TMS_Modbus_TCP_V1[.]0[.]7z

Resubmissions

07/08/2024, 11:42

240807-nve8xs1gka 7

07/08/2024, 11:40

240807-ns9dzs1fqe 3

Sharing

Copy URL Twitter E-mail

General

Target

TMS_Modbus_TCP_V1.0.7z
Size

75KB
MD5

4f8fcb76ba92d5aac678af3a8614018f
SHA1

0349de271b68c675fa9e92c3e5636498b5534b73
SHA256

beeec6cddda4ecb9ed379dc80df618ec20e48c36c679df823fda1d08acbdb784
SHA512

0ffb10ee0f3bdc72d501b5d8cc34aca48e05e59a70dea297046c49f474f8e4a9a5f3791996d0003a85e81f552ab354fc11f4886de86c66f2a6fd933a064ed469
SSDEEP

1536:0Wfh2b5ujSXfmqm2f1nhKM1GbOF0N3lAqSalfOmsMl5Pn9WI8iBMMaKERahLO4Cy:mlLXf7P1nhjU00N3XTlfbr998kMnKERU

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/EasyModbus.dll
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/EasyModbus.dll
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.exe
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/EasyModbus.dll
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/TMS_Modbus_TCP_V1.0.exe
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.exe
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TempPE/My Project.Resources.Designer.vb.dll
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1.0.exe
unpack001/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TempPE/My Project.Resources.Designer.vb.dll

Files

TMS_Modbus_TCP_V1.0.7z
.7z

Password: infected
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0.sln
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0.suo
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Chart.Designer.vb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Chart.resx
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Chart.vb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/EasyModbus.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Z:\Documents\Rossmann Engineering\OpenSource\EasyModbusTCP.NET\EasyModbusV5.5\EasyModbus\obj\Debug\EasyModbus.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Form1.Designer.vb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Form1.resx
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/Form1.vb
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Application.Designer.vb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Application.myapp
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/AssemblyInfo.vb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Resources.Designer.vb
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Resources.resx
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Settings.Designer.vb
.vbs
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/My Project/Settings.settings
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0.vbproj
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0.vbproj.user
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/EasyModbus.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Z:\Documents\Rossmann Engineering\OpenSource\EasyModbusTCP.NET\EasyModbusV5.5\EasyModbus\obj\Debug\EasyModbus.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\VB_Projects_2010\TMS_Modbus_TCP_V1.0\TMS_Modbus_TCP_V1.0\obj\x86\Debug\TMS_Modbus_TCP_V1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.pdb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.vshost.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

69:7d:56:0d:a3:fe:3b:5c:0d:47:01:ed:dc:fa:ab:ea:ea:68:9c:9e
Signer

Actual PE Digest

69:7d:56:0d:a3:fe:3b:5c:0d:47:01:ed:dc:fa:ab:ea:ea:68:9c:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\dd\vsproject\vshost\vshost32\objr\i386\vshost32.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.vshost.exe.manifest
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Debug/TMS_Modbus_TCP_V1.0.xml
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/EasyModbus.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Z:\Documents\Rossmann Engineering\OpenSource\EasyModbusTCP.NET\EasyModbusV5.5\EasyModbus\obj\Debug\EasyModbus.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/TMS_Modbus_TCP_V1.0 - Kısayol.lnk
.lnk
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/TMS_Modbus_TCP_V1.0.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\VB_Projects_2010\TMS_Modbus_TCP_V1.0\TMS_Modbus_TCP_V1.0\obj\x86\Release\TMS_Modbus_TCP_V1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/TMS_Modbus_TCP_V1.0.pdb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/bin/Release/TMS_Modbus_TCP_V1.0.xml
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/DesignTimeResolveAssemblyReferences.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/DesignTimeResolveAssemblyReferencesInput.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/GenerateResource.read.1.tlog
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/GenerateResource.write.1.tlog
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/ResolveAssemblyReference.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\VB_Projects_2010\TMS_Modbus_TCP_V1.0\TMS_Modbus_TCP_V1.0\obj\x86\Debug\TMS_Modbus_TCP_V1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.pdb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.vbproj.FileListAbsolute.txt
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.vbproj.GenerateResource.Cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.vbprojResolveAssemblyReference.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1.0.xml
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1._0.Chart.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1._0.Form1.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TMS_Modbus_TCP_V1._0.Resources.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Debug/TempPE/My Project.Resources.Designer.vb.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/DesignTimeResolveAssemblyReferences.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/DesignTimeResolveAssemblyReferencesInput.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/GenerateResource.read.1.tlog
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/GenerateResource.write.1.tlog
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/ResolveAssemblyReference.cache
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\VB_Projects_2010\TMS_Modbus_TCP_V1.0\TMS_Modbus_TCP_V1.0\obj\x86\Release\TMS_Modbus_TCP_V1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1.0.pdb
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1.0.vbproj.FileListAbsolute.txt
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1.0.xml
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1._0.Chart.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1._0.Form1.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TMS_Modbus_TCP_V1._0.Resources.resources
TMS_Modbus_TCP_V1.0/TMS_Modbus_TCP_V1.0/obj/x86/Release/TempPE/My Project.Resources.Designer.vb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 69KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 512B - Virtual size: 12B

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 69KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 512B - Virtual size: 12B

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 35KB

.sdata Size: 512B - Virtual size: 150B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:01:cf:3e:00:00:00:00:00:0fCertificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

61:06:94:2d:00:00:00:00:00:09Certificate

Extended Key Usages

Key Usages

69:7d:56:0d:a3:fe:3b:5c:0d:47:01:ed:dc:fa:ab:ea:ea:68:9c:9eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 69KB - Virtual size: 68KB

.text
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 36KB - Virtual size: 35KB

.sdata
Size: 512B - Virtual size: 150B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:06:94:2d:00:00:00:00:00:09
Certificate

69:7d:56:0d:a3:fe:3b:5c:0d:47:01:ed:dc:fa:ab:ea:ea:68:9c:9e
Signer

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 29KB - Virtual size: 28KB

.sdata
Size: 512B - Virtual size: 152B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 36KB - Virtual size: 35KB

.sdata
Size: 512B - Virtual size: 150B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 29KB - Virtual size: 28KB

.sdata
Size: 512B - Virtual size: 152B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B