92de0f3459a24f00db277cf2af5f4f75f1d17f0e066a59f79a4d9882cc794f9f

Sharing

Copy URL Twitter E-mail

General

Target

92de0f3459a24f00db277cf2af5f4f75f1d17f0e066a59f79a4d9882cc794f9f
Size

73KB
MD5

ff6081c3e069d6f6b91d88f82c6e153a
SHA1

c75b155a2dce0be38b5e458529b933bbffc5d265
SHA256

92de0f3459a24f00db277cf2af5f4f75f1d17f0e066a59f79a4d9882cc794f9f
SHA512

f5b575987bb78793e7dfb61d432d08f38bd24ae675b370908ed6a012ed292e7f5b1a35629bd64ec60ee70662355eaf872540485b6e6f506d3cf8a81c75987b89
SSDEEP

1536:FCBn+b/121hDoWbLlRBWQfsZpwvDq81HhvB/TO:FCBn+rSRRYQfskvDq81X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92de0f3459a24f00db277cf2af5f4f75f1d17f0e066a59f79a4d9882cc794f9f

Files

92de0f3459a24f00db277cf2af5f4f75f1d17f0e066a59f79a4d9882cc794f9f
.dll windows:6 windows x86 arch:x86

649b5dfa8dee8ab411d4323c8fd07f79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\vcpkg\buildtrees\epsilon\x86-windows-rel\epsilon.pdb

Imports

kernel32

IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
strstr
__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

alloc_linked_list
alloc_list_node
analysis_2D
append_list_node
bilinear_resample_channel
clip_channel
convert_RGB_to_YCbCr
convert_YCbCr_to_RGB
dc_level_shift
dc_level_unshift
eps_decode_grayscale_block
eps_decode_truecolor_block
eps_encode_grayscale_block
eps_encode_truecolor_block
eps_free_2D
eps_free_fb_info
eps_get_fb_info
eps_malloc_2D
eps_read_block_header
eps_truncate_block
eps_xmalloc
epsilon_adler32
epsilon_crc32
extend_channel
extract_channel
flush_bits
free_2D
free_linked_list
free_list_node
init_bits
insert_after_list_node
insert_before_list_node
is_power_of_two
malloc_2D
merge_channels
move_list_node
number_of_bits
prepend_list_node
read_bits
remove_list_node
remove_list_node_link
speck_decode
speck_encode
split_channels
stuff_data
synthesis_2D
unstuff_data
write_bits
xmalloc

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

649b5dfa8dee8ab411d4323c8fd07f79

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 33KB - Virtual size: 33KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 33KB - Virtual size: 33KB

.reloc
Size: 1KB - Virtual size: 1KB