12cebf313000936f495f8635ef791a7197c6059e301f109ed7020ae442f213fb[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

12cebf313000936f495f8635ef791a7197c6059e301f109ed7020ae442f213fb.dll
Size

123KB
MD5

c6826be141d642344b2962e8997f6230
SHA1

699ad4acdbe81fb087ab180aabcd5eb7f0546bb4
SHA256

12cebf313000936f495f8635ef791a7197c6059e301f109ed7020ae442f213fb
SHA512

d7fa73733c520666ebd1baf0e2ce53d5dd703c58bab20f3becd7e97ae9ae77482b0e7bd34b7f01fa72704257bee6449931ff85233f4c2ac6cb33db3444986959
SSDEEP

1536:6ik3l2sD4+yZVxx5ysWy3TyZr+nrArBMoxcPVAuUvYEloMEfVWnBTnBfJiotykJC:s2ssxV/5bR3GZBkVUvkMR5J5tyAQbB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12cebf313000936f495f8635ef791a7197c6059e301f109ed7020ae442f213fb.dll

Files

12cebf313000936f495f8635ef791a7197c6059e301f109ed7020ae442f213fb.dll
.dll windows x86

5a8c9a7aee9ffaa7416a80bb8ff9fc62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CloseHandle
Sleep
GetProcAddress
LoadLibraryA
FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
SetLastError
VirtualAlloc
VirtualProtect
CreateFileW
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetCurrentProcessId
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetLocaleInfoW
WriteFile
GetStdHandle
GetModuleFileNameW
HeapSize
SetHandleCount
GetFileType
GetStartupInfoW
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount

user32

wsprintfA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Exports

Exports

GetInstallDetailsPayload
SignalChromeElf

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a8c9a7aee9ffaa7416a80bb8ff9fc62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

wininet

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 672B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 672B

.reloc
Size: 9KB - Virtual size: 8KB