Benign_ffeacc43ab7dce30bff5ee8424286d488e7b9b7c76e3d164043dd57c2b11aa28[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Benign_ffeacc43ab7dce30bff5ee8424286d488e7b9b7c76e3d164043dd57c2b11aa28.dll
Size

23KB
MD5

a3093f69528fc2281ac11659d7a36a46
SHA1

59ca49e0de2d22bb797c05ba89fec4c4a273d6da
SHA256

ffeacc43ab7dce30bff5ee8424286d488e7b9b7c76e3d164043dd57c2b11aa28
SHA512

dcf3d0b72694e4622c04303dd75b97b5fe73524cf3a33b03c4600bf426a3d99c948bdfc7f08588993ff03c43b0b7c995dda28aaf62bac162e839c123dfc9aa98
SSDEEP

384:mwR6LeAIOBh8ZiOo4g0aOp4VrNlsycJzLiXQlfHb2LiuOl1wjNpQJ:mwULeAIxDo4g0aOWhvyJHFHbQ1Olan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Benign_ffeacc43ab7dce30bff5ee8424286d488e7b9b7c76e3d164043dd57c2b11aa28.dll

Files

Benign_ffeacc43ab7dce30bff5ee8424286d488e7b9b7c76e3d164043dd57c2b11aa28.dll
.dll windows x64

bab69e1d60d9b2d0702393c25459e690

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mfc100u

ord11157
ord2117
ord4570
ord13475
ord11463
ord7246
ord7321
ord10658
ord12889
ord11150
ord6898
ord13191
ord13188
ord13193
ord13190
ord13192
ord13189
ord3295
ord5049
ord10910
ord10918
ord3942
ord7094
ord9189
ord10922
ord10891
ord11523
ord4473
ord4737
ord4907
ord8174
ord4715
ord4910
ord4476
ord4612
ord4457
ord3543
ord6670
ord11158
ord4610
ord7096
ord9019
ord8037
ord5894
ord6895
ord1270
ord878
ord6609
ord1838
ord1291
ord1870
ord3704
ord890
ord3484
ord11542
ord6853
ord1716
ord895
ord2052
ord3292
ord2017
ord2015
ord2041
ord1950
ord2007
ord396
ord1919
ord2051
ord2049
ord1911
ord1850
ord1900
ord322
ord1279
ord296
ord1276
ord13226
ord13002
ord6836
ord13008
ord6660
ord8221
ord6669
ord13782
ord321
ord1278

msvcr100

memcpy
__dllonexit
_wcsicmp
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
_onexit
_lock
memset
_unlock
__C_specific_handler
__CxxFrameHandler3
sprintf_s

kernel32

GetCurrentProcess
OpenProcess
SetLastError
GetExitCodeProcess
ReadProcessMemory
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
TerminateProcess
DecodePointer
EncodePointer
LocalAlloc
LocalFree
WaitForSingleObject
UnmapViewOfFile
GetTickCount
MapViewOfFile
OpenFileMappingW
Sleep
CloseHandle

psapi

GetProcessImageFileNameW

user32

GetClientRect
InvalidateRect
UpdateWindow
wsprintfA

shlwapi

PathFindFileNameW

Exports

Exports

Load_SLIPlugin
Release_SLIPlugin

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bab69e1d60d9b2d0702393c25459e690

Headers

DLL Characteristics

File Characteristics

Imports

mfc100u

msvcr100

kernel32

psapi

user32

shlwapi

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 708B

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 512B - Virtual size: 436B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 708B

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 512B - Virtual size: 436B