dpnsvr[.]exe | Triage

General

Target

dpnsvr.exe
Size

32KB
MD5

959fbac45669cae07c0768cc73331d82
SHA1

cc2b540caee9875ce73c1b195ca1257d8f5e1e32
SHA256

7fa71f7e5a1130035716cb0beb3638ba8512e0616ce0bddf15ea7d0adf923e68
SHA512

5b179ede8991c982f7bb75c24addf8bcfad19dff4013ca0fa222d3fb1e7e1253093842cc83221ea606b860ac8d4eb123ee9518ca8ec4ee5044661b905fae817e
SSDEEP

96:TZ/PPDVJPQQM2M8GsyJJmPpOMdsSAQqNCNjS6qtzrUdcHoUEWxuWw:T1PDNBuQPMMKQqEj+tzrGcqWxuW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dpnsvr.exe

Files

dpnsvr.exe
.dll windows:10 windows x64 arch:x64

0666ed1f1c919f3b819158a8dd8a47af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o___std_type_info_destroy_list
_o__cexit
_o__configure_narrow_argv
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__seh_filter_dll
__C_specific_handler

api-ms-win-crt-string-l1-1-0

memset

kernel32

UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

Exports

Exports

DllMain

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0666ed1f1c919f3b819158a8dd8a47af

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.pdata Size: 4KB - Virtual size: 444B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 44B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.pdata
Size: 4KB - Virtual size: 444B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 44B