cabinet[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cabinet.dll
Size

407KB
MD5

7b24024ab132ca87a1dda646d5bb16c3
SHA1

eb2a6ff0e9804a923a535815c0edf502ae653b4f
SHA256

efd2e0d1f8da4ff1c4235fa2f0e3a7bcfd93238897d3b2e95dd194911eaa4e13
SHA512

ef93c9d3db723fb6d81d753b3152b590e9d78ee1101daa81f486af27274670b88cf956c2ae9a1c22f4cd7dc3a0b2d2cd4b90a78b99c500ffe47fc7a0b0c9721f
SSDEEP

3072:L+8Cd+gcFDC2TbYseemGxG2nbxorFyWGYOGDV2qU0gsnHGdvc8i5ED/Pe2KGsmiu:gdO3UseeObOG0X0gMGZ7bsbdqb

Score

1^/10

Malware Config

Signatures

Files

cabinet.dll
.dll windows x64

3b4cacd6a60fcf3429aa682cb864c8e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

zlib1

deflate
deflateEnd
deflateInit2_

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DisableThreadLibraryCalls
DosDateTimeToFileTime
GetFileAttributesA
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
IsBadStringPtrA
LocalFileTimeToFileTime
RaiseException
ReadFile
SetFilePointer
SetFileTime
WriteFile
lstrcmpiA

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_assert
_strdup
free
fwrite
getenv
memcmp
memcpy
memmove
memset
strcat
strchr
strcmp
strcpy
strcspn
strlen
strrchr

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushCabinet
FCIFlushFolder
FDICopy
FDICreate
FDIDestroy
FDIIsCabinet
FDITruncateCabinet
GetDllVersion

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 320B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 985B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b4cacd6a60fcf3429aa682cb864c8e9

Headers

DLL Characteristics

File Characteristics

Imports

zlib1

kernel32

ntdll

ucrtbase

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 144B

.rodata Size: 4KB - Virtual size: 164B

.rdata Size: 4KB - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 828B

.xdata Size: 4KB - Virtual size: 976B

.bss Size: - Virtual size: 320B

.edata Size: 4KB - Virtual size: 985B

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 32B

/4 Size: 4KB - Virtual size: 336B

/19 Size: 88KB - Virtual size: 85KB

/31 Size: 8KB - Virtual size: 6KB

/45 Size: 44KB - Virtual size: 41KB

/57 Size: 8KB - Virtual size: 7KB

/70 Size: 4KB - Virtual size: 1KB

/81 Size: 128KB - Virtual size: 124KB

/92 Size: 12KB - Virtual size: 11KB

.text
Size: 52KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 144B

.rodata
Size: 4KB - Virtual size: 164B

.rdata
Size: 4KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 828B

.xdata
Size: 4KB - Virtual size: 976B

.bss
Size: - Virtual size: 320B

.edata
Size: 4KB - Virtual size: 985B

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 32B

/4
Size: 4KB - Virtual size: 336B

/19
Size: 88KB - Virtual size: 85KB

/31
Size: 8KB - Virtual size: 6KB

/45
Size: 44KB - Virtual size: 41KB

/57
Size: 8KB - Virtual size: 7KB

/70
Size: 4KB - Virtual size: 1KB

/81
Size: 128KB - Virtual size: 124KB

/92
Size: 12KB - Virtual size: 11KB