Static task
static1
General
-
Target
BO4_Unlock_All_1.dll
-
Size
242KB
-
MD5
ee7b41cad7943223d9ac9627efea5d36
-
SHA1
0e47e318b918ee8cb3e1c86f2df4230443921f86
-
SHA256
b98ebcac91b8a151f9911aec51fff02dcb26c2ded14f3025de220b3e16efc472
-
SHA512
4cbc0b36441d101e5f845892fc0141f929755a951e2ffa0ff35d431840467a7ad0810b2ae6febad22ba9835e37bd78a1f460ea5e82c571dc8a45b367a6db5f17
-
SSDEEP
6144:kffU9UD1XPpl78u2GHBXMb4TIbVGFEVO5w2US5kCGWLJeNX82UWiO8UbnzSv:fbVGFEVWf/ebnz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource BO4_Unlock_All_1.dll
Files
-
BO4_Unlock_All_1.dll.dll windows x64
df8df860da385b137ed16615b76066e7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleA
GetProcAddress
VirtualFree
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapCreate
VirtualProtect
HeapFree
GetCurrentProcess
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
CloseHandle
HeapAlloc
GetThreadContext
GetCurrentProcessId
QueryPerformanceFrequency
FlushInstructionCache
SetThreadContext
OpenThread
DisableThreadLibraryCalls
CreateThread
SetUnhandledExceptionFilter
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
EnterCriticalSection
GetSystemTimeAsFileTime
InitializeSListHead
GlobalUnlock
GlobalLock
QueryPerformanceCounter
GlobalFree
GetModuleHandleW
GlobalAlloc
user32
CallWindowProcA
GetAsyncKeyState
SetWindowLongPtrA
FindWindowA
DestroyWindow
DefWindowProcA
CreateWindowExA
UnregisterClassA
RegisterClassExA
GetKeyState
SetClipboardData
GetClipboardData
EmptyClipboard
LoadCursorA
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
ClientToScreen
GetClientRect
SetCursor
ScreenToClient
GetCapture
IsChild
GetForegroundWindow
SetCapture
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
d3dcompiler_43
D3DCompile
xinput1_3
ord4
ord2
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
__current_exception_context
__current_exception
strstr
memchr
memcpy
memmove
__std_type_info_destroy_list
__C_specific_handler
api-ms-win-crt-stdio-l1-1-0
fflush
fclose
fseek
ftell
__stdio_common_vsscanf
fwrite
_wfopen
__stdio_common_vsprintf
fread
api-ms-win-crt-string-l1-1-0
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
free
malloc
calloc
api-ms-win-crt-runtime-l1-1-0
_cexit
_execute_onexit_table
_wassert
_initterm
_initterm_e
terminate
_register_onexit_function
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_crt_atexit
api-ms-win-crt-math-l1-1-0
cosf
sinf
floorf
ceilf
sqrtf
Sections
.text Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ