challange_Benign_e0cbf643d41a740ddd49d860b3e24cfa1388f9b4550fcf59e2d8e5b4f01892b5[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

challange_Benign_e0cbf643d41a740ddd49d860b3e24cfa1388f9b4550fcf59e2d8e5b4f01892b5.dll
Size

8KB
MD5

bb2231cb23492b3cf5cb142394968ded
SHA1

e961b39c3fa74631daab50f6de5961a3e53c8ee9
SHA256

e0cbf643d41a740ddd49d860b3e24cfa1388f9b4550fcf59e2d8e5b4f01892b5
SHA512

39341d97c4e1f48710812869eb6fd531338d0a6db24da2604c1a271f060364be6bce2b035ecef9ccad0bbbad051490e77502dded41c0de9a3f95bd4295582d7f
SSDEEP

192:/1C1CDRYd6kLzFCtYSnDJrv5OEbj20y3XHPGR6ZsS:/g+RYd6kLpLSnDl5OEk3PGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
challange_Benign_e0cbf643d41a740ddd49d860b3e24cfa1388f9b4550fcf59e2d8e5b4f01892b5.dll

Files

challange_Benign_e0cbf643d41a740ddd49d860b3e24cfa1388f9b4550fcf59e2d8e5b4f01892b5.dll
.dll windows x86

05b40837e78d94395da5cbc2766fbb87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

user32

MessageBoxA

msvcr100

_onexit
_except_handler4_common
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_lock

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ