fa5710fea9ff93e8d446803066d2cf74088f67db96336c000fbff597982eb128[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

fa5710fea9ff93e8d446803066d2cf74088f67db96336c000fbff597982eb128.dll
Size

795KB
MD5

c83fe58088ef5f05342367e71eb28873
SHA1

8af8c027cb0f56b6775115383f4d5bdf010a6352
SHA256

fa5710fea9ff93e8d446803066d2cf74088f67db96336c000fbff597982eb128
SHA512

0089a1ed148c7ea705ef9bdcaa3231ebf8d78d6e5e32a487ad4dff5aebcae33470aa1c5074d6ed55d7be37ae80526d826a1ce1c93faa6f7181848f0a0d23292d
SSDEEP

24576:/tR2jQOoVmT/QrwFbxE6Elpq5nOkcJofEXmi:1TMT/jb+Bl05nBcJocXmi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
fa5710fea9ff93e8d446803066d2cf74088f67db96336c000fbff597982eb128.dll

Files

fa5710fea9ff93e8d446803066d2cf74088f67db96336c000fbff597982eb128.dll
.dll windows:6 windows x86 arch:x86

a36cacabacb45240e82865262b4c0145

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

AnyPopup
GetWindowTextLengthW
GetLastActivePopup
GetMessageTime

kernel32

ChangeTimerQueueTimer
GetExitCodeProcess
FlushFileBuffers
SetUnhandledExceptionFilter
CreateTimerQueue
QueryDepthSList
AreFileApisANSI
GetNumaHighestNodeNumber
CreateDirectoryW
SetThreadAffinityMask
GetStartupInfoW
ReadFile
GetModuleFileNameA
SizeofResource
TryEnterCriticalSection
GetOEMCP
SetThreadLocale
CompareFileTime
GlobalHandle
FindFirstFileW
CreateTimerQueueTimer
HeapCreate
GetBinaryTypeW
CompareStringW
TlsSetValue
VirtualProtect
GetConsoleScreenBufferInfo
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
lstrlenW
GetStdHandle
ReleaseSemaphore
GetCPInfo
WriteConsoleA
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
ExpandEnvironmentStringsW
UnregisterWait
GetShortPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
DeviceIoControl
VirtualAlloc
TerminateProcess
RemoveDirectoryW
GetProcessAffinityMask
LoadLibraryExA
GetModuleFileNameW
WaitForMultipleObjects
GetConsoleCP
SetEnvironmentVariableW
SignalObjectAndWait
EncodePointer
LockFile
SetThreadPriority
InitializeCriticalSectionAndSpinCount
GetDynamicTimeZoneInformation
LeaveCriticalSection
InitializeCriticalSection
SetErrorMode
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
InitializeCriticalSectionEx
IsBadStringPtrA
lstrlenA
FindClose
GetLocaleInfoW
WaitForSingleObject
LocalAlloc
CreateFileW
GetFileAttributesW
FreeLibraryAndExitThread
GetCurrentThreadId
GetVersionExW
ReleaseMutex
GetSystemDirectoryW
GetComputerNameExW
FreeEnvironmentStringsW
ResumeThread
UnmapViewOfFile
DuplicateHandle
HeapValidate
ExitThread
GetModuleHandleA
GetACP
OpenProcess
HeapSize
GetCommandLineA
SetFileAttributesW
IsValidCodePage
GetLogicalDriveStringsW
CreateEventW
ReadConsoleOutputCharacterA
MultiByteToWideChar
GetExitCodeThread
ProcessIdToSessionId
Sleep
GetConsoleMode
GetTempPathA
FormatMessageW
GetTimeZoneInformation
GetDiskFreeSpaceA
CopyFileA
GetLastError
LoadLibraryExW
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FillConsoleOutputCharacterW
FlushViewOfFile
GlobalSize
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
GetCurrentThread
InterlockedFlushSList
TerminateThread
LoadLibraryA
ReadConsoleW
WaitForSingleObjectEx
TlsAlloc
LockResource
QueryPerformanceFrequency
GetThreadPriority
DeleteFileA
GlobalAlloc
DeleteFileW
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
FreeConsole
GetSystemInfo
LoadLibraryW
CreateThread
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
GetLocalTime
GetCurrentDirectoryW
SetStdHandle
HeapCompact
SwitchToThread
DecodePointer
HeapDestroy
UnlockFile
SetCurrentDirectoryW
GetWindowsDirectoryW
WriteConsoleW
GetProcAddress
GlobalLock
SetFilePointerEx
UnregisterWaitEx
CreateFileMappingA
LocalFree
GetTimeFormatW
MoveFileExW
LockFileEx
IsProcessorFeaturePresent
WTSGetActiveConsoleSessionId
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
LCMapStringW
GetComputerNameW
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
EnumSystemLocalesW
GetProcessHeap
SystemTimeToFileTime
CreateProcessW
IsValidLocale
GetModuleHandleW
FreeLibrary
CreateSemaphoreW
CopyFileW
FlushInstructionCache
WideCharToMultiByte
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
GetTempFileNameW
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
GetSystemTime
FormatMessageA
IsBadReadPtr
DebugBreak
CreateFileMappingW
InterlockedPushEntrySList
SetConsoleCursorPosition
MapViewOfFile
QueryPerformanceCounter
GetStringTypeW
GetDateFormatW
InitializeSListHead
GetTickCount
GetEnvironmentStringsW
GlobalUnlock
SetDllDirectoryW
lstrcmpW
MulDiv
MoveFileW
GetDriveTypeW
GetFileTime
InterlockedPopEntrySList
IsDebuggerPresent

Exports

Exports

Limit

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 526KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36cacabacb45240e82865262b4c0145

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 526KB - Virtual size: 525KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 526KB - Virtual size: 525KB

.reloc
Size: 14KB - Virtual size: 13KB