b9d64fe055eb59fe4c2942b9ed13a73e939908bad71495934b2ccf6e209998a2N

Sharing

Copy URL Twitter E-mail

General

Target

b9d64fe055eb59fe4c2942b9ed13a73e939908bad71495934b2ccf6e209998a2N
Size

19KB
MD5

9350dcf79377d38655b7719b60467930
SHA1

b43de39fd6d3961b252dfa239191dc737a283370
SHA256

b9d64fe055eb59fe4c2942b9ed13a73e939908bad71495934b2ccf6e209998a2
SHA512

9534e97ae2379c441ed5300481a432b7ce3f00671cd01af4aaca417b0f508829a066edcfc2ca33e42ce507beb0d0aca62bb6e4289ddc4e7c68af4d69bae3dd19
SSDEEP

384:qaoOzemUMYD39UHqYvuvfS2Vgo0mcMOKL5a:7oOzempY4/vuySROGa

Score

1^/10

Malware Config

Signatures

Files

b9d64fe055eb59fe4c2942b9ed13a73e939908bad71495934b2ccf6e209998a2N
.dll windows:6 windows x64 arch:x64

17d2557fb9de6d02b5e7c5d1e588fb15

Code Sign

4d:e5:a8:c7
Certificate

Issuer

CN=Tres Finocchiaro,OU=code.google.com/jzebra,O=jZebra Web Applet,L=Canastota,ST=New York,C=US

Not Before

01/06/2011, 02:49

Not After

31/05/2016, 02:49

Subject

CN=Tres Finocchiaro,OU=code.google.com/jzebra,O=jZebra Web Applet,L=Canastota,ST=New York,C=US

16:1d:40:2b:f1:2f:b3:f5:0a:93:ab:e1:6d:0c:95:2c:7a:36:5e:38:f9:79:6d:d9:d4:ae:3d:69:2b:07:9e:28
Signer

Actual PE Digest

16:1d:40:2b:f1:2f:b3:f5:0a:93:ab:e1:6d:0c:95:2c:7a:36:5e:38:f9:79:6d:d9:d4:ae:3d:69:2b:07:9e:28

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

management.pdb

Imports

jvm

JVM_GetManagement
JVM_GetVmArguments
JVM_ActiveProcessorCount
JVM_GetAllThreads

java

JNU_ThrowInternalError

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId

vcruntime140

__C_specific_handler
memset
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_configure_narrow_argv
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment

Exports

Exports

JNI_OnLoad
Java_sun_management_ClassLoadingImpl_setVerboseClass
Java_sun_management_GarbageCollectorImpl_getCollectionCount
Java_sun_management_GarbageCollectorImpl_getCollectionTime
Java_sun_management_HotspotThread_getInternalThreadCount
Java_sun_management_HotspotThread_getInternalThreadTimes0
Java_sun_management_MemoryImpl_getMemoryManagers0
Java_sun_management_MemoryImpl_getMemoryPools0
Java_sun_management_MemoryImpl_getMemoryUsage0
Java_sun_management_MemoryImpl_setVerboseGC
Java_sun_management_MemoryManagerImpl_getMemoryPools0
Java_sun_management_MemoryPoolImpl_getCollectionUsage0
Java_sun_management_MemoryPoolImpl_getMemoryManagers0
Java_sun_management_MemoryPoolImpl_getPeakUsage0
Java_sun_management_MemoryPoolImpl_getUsage0
Java_sun_management_MemoryPoolImpl_resetPeakUsage0
Java_sun_management_MemoryPoolImpl_setCollectionThreshold0
Java_sun_management_MemoryPoolImpl_setPoolCollectionSensor
Java_sun_management_MemoryPoolImpl_setPoolUsageSensor
Java_sun_management_MemoryPoolImpl_setUsageThreshold0
Java_sun_management_ThreadImpl_dumpThreads0
Java_sun_management_ThreadImpl_findDeadlockedThreads0
Java_sun_management_ThreadImpl_findMonitorDeadlockedThreads0
Java_sun_management_ThreadImpl_getThreadAllocatedMemory0
Java_sun_management_ThreadImpl_getThreadAllocatedMemory1
Java_sun_management_ThreadImpl_getThreadInfo1
Java_sun_management_ThreadImpl_getThreadTotalCpuTime0
Java_sun_management_ThreadImpl_getThreadTotalCpuTime1
Java_sun_management_ThreadImpl_getThreadUserCpuTime0
Java_sun_management_ThreadImpl_getThreadUserCpuTime1
Java_sun_management_ThreadImpl_getThreads
Java_sun_management_ThreadImpl_resetContentionTimes0
Java_sun_management_ThreadImpl_resetPeakThreadCount0
Java_sun_management_ThreadImpl_setThreadAllocatedMemoryEnabled0
Java_sun_management_ThreadImpl_setThreadContentionMonitoringEnabled0
Java_sun_management_ThreadImpl_setThreadCpuTimeEnabled0
Java_sun_management_VMManagementImpl_getAvailableProcessors
Java_sun_management_VMManagementImpl_getClassInitializationTime
Java_sun_management_VMManagementImpl_getClassLoadingTime
Java_sun_management_VMManagementImpl_getClassVerificationTime
Java_sun_management_VMManagementImpl_getDaemonThreadCount
Java_sun_management_VMManagementImpl_getInitializedClassCount
Java_sun_management_VMManagementImpl_getLiveThreadCount
Java_sun_management_VMManagementImpl_getLoadedClassSize
Java_sun_management_VMManagementImpl_getMethodDataSize
Java_sun_management_VMManagementImpl_getPeakThreadCount
Java_sun_management_VMManagementImpl_getProcessId
Java_sun_management_VMManagementImpl_getSafepointCount
Java_sun_management_VMManagementImpl_getSafepointSyncTime
Java_sun_management_VMManagementImpl_getStartupTime
Java_sun_management_VMManagementImpl_getTotalApplicationNonStoppedTime
Java_sun_management_VMManagementImpl_getTotalClassCount
Java_sun_management_VMManagementImpl_getTotalCompileTime
Java_sun_management_VMManagementImpl_getTotalSafepointTime
Java_sun_management_VMManagementImpl_getTotalThreadCount
Java_sun_management_VMManagementImpl_getUnloadedClassCount
Java_sun_management_VMManagementImpl_getUnloadedClassSize
Java_sun_management_VMManagementImpl_getUptime0
Java_sun_management_VMManagementImpl_getVerboseClass
Java_sun_management_VMManagementImpl_getVerboseGC
Java_sun_management_VMManagementImpl_getVersion0
Java_sun_management_VMManagementImpl_getVmArguments0
Java_sun_management_VMManagementImpl_initOptionalSupportFields
Java_sun_management_VMManagementImpl_isThreadAllocatedMemoryEnabled
Java_sun_management_VMManagementImpl_isThreadContentionMonitoringEnabled
Java_sun_management_VMManagementImpl_isThreadCpuTimeEnabled

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17d2557fb9de6d02b5e7c5d1e588fb15

Code Sign

4d:e5:a8:c7Certificate

16:1d:40:2b:f1:2f:b3:f5:0a:93:ab:e1:6d:0c:95:2c:7a:36:5e:38:f9:79:6d:d9:d4:ae:3d:69:2b:07:9e:28Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jvm

java

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 564B

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 24B

4d:e5:a8:c7
Certificate

16:1d:40:2b:f1:2f:b3:f5:0a:93:ab:e1:6d:0c:95:2c:7a:36:5e:38:f9:79:6d:d9:d4:ae:3d:69:2b:07:9e:28
Signer

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 564B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 24B