ee00000[.]dll[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ee00000.dll.exe
Size

455KB
MD5

4e9d25f65dec942642b7dc7b4811c1bc
SHA1

5301f2da35e2905e729fd914d01da840e552a492
SHA256

c94297eec998730e85fb2b4302f33ea6126d1ae5f6ba05e0200834d8d4fd5647
SHA512

8afb2e37adda4802ca44813f8b6ddca97fc88e91759bde340000d8dcbb4e67be946c6127e0651b713cfed3c885d69845aeaa102c738fe5418afa3e2fdc9ed65b
SSDEEP

12288:wqCSml+tlMTX5Udz0un3rg8F8qA74LR6:wcmlIlMTSddgGvAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee00000.dll.exe

Files

ee00000.dll.exe
.dll windows x64

096d53ca0d6186118b81a64fbb85a65e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

memset
mbstowcs
memcpy
RtlNtStatusToDosError
memmove
_snwprintf
strncmp
memcmp
strcmp
StrCmpNA
StrStrIA
PathCombineW
StrStrA
PathFindFileNameW
StrChrW
StrStrW
StrChrA
CryptUnprotectData
CryptStringToBinaryA
HeapCreate
GetLastError
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
LocalFree
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
OpenProcess
TerminateProcess
SetLastError
HeapDestroy
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetTempPathA
GetCurrentProcessId
DeleteFileW
HeapFree
HeapAlloc
lstrlenW
CreateEventA
Sleep
Process32FirstW
GetVersionExA
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
DeleteFileA
AreFileApisANSI
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
QueryPerformanceCounter
SetEvent
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
GetSystemTime
CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

096d53ca0d6186118b81a64fbb85a65e

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 390KB - Virtual size: 389KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 12KB - Virtual size: 11KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 390KB - Virtual size: 389KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 12KB - Virtual size: 11KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB