vcruntime140.dll
First submission 2023-02-06 10:40:02
Last sumbission 2024-07-23 21:51:01
| File type: |
PE32 executable (DLL) (console) Intel 80386, for MS Windows |
| File size: |
78.98 KB (80880 bytes) |
| Compile time: |
2019-07-18 23:54:04 |
| MD5: |
a37ee36b536409056a86f50e67777dd7 |
| SHA1: |
1cafa159292aa736fc595fc04e16325b27cd6750 |
| SHA256: |
8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825 |
| Import Hash : |
6a84b7445ccacd5d29ac27de2745f356 |
| Sections 5 |
.text���
.data���
.idata��
.rsrc���
.reloc��
|
| Directories 6 |
security
relocation
debug
resource
export
import
|
URLs, FQDN and IP indicators 3
| URL |
Host (FQDN/IP) |
Date Added |
hXXp://91.92.244.238/d6212e86883d3906/vcruntime140.dll  |
91.92.244.238 |
2024-07-23 21:51:03 |
| hXXp://85.28.47.70/c10a74a0c2f42c12/vcruntime140.dll |
85.28.47.70 |
2024-07-20 11:34:04 |
| hXXp://85.28.47.31/8405906461a5200c/vcruntime140.dll |
85.28.47.31 |
2024-07-19 08:39:03 |
| Name |
VAddress |
VSize |
Size |
SHA1 |
MD5 |
Suspicious |
| .text��� |
0x1000 |
0xdcf4 |
56832 |
ce007357c33fa7e0901a68b854d8d2a98cc9565a |
4da508a792f17eb70fc527f196e17b1c |
|
| .data��� |
0xf000 |
0x5f4 |
512 |
8f20f51d3120a29f73f5eac966c2c3d707e745a2 |
44f568c10e74e073142f81fd4e04d7e6 |
|
| .idata�� |
0x10000 |
0x584 |
1536 |
105faec2dc8fcd60857288724616c55d1b26093e |
815d869d862ccfa9c90b3f4063cd90eb |
|
| .rsrc��� |
0x11000 |
0x400 |
1024 |
93a777ce81ee313c7ede1bc87f674a4f5c92f341 |
ec015dc17ff07dd72f25a48791ffde15 |
|
| .reloc�� |
0x12000 |
0xa10 |
3072 |
35afbc8e084e566a5b966b515fe5cd58e837b1c0 |
8d6967b67a7b3932ec34879053146032 |
|
| MD5 |
SHA1 |
Block size |
Virtual Address |
| a776ba51117476a3fc4871001bd080db |
8e5cca4cdd8ea567896a915700e8831521e0205c |
16880 |
64000 |
Strings analysis - File found
| Library |
| api-ms-win-crt-convert-l1-1-0.dll |
| api-ms-win-crt-stdio-l1-1-0.dll |
| KERNEL32.dll |
| api-ms-win-crt-runtime-l1-1-0.dll |
| api-ms-win-crt-heap-l1-1-0.dll |
| api-ms-win-crt-string-l1-1-0.dll |
| vcruntime140.dll |
Strings analysis - Possible URLs found 15
| http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl0a |
| http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0 |
| http://www.microsoft.com0 |
| http://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z |
| http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0 |
| http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0 |
| http://www.microsoft.com/PKI/docs/CPS/default.htm0@ |
| http://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt0 |
| http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0T |
| http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl0 |
| http://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt0 |
| http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0X |
| http://www.microsoft.com/pkiops/docs/primarycps.htm0@ |
| http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z |
| http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0 |
| Function |
Address |
| wcsstr |
0x10004170 |
| wcsrchr |
0x100040c0 |
| wcschr |
0x10003ff0 |
| unexpected |
0x10007760 |
| strstr |
0x100036b0 |
| strrchr |
0x10003570 |
| strchr |
0x10003440 |
| set_unexpected |
0x10007740 |
| memset |
0x100032e0 |
| memmove |
0x10002d60 |
| memcpy |
0x100027e0 |
| memcmp |
0x10004a90 |
| memchr |
0x10002730 |
| longjmp |
0x10003fd0 |
| _setjmp3 |
0x10003da0 |
| _set_se_translator |
0x10007780 |
| _set_purecall_handler |
0x10007da0 |
| _seh_longjmp_unwind4 |
0x10003c08 |
| _seh_longjmp_unwind |
0x10003b04 |
| _purecall |
0x10007d80 |
| _longjmpex |
0x10003e20 |
| _local_unwind4 |
0x10003b30 |
| _local_unwind2 |
0x10003e96 |
| _is_exception_typeof |
0x10005c40 |
| _global_unwind2 |
0x10003e30 |
| _get_unexpected |
0x10007720 |
| _get_purecall_handler |
0x10007d60 |
| _except_handler4_common |
0x10004480 |
| _except_handler3 |
0x100039f8 |
| _except_handler2 |
0x10003928 |
| _chkesp |
0x100045e0 |
| __vcrt_LoadLibraryExW |
0x10007d40 |
| __vcrt_InitializeCriticalSectionEx |
0x10007c60 |
| __vcrt_GetModuleHandleW |
0x10007d30 |
| __vcrt_GetModuleFileNameW |
0x10007d10 |
| __uncaught_exceptions |
0x10007710 |
| __uncaught_exception |
0x100076f0 |
| __unDNameEx |
0x1000d410 |
| __unDName |
0x1000d3e0 |
| __telemetry_main_return_trigger |
0x10003f70 |
| __telemetry_main_invoke_trigger |
0x10003f70 |
| __std_type_info_name |
0x100075b0 |
| __std_type_info_hash |
0x10007580 |
| __std_type_info_destroy_list |
0x10007550 |
| __std_type_info_compare |
0x10007510 |
| __std_terminate |
0x10005c30 |
| __std_exception_destroy |
0x100074d0 |
| __std_exception_copy |
0x10007460 |
| __report_gsfailure |
0x1000df80 |
| __processing_throw |
0x10005c20 |
| __intrinsic_setjmp |
0x10003d60 |
| __current_exception_context |
0x10005c10 |
| __current_exception |
0x10005c00 |
| __TypeMatch |
0x10006a80 |
| __RTtypeid |
0x100073d0 |
| __RTDynamicCast |
0x100072d0 |
| __RTCastToVoid |
0x10007250 |
| __GetPlatformExceptionInfo |
0x10005bb0 |
| __FrameUnwindFilter |
0x10005b60 |
| __DestructExceptionObject |
0x10005a40 |
| __CxxUnregisterExceptionObject |
0x10006ce0 |
| __CxxRegisterExceptionObject |
0x10006c30 |
| __CxxQueryExceptionSize |
0x10006c20 |
| __CxxLongjmpUnwind |
0x1000d8f0 |
| __CxxFrameHandler3 |
0x1000d8b0 |
| __CxxFrameHandler2 |
0x1000d8b0 |
| __CxxFrameHandler |
0x1000d8b0 |
| __CxxExceptionFilter |
0x10006ae0 |
| __CxxDetectRethrow |
0x10006a90 |
| __BuildCatchObjectHelper |
0x10006a70 |
| __BuildCatchObject |
0x10006a60 |
| __AdjustPointer |
0x10005b30 |
| _SetWinRTOutOfMemoryExceptionCallback |
0x10005b20 |
| _NLG_Return2 |
0x10003f6d |
| _NLG_Return |
0x10002707 |
| _NLG_Dispatch2 |
0x10003f63 |
| _IsExceptionObjectToBeDestroyed |
0x10005af0 |
| _FindAndUnlinkFrame |
0x1000d7d0 |
| _EH_prolog |
0x1000df30 |
| _CxxThrowException |
0x10007680 |
| _CreateFrameInfo |
0x1000d7a0 |