f9a4e5f8cbcb4465f59a29421b803ea5c3eb9b0f34b072a09030d63cb491a193 | Triage

Sharing

General

Target

f9a4e5f8cbcb4465f59a29421b803ea5c3eb9b0f34b072a09030d63cb491a193
Size

6KB
MD5

58ec72e8236c6e103aa68a3d8ac51a1f
SHA1

64f7b3e055f0d49fc046aebef3a870cb4b6972bf
SHA256

f9a4e5f8cbcb4465f59a29421b803ea5c3eb9b0f34b072a09030d63cb491a193
SHA512

13a682179d92008d5bf920c858fada9eec05f02fec1a07ff7a7898a9590cc2a0eba47e7c785fd84b927b9a4fdc3b3e85c4c7e5b42e66f93355dc6eb93e694f0e
SSDEEP

96:ZsDQw7+7RR2k/4YFCXsXLK5K0vD8sKkYH3XBGEqMKUY:bT7Rt4YIC0K0L8nka3Xpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a4e5f8cbcb4465f59a29421b803ea5c3eb9b0f34b072a09030d63cb491a193

Files

f9a4e5f8cbcb4465f59a29421b803ea5c3eb9b0f34b072a09030d63cb491a193
.dll windows:6 windows x86 arch:x86

b2ffee4ba826d01d9c34ced4c6874f9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC11\Win32\httpd-2.4.23\srclib\apr-iconv\Release\iconv\ucs2-internal.pdb

Imports

libapriconv-1

apr_iconv_ces_zero
apr_iconv_ces_no_func
apr_iconv_ces_nbits8
apr_iconv_mod_noevent

msvcr110

_initterm_e
_lock
_unlock
_initterm
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_malloc_crt
free
_amsg_exit
__CppXcptFilter
_calloc_crt

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
GetCurrentThreadId

Exports

Exports

iconv_module

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ