45f8631581c2e1f975c00efb1d5041647858a0954ead49db099b522a53be77f7N

Sharing

Copy URL Twitter E-mail

General

Target

45f8631581c2e1f975c00efb1d5041647858a0954ead49db099b522a53be77f7N
Size

21KB
MD5

8314f10e83d76f90d338f3b2219dc9d0
SHA1

0755419ef3509cc80db2e642fb2f042fbedf3656
SHA256

45f8631581c2e1f975c00efb1d5041647858a0954ead49db099b522a53be77f7
SHA512

d1d0d44c5f0e8f229d4fd2407d81ff824502e47ee53c26a75f5dc186381724171159702d28bb2ca9fb91c324c620ceb055cdbdefca6864722b169bb6b34f04cf
SSDEEP

384:ud4FCv5IIYBa6SvuyCSg1XyKpaag2SG+YKqpDV5muP:uPIIY8jvuDyKpaag2SGZLpB/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f8631581c2e1f975c00efb1d5041647858a0954ead49db099b522a53be77f7N

Files

45f8631581c2e1f975c00efb1d5041647858a0954ead49db099b522a53be77f7N
.dll windows:5 windows x86 arch:x86

11971a462f77c53cbe99014b4216148a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

J:\dev\src\libwebp-0.3.1\obj\release-dynamic\x86\bin\libwebpmux.pdb

Imports

libwebp

VP8LCheckSignature
VP8LGetInfo
VP8GetInfo

msvcr90

__CppXcptFilter
_adjust_fdiv
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memcpy
malloc
free
_crt_debugger_hook

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

Exports

Exports

WebPGetMuxVersion
WebPMuxAssemble
WebPMuxCreateInternal
WebPMuxDelete
WebPMuxDeleteChunk
WebPMuxDeleteFrame
WebPMuxGetAnimationParams
WebPMuxGetChunk
WebPMuxGetFeatures
WebPMuxGetFrame
WebPMuxNumChunks
WebPMuxPushFrame
WebPMuxSetAnimationParams
WebPMuxSetChunk
WebPMuxSetImage
WebPNewInternal

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11971a462f77c53cbe99014b4216148a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libwebp

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 864B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 584B

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 864B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 584B