6nSnnpp8aZzkTcEj8wAkHLI[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

6nSnnpp8aZzkTcEj8wAkHLI.dll
Size

822KB
MD5

8b19548a0084cf4d0b17145ae60a57bd
SHA1

9f4f9cf116450d076041b3138beea450eeb1431a
SHA256

b79cf1b3552070359bffcb2d5a144259c1d5db86eced22765ba7c35dcf2eb090
SHA512

642ffd689beceb113cf554b380a52a882bffc4a39ba6c5ea56e33e04a1b3b60fe89b57681daecc7b14f012d0ae66b33af28de08b80712e32edd7c13a0020635a
SSDEEP

6144:v7rc6Wk6SYnaKOai5uWLwrd0jSjc0vNPqBVzLFW7WUPV2m7hzS7583Tg7A+++ncE:vXcFk6SYna2Frd0jSjcc9SpmBZX0TMh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6nSnnpp8aZzkTcEj8wAkHLI.dll

Files

6nSnnpp8aZzkTcEj8wAkHLI.dll
.dll regsvr32 windows x64

733e4ccf9ef47c6e471d93270b5eb898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
ReleaseSemaphore
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_fdopen
_fileno
_read
_write
__dllonexit
__doserrno
__iob_func
__mb_cur_max
__pioinfo
_amsg_exit
_errno
_filelengthi64
_fileno
_fstat64
_initterm
_lock
_lseeki64
_onexit
_strnicmp
_unlock
_vsnprintf
_write
abort
atoi
calloc
fclose
fflush
fgetpos
fopen
fputc
fputs
fread
free
fsetpos
fwrite
getc
getwc
isspace
iswctype
localeconv
malloc
memchr
memcpy
memmove
memset
printf
putc
putwc
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm

user32

ShowWindow

ole32

CoLoadLibrary

Exports

Exports

ConsoleInput
DllRegisterServer
_ZN8DllClassC1Ev
_ZN8DllClassC2Ev
_ZN8DllClassD0Ev
_ZN8DllClassD1Ev
_ZN8DllClassD2Ev
_ZTV8DllClass

Sections

.text
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 263B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

733e4ccf9ef47c6e471d93270b5eb898

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

Exports

Exports

Sections

.text Size: 531KB - Virtual size: 531KB

.data Size: 52KB - Virtual size: 52KB

.rdata Size: 17KB - Virtual size: 17KB

.pdata Size: 26KB - Virtual size: 26KB

.xdata Size: 25KB - Virtual size: 24KB

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 263B

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 72B

.rsrc Size: 158KB - Virtual size: 158KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 531KB - Virtual size: 531KB

.data
Size: 52KB - Virtual size: 52KB

.rdata
Size: 17KB - Virtual size: 17KB

.pdata
Size: 26KB - Virtual size: 26KB

.xdata
Size: 25KB - Virtual size: 24KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 263B

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 72B

.rsrc
Size: 158KB - Virtual size: 158KB

.reloc
Size: 3KB - Virtual size: 3KB