a1b54f07c5cdf71f7a0d87ca8b46af5cee2f3d7f228e67d192dd70902ed71ac0

General

Target

a1b54f07c5cdf71f7a0d87ca8b46af5cee2f3d7f228e67d192dd70902ed71ac0
Size

9KB
MD5

e8547b9c9fe9903d9ef9a0d2bcf9d7b0
SHA1

19c3d29308ad6b4627ce9a210c47c6badaaa0643
SHA256

a1b54f07c5cdf71f7a0d87ca8b46af5cee2f3d7f228e67d192dd70902ed71ac0
SHA512

3398d3d35acdd7eb3333b4f77a416c239af2d7cef2ca25941fce985aa50b0c5bf455ce59306d5def5bba55fcd1ff189cdd78a4a27e42462cb0a1664e20102e23
SSDEEP

192:Zmz+QvoSfyvf7ZwjQWJt9/VjO7x7Eof2KMl:Zmzz/gi5JtvjIxo62l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1b54f07c5cdf71f7a0d87ca8b46af5cee2f3d7f228e67d192dd70902ed71ac0

Files

a1b54f07c5cdf71f7a0d87ca8b46af5cee2f3d7f228e67d192dd70902ed71ac0
.dll windows:6 windows x86 arch:x86

c5129999f14a15c17891269efc865179

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\vcpkg\buildtrees\libatomic-ops\x86-windows-rel\atomic_ops_gpl.pdb

Imports

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_cexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
abort
_initialize_narrow_environment

kernel32

SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead

Exports

Exports

AO_free
AO_malloc
AO_malloc_enable_mmap
AO_stack_head_ptr
AO_stack_init
AO_stack_is_lock_free
AO_stack_next_ptr
AO_stack_pop_acquire
AO_stack_push_release

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5129999f14a15c17891269efc865179

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 2.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 348B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 2.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 348B