7af09fdc8da1873b4e618abf8896fbb0cdcd443b0b7b4e96f04de0015fa084bfN

Sharing

Copy URL Twitter E-mail

General

Target

7af09fdc8da1873b4e618abf8896fbb0cdcd443b0b7b4e96f04de0015fa084bfN
Size

24KB
MD5

c663d43dbedede060f74f95e561858c0
SHA1

a97b638af1a3acb60fda1842f22dfc7c26748945
SHA256

7af09fdc8da1873b4e618abf8896fbb0cdcd443b0b7b4e96f04de0015fa084bf
SHA512

41c7ea10efb5afca3ee928a2dce08b945b3cd1ec0db32094cdf5fce128b610e77ba1c725968ad2186fa416d775c395d816eddd901453239f927c0e7d2a75846f
SSDEEP

384:VJH6+n4MA1uzEgN+EFcPEfjz4v3uD8wgDxso3ViQ:VJa+n4MA1004GEfjzI3uoxq6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7af09fdc8da1873b4e618abf8896fbb0cdcd443b0b7b4e96f04de0015fa084bfN

Files

7af09fdc8da1873b4e618abf8896fbb0cdcd443b0b7b4e96f04de0015fa084bfN
.dll windows:6 windows x86 arch:x86

a7d62f22cc385713b49daafe4c566d01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\php-sdk\php56\vc11\x86\obj\Release_TS\php_pdo_mysql.pdb

Imports

php5ts

mysqlnd_allocator
php_file_le_stream
add_assoc_long_ex
php_file_le_pstream
zend_get_class_entry
zend_unregister_ini_entries
php_info_print_table_row
php_info_print_table_header
zend_object_store_get_object
_array_init
zend_declare_class_constant_long
instanceof_function
php_pdo_register_driver
php_info_print_table_start
php_pdo_unregister_driver
mysqlnd_reverse_api_register_api
php_pdo_get_dbh_ce
zend_register_ini_entries
php_info_print_table_end
spprintf
add_assoc_zval_ex
_emalloc
add_assoc_string_ex
_php_stream_copy_to_mem
zend_fetch_resource
pdo_raise_impl_error
_safe_emalloc
php_pdo_get_exception
pdo_parse_params
_convert_to_string
_mysqlnd_init
_efree
_zval_copy_ctor_func
mysqlnd_get_client_info
add_next_index_string
_ecalloc
convert_to_long
zend_throw_exception_ex
_estrdup
php_pdo_parse_data_source
add_next_index_long
zend_hash_index_find
mysqlnd_connect
php_pdo_int64_to_str
_estrndup
convert_to_boolean
php_error_docref0
_safe_malloc

msvcr110

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
atoi
free
_strdup

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

Exports

Exports

get_module

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7d62f22cc385713b49daafe4c566d01

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

php5ts

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB