4e108b9df89d2ab16fadf3739d092570N

Sharing

Copy URL Twitter E-mail

General

Target

4e108b9df89d2ab16fadf3739d092570N
Size

3.1MB
MD5

4e108b9df89d2ab16fadf3739d092570
SHA1

ea31d6631ce54da51845d09fec5ee26244b69561
SHA256

59cdbfe6963be28d2af7ea5d251f101688fc2cab827a240b3e35ce5754ae1f5c
SHA512

89237ea1e6116ab87b103e19dc9025615ed4235ce659f16a8d8c91f7fef08ef80c50ef759b3e094bf62cd77031baf1869af3b3c4d5d1dd09cd7f1204e2aabe1a
SSDEEP

12288:2BTLOouzD/SXMmWfmmWJL3P5u5Eo9EUVJVYGbyJ+5UVq3uQ:uOXDajWtcPeE2EUVJulqeQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e108b9df89d2ab16fadf3739d092570N

Files

4e108b9df89d2ab16fadf3739d092570N
.dll windows:5 windows x86 arch:x86

f99a3d14dc6f15773a383729c76f17b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\02_HOffice90\Dev\ImageFilter6_RSvg\RSVGDependency\DLL_Debug\gmodule-2-vs9.pdb

Imports

glib-2-vs9

g_ascii_strcasecmp
g_static_private_get
g_log
g_locale_to_utf8
g_getenv_utf8
g_parse_debug_string
g_open
g_scanner_new
g_scanner_input_file
g_scanner_scope_add_symbol
g_scanner_eof
g_scanner_get_next_token
g_scanner_destroy
g_path_get_dirname
g_win32_error_message
g_strdup_vprintf
g_utf8_to_utf16
g_static_rec_mutex_lock
g_malloc
g_static_rec_mutex_unlock
g_file_test_utf8
g_strconcat
g_filename_display_name
g_strdup_printf
g_locale_from_utf8
g_free
g_static_private_set
g_strdup

kernel32

ExitProcess
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTimeZoneInformation
GetLocaleInfoW
LCMapStringW
LCMapStringA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetDateFormatA
GetTimeFormatA
RtlUnwind
InitializeCriticalSectionAndSpinCount
InterlockedExchange
VirtualAlloc
HeapReAlloc
HeapSize
LoadLibraryW
GetLastError
FreeLibrary
GetProcAddress
GetModuleHandleA
CloseHandle
GetCurrentProcess
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
IsDebuggerPresent
RaiseException
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
HeapValidate
IsBadReadPtr
Sleep
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
GetProcessHeap
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
WriteFile
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler

Exports

Exports

g_module_build_path
g_module_close
g_module_error
g_module_make_resident
g_module_name
g_module_name_utf8
g_module_open
g_module_open_utf8
g_module_supported
g_module_symbol

Sections

.textbss
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f99a3d14dc6f15773a383729c76f17b3

Headers

File Characteristics

PDB Paths

Imports

glib-2-vs9

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 168KB

.text Size: 354KB - Virtual size: 353KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 5KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2.6MB - Virtual size: 2.6MB

.textbss
Size: - Virtual size: 168KB

.text
Size: 354KB - Virtual size: 353KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 5KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2.6MB - Virtual size: 2.6MB