Benign_ff5d26f8269c3f82b2e4cb3d71a9e6bcf46812c54578bbe7997f4dc97ca2af65[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Benign_ff5d26f8269c3f82b2e4cb3d71a9e6bcf46812c54578bbe7997f4dc97ca2af65.dll
Size

25KB
MD5

11a6d7788dfe087370c7518889521570
SHA1

18da3e8c73613f5cbfff68b28ee948c1c46fb657
SHA256

ff5d26f8269c3f82b2e4cb3d71a9e6bcf46812c54578bbe7997f4dc97ca2af65
SHA512

74b01e35c7f6adb4cbe35922881c2562f854443cb84e135943c7917aa25e93a04b6f56572e7f8705036dd5f2b0cd937c6e7e81aca0a2d48d94c76a2fd9c0afef
SSDEEP

384:XgeLbwhsEaE65AyzvfaoDaPhchUxIbLSycnBOOnJ3mBPF:QJ2HXauaPhchUxIJcBOOnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Benign_ff5d26f8269c3f82b2e4cb3d71a9e6bcf46812c54578bbe7997f4dc97ca2af65.dll

Files

Benign_ff5d26f8269c3f82b2e4cb3d71a9e6bcf46812c54578bbe7997f4dc97ca2af65.dll
.dll windows x64

000d04c9f28d6aa7e0430e5e3fda90d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

td_alloc_4.02_11

odrxAlloc
odrxFree
??3@YAXPEAX@Z

td_root_4.02_11

?desc@OdRxObject@@SAPEAVOdRxClass@@XZ
?isA@OdRxObject@@UEBAPEAVOdRxClass@@XZ
?numRefs@OdRxObject@@UEBAJXZ
?clone@OdRxObject@@UEBA?AVOdRxObjectPtr@@XZ
?copyFrom@OdRxObject@@UEAAXPEBV1@@Z
?comparedTo@OdRxObject@@UEBA?AW4Ordering@OdRx@@PEBV1@@Z
?isEqualTo@OdRxObject@@UEBA_NPEBV1@@Z
??0OdError_NotThatKindOfClass@@QEAA@AEBV0@@Z
??0OdError_NotThatKindOfClass@@QEAA@PEBVOdRxClass@@0@Z
?x@OdRxObject@@UEBAPEAV1@PEBVOdRxClass@@@Z
??0OdError@@QEAA@AEBV0@@Z
?odrxDynamicLinker@@YAPEAVOdRxDynamicLinker@@XZ
??0OdString@@QEAA@PEB_W@Z
??1OdString@@QEAA@XZ
?OdAssert@@YAXPEBD0H@Z
?odThreadsCounter@@YAAEAVThreadsCounter@@XZ
?desc@OdRxThreadPoolService@@SAPEAVOdRxClass@@XZ
?isA@OdRxThreadPoolService@@UEBAPEAVOdRxClass@@XZ
?queryX@OdRxThreadPoolService@@UEBAPEAVOdRxObject@@PEBVOdRxClass@@@Z
?queryX@OdRxObject@@UEBAPEAV1@PEBVOdRxClass@@@Z
??1OdRxObject@@UEAA@XZ
??1OdError_NotThatKindOfClass@@QEAA@XZ

icadcontrolflow

?isCurrentGSThread@IcThreadManager@@SA_NXZ
?getDbCFChainId@IcThreadManager@@SAIXZ
?getCFChainId@IcThreadManager@@SAIXZ
?getApcInfo@IcThreadManager@@SA?AVOdRxObjectPtr@@XZ
?beginApcCall@IcThreadManager@@SAXXZ
?endApcCall@IcThreadManager@@SAXXZ
?startUseApcInfo@IcThreadManager@@SA?AVOdRxObjectPtr@@V2@@Z
?stopUseApcInfo@IcThreadManager@@SAXVOdRxObjectPtr@@0@Z
?waitForSendEventComplete@IcThreadManager@@SAXPEAX0I@Z

msvcr110

__crtCapturePreviousContext
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
_lock
_calloc_crt
__dllonexit
_onexit
_unlock
_CxxThrowException
__clean_type_info_names_internal
??0exception@std@@QEAA@AEBV01@@Z
?what@exception@std@@UEBAPEBDXZ
??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@AEBQEBDH@Z
__CxxFrameHandler3
_purecall
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
__C_specific_handler
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess

kernel32

EncodePointer
CreateThread
CloseHandle
CreateEventW
ResetEvent
DisableThreadLibraryCalls
GetModuleFileNameW
SetEvent
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent

Exports

Exports

odrxCreateModuleObject
odrxGetAPIVersion

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

000d04c9f28d6aa7e0430e5e3fda90d8

Headers

DLL Characteristics

File Characteristics

Imports

td_alloc_4.02_11

td_root_4.02_11

icadcontrolflow

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 948B

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 1024B - Virtual size: 552B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 948B

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 1024B - Virtual size: 552B