easy_Benign_fffa775d86f5308ecace5ca350a6483fe22605ba62ed5a974041fd60bd904491[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Benign_fffa775d86f5308ecace5ca350a6483fe22605ba62ed5a974041fd60bd904491.dll
Size

8KB
MD5

e1377c79783ea764fb4d8a3b0d877b59
SHA1

a9fbad93f245b511854816fbf596fb9b1b18fd59
SHA256

fffa775d86f5308ecace5ca350a6483fe22605ba62ed5a974041fd60bd904491
SHA512

be6e07e13a11dc89811d390cf4d984ed2fd29afc77ef0d2b7c9a5b9839cb5c9cca8b3ddcdcedb972d62e9fb63501a75f4cf8a5706295774460b3f096f4ff167a
SSDEEP

192:kI/5UmaKIBCDu7JgCwrrHmqUK3Xk6CkqtTcRfm:vPIcDedUbmqD064ue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_fffa775d86f5308ecace5ca350a6483fe22605ba62ed5a974041fd60bd904491.dll

Files

easy_Benign_fffa775d86f5308ecace5ca350a6483fe22605ba62ed5a974041fd60bd904491.dll
.dll windows x86

b6e31b78c4fb4d641247840d34980da5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GlobalFree
GlobalAlloc
lstrcpynA
FormatMessageA
LocalFree
GetModuleFileNameA
CreateFileA
GetLastError
ReadFile
CloseHandle
SetFilePointer
WriteFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcr80

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_initterm_e
_initterm
_decode_pointer
free
_encoded_null
_malloc_crt
_encode_pointer
_snprintf
memmove_s
_amsg_exit
memset

Exports

Exports

UpdatePartnerId

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ