easy_Benign_ffddae86bdfae95832322eb7d2a02622156420869212cf1076e942d81271df18[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Benign_ffddae86bdfae95832322eb7d2a02622156420869212cf1076e942d81271df18.dll
Size

11KB
MD5

e09328129e8c71f77288a3029b6f6fa2
SHA1

024fa3d6236febef3872fc6f5e036a1a76cce479
SHA256

ffddae86bdfae95832322eb7d2a02622156420869212cf1076e942d81271df18
SHA512

628d886f569c0bf55a593827f06873fe3e4df32bc7e6f00bebc3b5bffbd558d100c8e0f267e039cfdb5620086561fd57a14df388640c5b786f5fa185d90dafff
SSDEEP

192:cho9grJMW4Hdog8qKI+M3UVf9DfCuEx3ZgWCTWXsrC:crFMWQPRKI+M3UVf9D6NZgWCTW8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_ffddae86bdfae95832322eb7d2a02622156420869212cf1076e942d81271df18.dll

Files

easy_Benign_ffddae86bdfae95832322eb7d2a02622156420869212cf1076e942d81271df18.dll
.dll windows x86

b429f31c58eeee044a709f8379118854

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsicmp
_initterm
malloc
free
_amsg_exit
_XcptFilter
memcpy
_except_handler4_common
memset

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllGetVersion

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ