easy_Benign_ffa691c3015353074bdf97043b8941caa240ab8c956a5a9fb8ad881965abea0b[.]dll

General

Target

easy_Benign_ffa691c3015353074bdf97043b8941caa240ab8c956a5a9fb8ad881965abea0b.dll
Size

13KB
MD5

63ea6d1f1f8180e9111166140558c00d
SHA1

559ad3bb26d39af9320a530b7c25a9504319048e
SHA256

ffa691c3015353074bdf97043b8941caa240ab8c956a5a9fb8ad881965abea0b
SHA512

2cf8d6cec1cb9d5991cdbe4e693909f749e4c13fe385e4e9bb983d9729927ddb048b837891d8890dcb5254633284d7b0b4c0e12c537ab5c76c3228987f8040f1
SSDEEP

384:tNmETLlEHnTVaTkKj9G2wqFiRpOtqGt4N:to6EzVaAKj42wqFiRpOtjt4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_ffa691c3015353074bdf97043b8941caa240ab8c956a5a9fb8ad881965abea0b.dll

Files

easy_Benign_ffa691c3015353074bdf97043b8941caa240ab8c956a5a9fb8ad881965abea0b.dll
.dll windows x86

e948f3d297abbcdb868d965534934bbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
Sleep
LoadLibraryExA
FreeLibrary
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

winspool.drv

EnumPrintersA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcr90

_onexit
_decode_pointer
_lock
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_encode_pointer
__dllonexit
_unlock
??2@YAPAXI@Z
strcat_s
strrchr
??3@YAXPAX@Z
strcpy_s
_CxxThrowException
memcpy
_malloc_crt
memset

Exports

Exports

GetOnSupportAPI

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e948f3d297abbcdb868d965534934bbe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

advapi32

msvcr90

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 798B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 798B