easy_Benign_fff389e13656fe36a52697bb68ef6b333a5c42746ccf7138205d2b9b10f8aa25[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

easy_Benign_fff389e13656fe36a52697bb68ef6b333a5c42746ccf7138205d2b9b10f8aa25.dll
Size

8KB
MD5

57f05fd3aec29f9710024cdcc9a7e72c
SHA1

f6606afadc668101bb1e2566863c67e6eb8202f8
SHA256

fff389e13656fe36a52697bb68ef6b333a5c42746ccf7138205d2b9b10f8aa25
SHA512

c5b8e18a6f48acc1d8f46c5674fda1ed716732114f44e62d520611a30ea42adfcb0646c25aeb22ccef9e427d394a75e1ec2ad7b60edddbdfb5545df1895a545e
SSDEEP

96:h12Ei9eAleNxDPuPFY6jdoExEZHgEW3XIWw:h12Ei9eAlkxD2PFY2doExEZ5W3XIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_fff389e13656fe36a52697bb68ef6b333a5c42746ccf7138205d2b9b10f8aa25.dll

Files

easy_Benign_fff389e13656fe36a52697bb68ef6b333a5c42746ccf7138205d2b9b10f8aa25.dll
.dll windows x64

b7ef9630c9e2eaa54d80cf5332520503

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

gdi32

GetDeviceCaps
GetCurrentObject
GetObjectType
GdiAlphaBlend
GdiTransparentBlt
GdiGradientFill
GetObjectA

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
FreeLibrary

api-ms-win-core-sysinfo-l1-1-0

GetVersionExA
GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7ef9630c9e2eaa54d80cf5332520503

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

gdi32

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 132B

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 512B - Virtual size: 28B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 132B

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 512B - Virtual size: 28B