Memcheck[.]dll

General

Target

Memcheck.dll
Size

9KB
MD5

31f79d7ec418d32e279f3b7002a85555
SHA1

c0c1f857406c63e7755614e113a7b954bedcef4e
SHA256

abba82ff09f7ca30e86e1e185f1e8835434fa113be077f264e79364d57e8e04e
SHA512

264dffcf56c6d30201c815debefff4ab1d2b42bfb02084b884d6b6f1c1e25f9651318cd617cb96377d8384bdd43b31abe7ebd52b8cb23a56254046a5b7dfc15a
SSDEEP

96:GSueLa6gwkXB0XGBwcIu+lQvbKg1woar0JuGNjbrXDwzU3LEyxA:JualgwZLuCcKtoarjGNrXDwzU3Ij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Memcheck.dll

Files

Memcheck.dll
.dll windows x86

1c59cf78871a3ab9538ab32aba46e195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
DisableThreadLibraryCalls
CreateThread
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

MessageBoxW

vcruntime140

__telemetry_main_invoke_trigger
__std_type_info_destroy_list
memset
_except_handler4_common
__telemetry_main_return_trigger

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_crt_atexit
_initialize_narrow_environment
_seh_filter_dll
_execute_onexit_table
_initterm_e
_initialize_onexit_table
_register_onexit_function

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c59cf78871a3ab9538ab32aba46e195

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 904B

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 328B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 904B

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 328B