156e01c49809257270bbddc2e9f72f90N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

156e01c49809257270bbddc2e9f72f90N.exe
Size

447KB
MD5

156e01c49809257270bbddc2e9f72f90
SHA1

df0483c93640def4b187d576cdff08c7f8559bcb
SHA256

bf7de3aa9434964323e645207f4e64c1791bde9a67ace40498fdcdb4b4c50d06
SHA512

f1194237fa74cc614a8224f0fcb0f6729b1ca632ffb06c8e5b16830d893972617bc46a341ef30bde81daded6da931fff60257e0d32bae1eabf439471b17f8bc3
SSDEEP

12288:dtSZ0NpE2G4h2a3Pqa1jipyF2trdwm94m:nSZ0N+299P/1jUa2tym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156e01c49809257270bbddc2e9f72f90N.exe

Files

156e01c49809257270bbddc2e9f72f90N.exe
.dll windows:6 windows x86 arch:x86

93b39c8dcc922c39550564e53281270d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\php-sdk\php55\vc11\x86\obj\Release_TS\php_pdo_sqlite.pdb

Imports

php5ts

php_file_le_pstream
php_file_le_stream
_array_init
add_assoc_zval_ex
add_assoc_string_ex
_php_stream_copy_to_mem
zend_fetch_resource
_safe_emalloc
php_pdo_get_exception
zend_call_function
_convert_to_string
core_globals_id
_zval_ptr_dtor
_efree
_zval_copy_ctor_func
zend_is_callable
add_next_index_string
executor_globals_id
_emalloc
_ecalloc
convert_to_long
zend_throw_exception_ex
_estrdup
add_next_index_long
zend_hash_index_find
php_pdo_int64_to_str
php_error_docref0
zend_object_store_get_object
zend_parse_parameters
ts_resource_ex
expand_filepath
php_check_open_basedir
_estrndup
pdo_raise_impl_error
_safe_malloc
php_info_print_table_end
php_pdo_unregister_driver
php_info_print_table_start
php_pdo_register_driver
php_info_print_table_header
php_info_print_table_row

kernel32

FormatMessageW
GetVersionExA
DeleteCriticalSection
GetFileAttributesExW
DisableThreadLibraryCalls
GetCurrentThreadId
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
EnterCriticalSection
LockFileEx
GetProcAddress
GetLastError
GetTempPathW
FlushFileBuffers
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
LeaveCriticalSection
GetFileAttributesA
Sleep
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
DeleteFileW
GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
UnlockFileEx
CloseHandle

msvcr110

strncpy
memmove
strncmp
qsort
malloc
_localtime32_s
memset
realloc
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_strdup
memcmp
memcpy
free

Exports

Exports

get_module

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93b39c8dcc922c39550564e53281270d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

php5ts

kernel32

msvcr110

Exports

Exports

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB