cd[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd.dll
Size

126KB
MD5

cd5a07afe0fa9b3a2b680e2d81b5b4e0
SHA1

e85f288b05434089c825f40311095e51ea5ea652
SHA256

f1a8e6bb2bd7668c5434717ea9582b75b37e5ed3c2ca616acea379c667ba348b
SHA512

97e9d97b4cfbd2b3b15f909faac61f1a98f50ee80e17a015b84ee527e7a96047bd25e859692400a25521656ecb2001379eef4446b03fbd76618fb8da7644b180
SSDEEP

1536:AjqjP5p9i0e7dfWsaAoQ9MSIgts2Xr9cWl2b4gA6Z:AOfeRuaRImsg9328gAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd.dll

Files

cd.dll
.dll windows:5 windows x86

4591971c64bf15dce063b12b334ce943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_GetIcon

avifil32

AVIStreamInfoW

setupapi

SetupQuerySourceListW
CM_Get_Child
CM_Get_DevNode_Registry_PropertyA
CM_Add_Res_Des
CM_Get_Device_Interface_List_Size_ExW

winmm

mixerSetControlDetails

crypt32

CertEnumPhysicalStore
CryptMsgGetAndVerifySigner
CryptEnumOIDInfo

winscard

SCardListCardsW
SCardSetCardTypeProviderNameW

gdi32

UnrealizeObject
GetRandomRgn
CreateEnhMetaFileW
AddFontResourceW
DPtoLP

msvcrt

fgets
memset

oleaut32

VarDecFromI4

ole32

MkParseDisplayName
IsAccelerator

mprapi

MprAdminMIBServerConnect

kernel32

LoadLibraryExA
GetPriorityClass
GetVersion
GetBinaryTypeW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetUserDefaultLCID
EnterCriticalSection
GetAtomNameA
TlsFree
GetCPInfo
GlobalFree
GetPrivateProfileStructW

advapi32

QueryServiceStatus
RegNotifyChangeKeyValue

lz32

LZSeek

urlmon

IsValidURL

user32

MessageBoxW
IsZoomed
PostThreadMessageW

mscms

AssociateColorProfileWithDeviceW

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4591971c64bf15dce063b12b334ce943

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

avifil32

setupapi

winmm

crypt32

winscard

gdi32

msvcrt

oleaut32

ole32

mprapi

kernel32

advapi32

lz32

urlmon

user32

mscms

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 8KB - Virtual size: 4KB