ca33a233c0ba6c880749f486dee03c863a48704bbefe2d2bcc5d5c3c94e49fcdN | Triage

Sharing

General

Target

ca33a233c0ba6c880749f486dee03c863a48704bbefe2d2bcc5d5c3c94e49fcdN
Size

11KB
MD5

a6cc38dc12e57bafae03d6077bacae10
SHA1

baf14a4ce8c683c80ef7142d315a06050a7579fb
SHA256

ca33a233c0ba6c880749f486dee03c863a48704bbefe2d2bcc5d5c3c94e49fcd
SHA512

7214e99d17d80063c7ee242ffec721a30411c830d5de9bb9e6a87f26c1d60c827358f06ce40f9903d335d9588a5a098ec78fd77c58421d2719cfb3dfcec4bc2e
SSDEEP

192:ZK/aX/EBOFhgF3LxZV5uDa6bIi0HEdpr44S6MGS3XII0D+:AQEBOFh031m3x0HyrM9YI0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca33a233c0ba6c880749f486dee03c863a48704bbefe2d2bcc5d5c3c94e49fcdN

Files

ca33a233c0ba6c880749f486dee03c863a48704bbefe2d2bcc5d5c3c94e49fcdN
.dll windows:6 windows x86 arch:x86

22709bc72d7cd13192c2afae007145cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\DevelopmentSQL\Experimental\TestApi3\Release\UspsEncodeImb.pdb

Imports

msvcr110

_lock
_unlock
_initterm_e
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_calloc_crt
strncpy_s

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls

Exports

Exports

Encode
_Encode@12

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ