8bd5151e2a1ceff03be9931750b33a596590f9c12aa2f1f769fb5d9bd9591fd5N

General

Target

8bd5151e2a1ceff03be9931750b33a596590f9c12aa2f1f769fb5d9bd9591fd5N
Size

11KB
MD5

58c1f7a257f47cbba43d91613cf2feb0
SHA1

d45cf5c2679641d0099a90232e45ebc21510845d
SHA256

8bd5151e2a1ceff03be9931750b33a596590f9c12aa2f1f769fb5d9bd9591fd5
SHA512

5d38f430b294bd84ccbea1912a772e5d13d3122ea99dfd551a57f43db65ea046f6742263927d2699f9a29ba0b22098284a5448c8c4af7e215de0fe37494f767b
SSDEEP

192:8lcVvLZtkcMm2+G8Svq+Cc3XgiOqppEItC:/1tkc7nOvqKwLqnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bd5151e2a1ceff03be9931750b33a596590f9c12aa2f1f769fb5d9bd9591fd5N

Files

8bd5151e2a1ceff03be9931750b33a596590f9c12aa2f1f769fb5d9bd9591fd5N
.dll windows:6 windows x86 arch:x86

6c5d0ccd275a25b86f54788af338f96c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\build\httpd-2.4.18\modules\aaa\Release\mod_authn_file.pdb

Imports

libapr-1

_apr_palloc@8

libaprutil-1

_apr_password_validate@8
_apr_dynamic_fn_retrieve@4

libhttpd

_ap_cfg_closefile@4
_ap_getword@12
ap_set_file_slot
_ap_hook_optional_fn_retrieve@16
_ap_register_auth_provider@24
_ap_cfg_getline@12
ap_log_rerror_
_ap_pcfg_openfile@12

msvcr110

_except_handler4_common
__clean_type_info_names_internal
_onexit
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

Exports

Exports

authn_file_module

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c5d0ccd275a25b86f54788af338f96c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libapr-1

libaprutil-1

libhttpd

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 568B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 568B