10c9d9af87a0de8fc417c418e3d57c1101702b9bf32da04082b6e8e38b8e3d84

Sharing

Copy URL

Twitter E-mail

General

Target

10c9d9af87a0de8fc417c418e3d57c1101702b9bf32da04082b6e8e38b8e3d84
Size

222KB
MD5

8002e1a2f7cabf9cc7204bfdb15449ca
SHA1

a30946c4d00676d1b862c296e589d49f1e44d30e
SHA256

10c9d9af87a0de8fc417c418e3d57c1101702b9bf32da04082b6e8e38b8e3d84
SHA512

907f8fd6a347be8814be6067b9cbdcbe823f6dc0ca51abfece7fb5510d670cdc8653e514d04c6a2cd60dbf979f655910de324c2aacbba0400217b3ed7309c99b
SSDEEP

6144:BTf/17tibwH1Cb5PaBlkAoWKM7+TcLkN2Rv:BTf/17tibwH1Cb5UKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c9d9af87a0de8fc417c418e3d57c1101702b9bf32da04082b6e8e38b8e3d84

Files

10c9d9af87a0de8fc417c418e3d57c1101702b9bf32da04082b6e8e38b8e3d84
.dll windows:6 windows x64 arch:x64

f4e228e698771d08c747d24ba4fb52d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\Documents\vcpkg\buildtrees\lzo\x64-od-windows-rel\lzo2.pdb

Imports

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__C_specific_handler
memcmp
memmove

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

GetSystemTimeAsFileTime
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

__lzo_align_gap
__lzo_init_v2
__lzo_ptr_linear
_lzo1b_do_compress
_lzo1b_store_run
_lzo1c_do_compress
_lzo1c_store_run
_lzo_config_check
_lzo_version_date
_lzo_version_string
lzo1_99_compress
lzo1_compress
lzo1_decompress
lzo1_info
lzo1a_99_compress
lzo1a_compress
lzo1a_decompress
lzo1a_info
lzo1b_1_compress
lzo1b_2_compress
lzo1b_3_compress
lzo1b_4_compress
lzo1b_5_compress
lzo1b_6_compress
lzo1b_7_compress
lzo1b_8_compress
lzo1b_999_compress
lzo1b_999_compress_callback
lzo1b_99_compress
lzo1b_9_compress
lzo1b_compress
lzo1b_decompress
lzo1b_decompress_safe
lzo1c_1_compress
lzo1c_2_compress
lzo1c_3_compress
lzo1c_4_compress
lzo1c_5_compress
lzo1c_6_compress
lzo1c_7_compress
lzo1c_8_compress
lzo1c_999_compress
lzo1c_999_compress_callback
lzo1c_99_compress
lzo1c_9_compress
lzo1c_compress
lzo1c_decompress
lzo1c_decompress_safe
lzo1f_1_compress
lzo1f_999_compress
lzo1f_999_compress_callback
lzo1f_decompress
lzo1f_decompress_safe
lzo1x_1_11_compress
lzo1x_1_12_compress
lzo1x_1_15_compress
lzo1x_1_compress
lzo1x_999_compress
lzo1x_999_compress_dict
lzo1x_999_compress_internal
lzo1x_999_compress_level
lzo1x_decompress
lzo1x_decompress_dict_safe
lzo1x_decompress_safe
lzo1x_optimize
lzo1y_1_compress
lzo1y_999_compress
lzo1y_999_compress_dict
lzo1y_999_compress_internal
lzo1y_999_compress_level
lzo1y_decompress
lzo1y_decompress_dict_safe
lzo1y_decompress_safe
lzo1y_optimize
lzo1z_999_compress
lzo1z_999_compress_dict
lzo1z_999_compress_internal
lzo1z_999_compress_level
lzo1z_decompress
lzo1z_decompress_dict_safe
lzo1z_decompress_safe
lzo2a_999_compress
lzo2a_999_compress_callback
lzo2a_decompress
lzo2a_decompress_safe
lzo_adler32
lzo_copyright
lzo_crc32
lzo_get_crc32_table
lzo_memcmp
lzo_memcpy
lzo_memmove
lzo_memset
lzo_version
lzo_version_date
lzo_version_string

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4e228e698771d08c747d24ba4fb52d8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 207KB - Virtual size: 207KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 120B

.text
Size: 207KB - Virtual size: 207KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 120B