_file@28
_apr_brigade_destroy@4
_apr_brigade_create@8

libapr-1

_apr_palloc@8
_apr_pool_cleanup_register@16
apr_pool_cleanup_null
_apr_table_elts@4
_apr_pool_create_ex@16
_apr_table_set@12
_apr_table_setn@12
_apr_table_unset@8
_apr_time_now@0
_apr_stat@16
_apr_filepath_merge@20
_apr_file_info_get@12
_apr_thread_mutex_unlock@4
_apr_hash_set@16
_apr_hash_get@12
_apr_dso_load@12
_apr_dso_unload@4
_apr_dso_sym@12
_apr_hash_make@4
_apr_pstrdup@8
_apr_pstrndup@12
apr_pstrcat
_apr_cpystrn@12
_apr_thread_rwlock_create@8
_apr_thread_rwlock_rdlock@4
_apr_thread_rwlock_wrlock@4
_apr_thread_rwlock_unlock@4
_apr_thread_mutex_lock@4
_apr_thread_mutex_create@12
_apr_table_get@8
_apr_os_file_put@16

msvcr110

strncmp
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
isspace
isdigit
memset
memchr

Exports

Exports

isapi_module

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52015fc24776c306ffe177d28db97248

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

libhttpd

libaprutil-1

libapr-1

msvcr110

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 932B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 932B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB