565fe9360e227767168463d7b9cc4480N

Sharing

Copy URL Twitter E-mail

General

Target

565fe9360e227767168463d7b9cc4480N
Size

26KB
MD5

565fe9360e227767168463d7b9cc4480
SHA1

1d9d0ed7911ae66afaf4c2094bc1360add3bf3c1
SHA256

45b13f12d993fea12eda1648e28115f2c929888faf52c7d6c5c5323cf3e321fb
SHA512

02f5b3f6d2f798260e8bef7b40951ce86c4fb4096f61217ca7574ee3b8614fa137b96baa4e06efffa844114884a1c577c21d7184b0dc8f73f10f755444e66ef6
SSDEEP

384:52RpHUrTpbT8wYr/L5QMYDx3XksBEqeXtLQOEWraDOBj3Ley3CJPUyQD8wHxlZD1:52p0Bw5QMOgXtjkOjC5CR31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
565fe9360e227767168463d7b9cc4480N

Files

565fe9360e227767168463d7b9cc4480N
.dll windows:6 windows x86 arch:x86

84da704b63458f7f2cd7c0ddf729e7ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\node-exclude\Inovance\ProductLine\Servo\TempOut\InoOscTranslator\Release\InoOscTranslator.pdb

Imports

mfc140u

ord995
ord280
ord6751
ord8470
ord8386
ord12865
ord8324
ord5357
ord2486
ord14589
ord7922
ord14595
ord4152
ord12947
ord7941
ord14466
ord12531
ord8000
ord3852
ord5918
ord12239
ord12247
ord8217
ord10433
ord12251
ord12219
ord5249
ord5549
ord5760
ord9350
ord5525
ord5763
ord5252
ord5411
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord10250
ord9209
ord6860
ord12348
ord14604
ord3236
ord4856
ord12405
ord14657
ord2383
ord4589
ord7997
ord2246
ord1472
ord7653
ord1511
ord12541
ord12542
ord9398
ord4090
ord2034
ord11982
ord11983
ord14667
ord6348
ord14669
ord6350
ord14668
ord6349
ord2378
ord12928
ord3849
ord1514
ord325
ord1053
ord2365
ord324
ord1052
ord2408
ord2411
ord2376
ord2410
ord485
ord2268
ord2374
ord2184
ord2300
ord2399
ord1513

kernel32

OutputDebugStringW
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
LocalAlloc
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
CloseHandle
GetModuleHandleW

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

vcruntime140

__std_terminate
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
memset
_except_handler4_common
__std_type_info_destroy_list
memmove
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

??0CInoOscTranslator@@AAE@XZ
??1CInoOscTranslator@@AAE@XZ
??4CInoOscTranslator@@QAEAAV0@ABV0@@Z
?GetSwitchMutiLanguageAgent@CInoOscTranslator@@SAPAVISwitchMutiLanguageAgent@@XZ
?RegisterLanguageChangedInterface@CInoOscTranslator@@SAXPAVIMessage_LanguageChanged@@@Z
?Translate@CInoOscTranslator@@SA?AV?$CStringT@GV?$StrTraitMFC_DLL@GV?$ChTraitsCRT@G@ATL@@@@@ATL@@ABV23@@Z
?UnRegisterLanguageChangedInterface@CInoOscTranslator@@SAXPAVIMessage_LanguageChanged@@@Z
CreateInterFace
SafeRelease
SetQueryInterfaceCallback
SupportedInterface

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84da704b63458f7f2cd7c0ddf729e7ca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc140u

kernel32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB