e8ab4af94a8f2cc4b49209d01503bb6c6cf881e8440f1b525f49e0afff1618ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8ab4af94a8f2cc4b49209d01503bb6c6cf881e8440f1b525f49e0afff1618ea
Size

8KB
MD5

67e9d4428a85a8806bce040308261d67
SHA1

968655c52ec9bc7e3916d4e6efc4be08134ff202
SHA256

e8ab4af94a8f2cc4b49209d01503bb6c6cf881e8440f1b525f49e0afff1618ea
SHA512

76b9774d2d2e28fceb3f159cf8ffe96acd48a7f8a5b551ad61e139e0bb9d23431f437e3e8d42d98810c8f702b9608c032e10458819578ecbbfcd5922a122b396
SSDEEP

96:uEZyU4YUCV2n2k/4O7lIErv9M0L5k0in9+qm2zH3XBGEqM4oYgjM:+U4U4z4YlDa0L5k0in9Nhz3XpqhO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8ab4af94a8f2cc4b49209d01503bb6c6cf881e8440f1b525f49e0afff1618ea

Files

e8ab4af94a8f2cc4b49209d01503bb6c6cf881e8440f1b525f49e0afff1618ea
.dll windows:6 windows x86 arch:x86

f07349635ccb8de21ff3fc191344e111

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC11\Win32\httpd-2.4.23\srclib\apr-iconv\Release\iconv\cp891.pdb

Imports

libapriconv-1

apr_iconv_mod_noevent

msvcr110

_calloc_crt
__dllonexit
_onexit
_unlock
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__clean_type_info_names_internal

kernel32

IsProcessorFeaturePresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsDebuggerPresent

Exports

Exports

iconv_module

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ