easy_Benign_fff98d76ad8d5fe8b2d1b88eb3b22e9887d0563e4b003e47042662ec81607dc5[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

easy_Benign_fff98d76ad8d5fe8b2d1b88eb3b22e9887d0563e4b003e47042662ec81607dc5.dll
Size

22KB
MD5

1f92d3eb19d3c939b5c3972efae9e3dc
SHA1

34c54e5609c454a539c6d1121e792dacc63ec24c
SHA256

fff98d76ad8d5fe8b2d1b88eb3b22e9887d0563e4b003e47042662ec81607dc5
SHA512

e93728b9910e18adf5016ecefb51e5199276d95ec61de32242eff38b90734013c384bb2ab97e005e01df2df7444b68aea5547b89127a5210b03881ee2ca99bf9
SSDEEP

384:vBYKoR5HdbJ1v4v2M3g0lEZWJXphH+NNRJRSFEyElW7SW:vgX9bCl0i+NN/IuyE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_fff98d76ad8d5fe8b2d1b88eb3b22e9887d0563e4b003e47042662ec81607dc5.dll

Files

easy_Benign_fff98d76ad8d5fe8b2d1b88eb3b22e9887d0563e4b003e47042662ec81607dc5.dll
.dll windows x64

75dd767b3d6d5250355bad2fd79d07f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__seh_filter_dll
memcmp
_o_free
_o_malloc
__C_specific_handler
_CxxThrowException
__CxxFrameHandler4
_o__register_onexit_function

api-ms-win-crt-string-l1-1-0

memset

ntdll

RtlReleaseSRWLockShared
RtlAcquireSRWLockShared
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockExclusive
RtlInitializeSRWLock
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

rpcrt4

NdrClientCall3
RpcBindingFree
RpcBindingBind
RpcBindingCreateW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

Exports

Exports

CSebCreateCustomEvent
CSebCreatePrivateEvent
CSebCreateWellKnownEvent
CSebDeleteEvent
CSebEnumerateEvents
CSebQueryEventData

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75dd767b3d6d5250355bad2fd79d07f2

Headers

DLL Characteristics

File Characteristics

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

ntdll

rpcrt4

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-processthreads-l1-1-1

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 840B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 172B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 840B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 172B