C:\vcpkg\buildtrees\7zip\x86-o1-windows-rel\7zip.pdb
Static task
static1
Behavioral task
behavioral1
Sample
e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3.dll
Resource
win10v2004-20240802-en
General
-
Target
e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3
-
Size
1022KB
-
MD5
5383109a636ba55423e5966a6bd2f583
-
SHA1
08b8b7eefe3458c28dd573bb84289b5b84769fd8
-
SHA256
e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3
-
SHA512
92b75fd160aaae8f63bfb1395dabd08047fe30afb8ab605c17d7bc9e9d8a464da5cdc7a2e43078fbe03c7817f78cf936470b69f20fa8e25a4b142e60b3c0cb2f
-
SSDEEP
24576:22mkJlMbJIyBXqUdZf2mmGT3+Uooa40mP0MB5FULqCakoz7LRpL5:KkTSIyBjney3JTZxt5FvkoHj1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3
Files
-
e19d486440cba3b2c69f5afaba19867d36a6047fbcd243cc6f878447c5dbb9b3.dll windows:6 windows x86 arch:x86
5f194e1cac4baf86180c92bb1f42f709
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
VirtualAlloc
VirtualFree
GetModuleHandleW
IsProcessorFeaturePresent
GetVersionExW
CloseHandle
GetLastError
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
ResumeThread
SetThreadAffinityMask
CreateSemaphoreW
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
CompareFileTime
GetCurrentProcess
GetSystemInfo
GlobalMemoryStatus
GetProcessAffinityMask
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
WaitForMultipleObjects
LocalFileTimeToFileTime
GetOEMCP
EncodePointer
IsDebuggerPresent
DecodePointer
user32
CharUpperW
CharPrevExA
oleaut32
SysFreeString
VariantCopy
SysAllocString
SysStringLen
VariantClear
SysAllocStringByteLen
SysAllocStringLen
msvcr120
__clean_type_info_names_internal
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_except_handler4_common
_purecall
__CxxFrameHandler3
memset
memcpy
_CxxThrowException
memmove
memcmp
free
malloc
exit
_beginthreadex
strstr
realloc
strchr
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
Exports
Exports
CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
LzmaCompress
LzmaUncompress
SetCaseSensitive
SetCodecs
SetLargePageMode
Sections
.text Size: 838KB - Virtual size: 837KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 135KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ