d[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

d.dll
Size

400KB
MD5

2328b3e6e1bf25314d3296fbcb3d7242
SHA1

2475d2ac538e8c0dd04877cd7b8f5e97e5520e80
SHA256

f2eb8ed93266290d1af117ced3d464d477a37ce6edc6a281e6fac09e4cc6fed9
SHA512

43b83ddf7992986261f5a7466044c004493d6fa7b053b7c273ac55de0638dbd84d275893b70ad2122841cb0b5ff241ee7e7f68033fcf8e3fefa6280cf200d756
SSDEEP

6144:ko1sFXGrWLMlwd691C4kd7pG/TMM8ZOzemLLDyQFbKLzdkJ:ko1sFaSMlwd2o4Mh4zhWQ8Lzy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d.dll

Files

d.dll
.dll windows x64

2261562365bd34858ba01ce9cb446c71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadResource
FindResourceW
DecodePointer
GetProcAddress
GlobalLock
DeleteCriticalSection
GetModuleHandleW
FreeLibrary
lstrcmpiW
GlobalUnlock
LoadLibraryExW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
GetStringTypeW
GetFileType
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
RaiseException
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
LCMapStringW
HeapReAlloc
HeapSize
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
GlobalAlloc
GetLastError
MultiByteToWideChar
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
lstrlenW
EnterCriticalSection
SetLastError
InterlockedFlushSList
RtlUnwindEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlPcToFileHeader
CreateFileW
GetSystemTimeAsFileTime
GetCPInfo
SizeofResource
EncodePointer
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId

user32

ShowWindow
LoadImageW
DialogBoxParamW
GetParent
PostQuitMessage
GetWindowLongW
GetMessageW
CreateDialogParamW
GetSystemMenu
GetWindow
GetWindowRect
DestroyWindow
SetWindowPos
MessageBoxW
CheckRadioButton
MonitorFromWindow
SetWindowLongPtrW
SendMessageW
EndDialog
GetSystemMetrics
UnregisterClassW
LoadStringW
AppendMenuW
GetActiveWindow
OpenClipboard
DispatchMessageW
IsDialogMessageW
IsMenu
GetMonitorInfoW
CloseClipboard
EmptyClipboard
PeekMessageW
SetDlgItemTextW
MapWindowPoints
MessageBoxA
IsDlgButtonChecked
DestroyMenu
CharNextW
TranslateMessage
SetClipboardData
wsprintfW
GetClientRect

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW

ole32

CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Exports

Exports

Google

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2261562365bd34858ba01ce9cb446c71

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 305KB - Virtual size: 304KB

.data Size: 7KB - Virtual size: 12KB

.pdata Size: 5KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 208B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 305KB - Virtual size: 304KB

.data
Size: 7KB - Virtual size: 12KB

.pdata
Size: 5KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 208B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB