S0bv40qIFZYpb8iaD[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

S0bv40qIFZYpb8iaD.dll
Size

524KB
MD5

1d4ddbdad72718e58e0adcc0fc133f80
SHA1

b8dc219295c27c1b7366097bebfeb46d1546b170
SHA256

f1837d93609bd3716203efbab53b6049d6d6735dead3e8ebde21b8ad3babcda8
SHA512

ba8950ac6d1e966c8547c8fdac7a865430a103e1b49d1aed6118ec1d215218317d272e95f3d3e0c57255051a11e1ae9aebede623343d8a67f98154e129758bff
SSDEEP

12288:F4UuFuNB2bvR0Iva6qREvKMHBM8i/Da7VpxmIXf5:FriuNsVC6qss/g5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
S0bv40qIFZYpb8iaD.dll

Files

S0bv40qIFZYpb8iaD.dll
.dll regsvr32 windows x86

42b6eb59ab89b7c7191018703e14d098

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateEventW
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLargePageMinimum
GetLastError
GetLocaleInfoW
GetLogicalDrives
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetThreadUILanguage
GetTickCount64
GetTickCount
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalFree
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ResetEvent
RtlUnwind
SetEvent
SetFileApisToOEM
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnregisterApplicationRestart
VirtualAlloc
VirtualFree
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcmpiW

user32

BeginPaint
CallWindowProcW
CharNextW
ClientToScreen
CreateWindowExW
DefWindowProcW
DestroyWindow
DrawTextW
EndPaint
GetActiveWindow
GetClassInfoExW
GetClientRect
GetClipboardSequenceNumber
GetDC
GetFocus
GetKBCodePage
GetMenuCheckMarkDimensions
GetParent
GetShellWindow
GetWindowLongW
InSendMessage
InsertMenuW
InvalidateRect
IsProcessDPIAware
IsWindow
IsWow64Message
LoadCursorW
RegisterClassExW
ReleaseDC
SendMessageW
SetProcessDPIAware
SetTimer
SetWindowLongW
ShowWindow
UnregisterClassW

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
OleRun

shell32

InitNetworkAddressControl
SHGetFolderPathW
ShellExecuteW

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VarBstrCmp
VarUI4FromStr
VariantChangeType
VariantClear
VariantCopy
VariantInit

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontW
DeleteDC
DeleteObject
GetDeviceCaps
GetTextMetricsW
SelectObject
SetBkMode
SetTextColor

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW

pdh

PdhAddCounterW
PdhCloseQuery
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhOpenQueryW
PdhRemoveCounter
PdhValidatePathW

Exports

Exports

DllRegisterServer
austckxfaik
cqqkeex
djnqbtvayy
efrzyvglli
enubqhyhrdravak
eyrdtwullrvwzgb
fgflgbcpnp
folzognykxruci
fsupufzxveidd
gpguvkjhe
gukhufeydga
jeeeevt
jxjyvymfmz
kjojhkittpozqpd
lmtrwlpwqtjhvtuj
macttvghbgxroesg
nsxooyrzrlhro
oqrmsstke
ouzshlkyftkltocd
purxbfgweot
qdxgdfho
scadjlmnhpakucfx
somnqlvfnxrkqhj
sssbflczmpglj
stiqygspmrq
ttbuqyelb
tvbisaovmjg
ueeusdvsyjicm
uhgvaac
vdawmye
veuaqnc
vrzxzuprpdqaqj
vsunefeo
wniyallto
wvwypnbgbav
xevcabapuc
xsprevqng
ygpmmpsimcpicgirh
zhpuiokrty

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.faxt
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 1024B - Virtual size: 641B

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42b6eb59ab89b7c7191018703e14d098

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

shell32

oleaut32

gdi32

advapi32

pdh

Exports

Exports

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 5KB - Virtual size: 9KB

.00cfg Size: 512B - Virtual size: 4B

.faxt Size: 512B - Virtual size: 28B

.gfids Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 9B

.voltbl Size: 1024B - Virtual size: 641B

.rsrc Size: 144KB - Virtual size: 143KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 5KB - Virtual size: 9KB

.00cfg
Size: 512B - Virtual size: 4B

.faxt
Size: 512B - Virtual size: 28B

.gfids
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

.voltbl
Size: 1024B - Virtual size: 641B

.rsrc
Size: 144KB - Virtual size: 143KB

.reloc
Size: 11KB - Virtual size: 11KB