i[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

i.dll
Size

508KB
MD5

c544d9cf366d249a4bbe672935aacd80
SHA1

32ebe1345b2cb07aad530dda6e9b64b586e007ba
SHA256

6db72d21a060b08d398942da524ff55b36dc48ea6aaaed9698d1be9a97d8962b
SHA512

ca09c4cf6a14456aca5a09cad92a562051a0f2254884ef5fa24828136d3621514752366d65a082dc02532ea913bfbbc93a8a2c63635618132121f3e2ba8e8bc4
SSDEEP

6144:Puh8dBck1X0Z3mSnPNnT6+WwF83c73kZxd4BMXvYblRVj18YGywbpSSWv:mmdBck50ZTP5T6K87+9j18Vy2pS3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
i.dll

Files

i.dll
.dll windows x86

e788b20560c70fe819efd1469e4e787a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetFileType
GetStdHandle
HeapSize
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsGetValue
GetModuleFileNameA
GetCurrentProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
GetCPInfo
GetCurrentThreadId
GetCommandLineA
GetLastError
GetStringTypeW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
WideCharToMultiByte
QueryPerformanceCounter
GetSystemTimeAsFileTime
WriteFile
CloseHandle
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
GetTickCount
MultiByteToWideChar
CompareStringW
CreateProcessA
GetSystemTimeAdjustment
GetModuleFileNameW
GetWindowsDirectoryA
GlobalLock
HeapFree
InitializeSListHead
FreeEnvironmentStringsW
GetACP
FormatMessageA
HeapAlloc
TlsAlloc
GetCurrentDirectoryA
IsValidCodePage
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
ClearCommBreak
TlsFree
GetCurrentProcessId
FindNextFileA
SetLastError
RaiseException
GetOverlappedResult
CreateFileW
GetTimeZoneInformation
Beep
TlsSetValue
GetCurrentThread
SetCommBreak
GetModuleHandleExW
GetEnvironmentStringsW
GetLocaleInfoA
TerminateProcess

user32

SetRect
PeekMessageW
EndDeferWindowPos
GetMessageTime
DestroyWindow
DrawFocusRect
BringWindowToTop
EnableMenuItem
CheckDlgButton
ShowWindow
AppendMenuA
FindWindowExW
RemoveMenu
DefDlgProcA
RegisterClassW
SetCaretPos
EnableWindow
ToUnicode
CopyRect
SetWindowRgn
GetWindowTextLengthA
AppendMenuW
CreateWindowExA
DispatchMessageA
SetMenuItemInfoA
SetFocus
PostQuitMessage
SendDlgItemMessageA
InsertMenuA
AdjustWindowRect
ClientToScreen
GetSystemMenu
CreateDialogParamA
DrawIconEx
DeleteMenu
ShowCaret
RegisterWindowMessageA
GetDoubleClickTime
WinHelpA
ShowCursor
GetScrollInfo
MessageBoxA
InvalidateRect
CreatePopupMenu
EnableScrollBar
CreateCaret
CheckRadioButton
SystemParametersInfoA
LoadCursorA
DestroyIcon
CheckMenuItem

gdi32

CombineRgn
GetSystemPaletteEntries
SetROP2
PolyPolygon
SetViewportOrgEx
GetCharWidthW
CreatePenIndirect
OffsetRgn
CreateHatchBrush
GetDeviceCaps
GetEnhMetaFileHeader
CreateBitmap
GetObjectA
ExtTextOutA
CreateSolidBrush
EnumFontsA
LineTo
CreateRectRgn
Ellipse
GetCharWidth32W
GetBkColor
GetTextExtentPointA
MoveToEx
Pie
SetTextColor
GetCharacterPlacementW
GetBkMode
Polygon
GdiFlush
GetWinMetaFileBits
GetRgnBox
SetPixel
GetRegionData
GetPaletteEntries
RectInRegion
Rectangle
ExtCreateRegion
SaveDC
RealizePalette
SetPolyFillMode
GetTextExtentExPointA
SetViewportExtEx
CreateICA
CreateEnhMetaFileW
RestoreDC
GetCharWidthA

advapi32

SetSecurityDescriptorOwner
CopySid
RegOpenKeyA
EqualSid

Sections

.text
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e788b20560c70fe819efd1469e4e787a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 388KB - Virtual size: 387KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 388KB - Virtual size: 387KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 15KB - Virtual size: 14KB