vcruntime140_1[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

vcruntime140_1.dll
Size

8KB
MD5

48e64d77d55fa85fc3ea8931543baf82
SHA1

5e2e0bb9a2064fdff9a1afc02a7c36a8a3752314
SHA256

7bd1de9bcd32c628d326e7647645c6df8c1ed548b36888e95f8a5b581fc4b35e
SHA512

0aae109aa03c6ae12e97a9dcf56e95330eece908b41083ac9d52636cacfc8c85c3912a11aa44c92051e8a12b5810019b4a924cede4031d44a9da0fdf18d7af2c
SSDEEP

96:OOeiM0glFrTkTRfeir+hizHs1ds118DdVFlN3T+xiyhixi2Kt4t2Hv95fy:OHibgrrsRZzHSVdVdecxi7t4tCv9ty

Score

1^/10

Malware Config

Signatures

Files

vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

43f0d00640b4d8e643c20e225b7862e3

Code Sign

5d:cf:24:38:e8:d7:a4:5d:b2:fe:5f:82:fc:86:ed:32
Certificate

Issuer

CN=R2RCA

Not Before

31/12/2020, 15:00

Not After

30/12/2099, 15:00

Subject

CN=R2R,O=R2R,C=JP

9d:8c:6f:3e:67:74:51:a7:a2:0c:4b:7e:c6:d0:b2:7f:82:47:48:3f:20:24:a2:7c:8e:29:c2:9c:d8:d8:35:4e:3c:f2:f2:06:c2:62:40:3b:b2:fd:a6:11:25:96:f2:ed:ed:d0:a5:d4:af:36:5f:81:da:47:c2:0a:a7:56:4b:2f
Signer

Actual PE Digest

9d:8c:6f:3e:67:74:51:a7:a2:0c:4b:7e:c6:d0:b2:7f:82:47:48:3f:20:24:a2:7c:8e:29:c2:9c:d8:d8:35:4e:3c:f2:f2:06:c2:62:40:3b:b2:fd:a6:11:25:96:f2:ed:ed:d0:a5:d4:af:36:5f:81:da:47:c2:0a:a7:56:4b:2f

Digest Algorithm

sha512

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

PathStripPathW

kernel32

GetModuleHandleA
lstrcatW
GetSystemDirectoryW
VirtualProtect
FreeLibrary
GetModuleFileNameW
LoadLibraryW
GetProcAddress
lstrcmpW

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43f0d00640b4d8e643c20e225b7862e3

Code Sign

5d:cf:24:38:e8:d7:a4:5d:b2:fe:5f:82:fc:86:ed:32Certificate

9d:8c:6f:3e:67:74:51:a7:a2:0c:4b:7e:c6:d0:b2:7f:82:47:48:3f:20:24:a2:7c:8e:29:c2:9c:d8:d8:35:4e:3c:f2:f2:06:c2:62:40:3b:b2:fd:a6:11:25:96:f2:ed:ed:d0:a5:d4:af:36:5f:81:da:47:c2:0a:a7:56:4b:2fSigner

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 602B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 104B

.pdata Size: 512B - Virtual size: 36B

.rsrc Size: 1KB - Virtual size: 1KB

5d:cf:24:38:e8:d7:a4:5d:b2:fe:5f:82:fc:86:ed:32
Certificate

9d:8c:6f:3e:67:74:51:a7:a2:0c:4b:7e:c6:d0:b2:7f:82:47:48:3f:20:24:a2:7c:8e:29:c2:9c:d8:d8:35:4e:3c:f2:f2:06:c2:62:40:3b:b2:fd:a6:11:25:96:f2:ed:ed:d0:a5:d4:af:36:5f:81:da:47:c2:0a:a7:56:4b:2f
Signer

.text
Size: 1024B - Virtual size: 602B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 104B

.pdata
Size: 512B - Virtual size: 36B

.rsrc
Size: 1KB - Virtual size: 1KB