30b7b11363a6a0fcbf3a1fa0c2539e280c54de23c08d42f009ebf7721cf335ea

Sharing

Copy URL Twitter E-mail

General

Target

30b7b11363a6a0fcbf3a1fa0c2539e280c54de23c08d42f009ebf7721cf335ea
Size

55KB
MD5

92305f5710ad2bb1d7c1f04b9b01cd97
SHA1

306c2cc9b1e48c2f4b1b34ebaaa8fe02a42a2535
SHA256

30b7b11363a6a0fcbf3a1fa0c2539e280c54de23c08d42f009ebf7721cf335ea
SHA512

d8cc1a892d27242ed618b84d6ccd4ec6464d688181d87202bdf94d208774a23c685b786a6b33ea51cfb190bf416a6eb3d90f991fac5d0a3e1968d86fc9853652
SSDEEP

1536:heMW/TGgqmsjSFn0y0h+F0uSC8FMR/RuLzogy/sd:h3eZqNSFnX0v+84uLzogy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30b7b11363a6a0fcbf3a1fa0c2539e280c54de23c08d42f009ebf7721cf335ea

Files

30b7b11363a6a0fcbf3a1fa0c2539e280c54de23c08d42f009ebf7721cf335ea
.dll windows:5 windows x86 arch:x86

a6a7a27c63b852d370f07facff857927

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\lab-4.0\barcode\barcodfn.pdb

Imports

kernel32

TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

debug

printd

gui

GuiListFree
GuiListAdd
GuiEvent
GuiByID
GuiListBuild
GuiData
GuiListChange
GuiListEntry
GuiCopyIcon

display

dialog_info
display_secondary_panel
iconic_button
cfgupd_term
optional_button
cfgupd_init
iconic_menu

labdb

config_next
config_scan
config_reread
config_write
config_read
dialog_warning
comdta
dberror
btrv

labfunc

Tx
DLM_load
DLM_procedure
DLM_free

feature

register_feature

barcode

barcode_media_list
define_barcode_media
define_barcodes

msvcr90

_encode_pointer
_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
printf
sprintf
memcpy
memset

Exports

Exports

configure_device
configure_feature
feature_function
feature_init
install_feature
remove_feature
request_labels

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6a7a27c63b852d370f07facff857927

Headers

File Characteristics

PDB Paths

Imports

kernel32

debug

gui

display

labdb

labfunc

feature

barcode

msvcr90

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 912B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 912B