Static task
static1
General
-
Target
build.dll
-
Size
4.6MB
-
MD5
2ae412cc966f47050622f851d7489329
-
SHA1
fe64cc926bb6d6804321fada1f806b98bca49893
-
SHA256
4dadd178acbf710556707bf8cd3f8079163d13ab650825cee3e0f60a2d2b84dc
-
SHA512
45079c2184871901c08880e66195e0bbb6fa654e221d8d0bf16ca191fb833ca9446cd02f6647782b26e233dc7f0fd28aeb3ce72d3a42287f8bfb496cb53e8a2e
-
SSDEEP
49152:6RQ+nxYra7dY4K4qYJrQOrCVyL/ejsdNH6iqa2ngIScu6eRiqCF8hTFDGN5oJGFa:51+SVBOH6uqu6eRiqC8hJDU83
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource build.dll
Files
-
build.dll.dll windows:6 windows x64 arch:x64
e799248e2510ffc008105c87f6497361
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
d3d11
D3D11CreateDeviceAndSwapChain
advapi32
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
GetTokenInformation
AddAccessAllowedAce
GetLengthSid
SetSecurityInfo
InitializeAcl
OpenProcessToken
RegSetValueExA
IsValidSid
RegCreateKeyExA
RegGetValueA
RegOpenKeyA
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
normaliz
IdnToAscii
wldap32
ord46
ord211
ord217
ord143
ord45
ord50
ord41
ord22
ord26
ord27
ord60
ord32
ord35
ord79
ord30
ord200
ord301
ord33
crypt32
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CryptStringToBinaryA
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertGetCertificateChain
ws2_32
getsockname
bind
accept
__WSAFDIsSet
socket
htons
WSAIoctl
listen
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
send
WSACleanup
closesocket
WSASend
select
shutdown
WSASetLastError
WSASocketW
getaddrinfo
WSAStartup
connect
WSARecv
getsockopt
freeaddrinfo
ioctlsocket
setsockopt
WSAGetLastError
htonl
recv
recvfrom
sendto
getpeername
gethostname
ntohs
kernel32
SetStdHandle
GetTimeZoneInformation
DeleteFileW
HeapReAlloc
CreateProcessW
SetEndOfFile
IsValidCodePage
GetACP
GetOEMCP
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapAlloc
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
CreateThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
LoadLibraryExW
InterlockedFlushSList
RtlUnwindEx
GetCPInfo
GetStringTypeW
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
GetModuleHandleA
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
VerSetConditionMask
FreeLibrary
QueryPerformanceCounter
ReadFile
Process32First
SetWaitableTimer
TlsSetValue
SetLastError
EnterCriticalSection
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
GetCommandLineA
SetCurrentConsoleFontEx
TerminateProcess
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetQueuedCompletionStatus
CreateMutexA
WaitForSingleObject
OpenProcess
SetCurrentDirectoryA
PostQueuedCompletionStatus
CreateToolhelp32Snapshot
CreateEventW
Sleep
EnumSystemLocalesW
GetTickCount64
K32GetModuleFileNameExA
GetLastError
CreateFileA
SetEvent
GetSystemDirectoryA
TerminateThread
TlsAlloc
DeleteFileA
Process32Next
CloseHandle
QueueUserAPC
CreateWaitableTimerA
LocalFree
DeleteCriticalSection
ExitProcess
GetConsoleWindow
SleepEx
TlsGetValue
CreateProcessA
K32EnumProcessModules
TlsFree
FormatMessageA
CreateIoCompletionPort
GetTickCount
AllocConsole
MulDiv
GetExitCodeProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetFileType
PeekNamedPipe
GetCurrentProcessId
VerifyVersionInfoW
GetFileSizeEx
GetModuleHandleW
SetThreadExecutionState
InitializeCriticalSection
GetModuleHandleExW
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
GetLocaleInfoEx
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
GetFileInformationByHandleEx
TryAcquireSRWLockExclusive
EncodePointer
DecodePointer
LCMapStringEx
FlushFileBuffers
GetUserDefaultLCID
IsValidLocale
FormatMessageW
GetLocaleInfoW
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
WriteConsoleW
WriteFile
RtlUnwind
MoveFileExW
user32
OffsetRect
PtInRect
GetWindowLongW
SetWindowLongW
GetClassLongPtrW
LoadCursorW
DestroyIcon
LoadImageW
CreateIconIndirect
SystemParametersInfoW
GetMonitorInfoW
GetRawInputData
RegisterRawInputDevices
RegisterDeviceNotificationW
UnregisterDeviceNotification
UnregisterClassW
ToUnicode
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
EnumDisplayMonitors
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
DestroyWindow
CreateWindowExW
RegisterClassExW
ClipCursor
WindowFromPoint
AdjustWindowRectEx
SetWindowTextW
RemovePropW
GetPropW
SetRect
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
GetWindowRect
SetWindowPos
CallNextHookEx
ShowWindow
GetAsyncKeyState
SetWindowLongA
SetWindowsHookExA
GetWindowLongA
SetWindowDisplayAffinity
MapVirtualKeyA
MessageBoxA
MoveWindow
UnhookWindowsHookEx
mouse_event
GetWindowDisplayAffinity
GetDesktopWindow
FindWindowA
UpdateWindow
SetForegroundWindow
SendInput
GetDC
MonitorFromWindow
ScreenToClient
ClientToScreen
TrackMouseEvent
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
ReleaseDC
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
SetPropW
GetSystemMetrics
MsgWaitForMultipleObjects
MapVirtualKeyW
gdi32
CreateRectRgn
SwapBuffers
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
DeleteDC
CreateDCW
CreateDIBSection
CreateBitmap
GetDeviceCaps
DeleteObject
shell32
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
SHGetFolderPathA
ShellExecuteA
ole32
CoCreateInstance
CoInitialize
CoUninitialize
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ntdll
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlPcToFileHeader
bcrypt
BCryptGenRandom
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 655KB - Virtual size: 655KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ