PathCursorServiceEmpty[.]dll[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PathCursorServiceEmpty.dll.exe
Size

185KB
MD5

23448eba3f5f7267b810080bcb04110f
SHA1

5ce062f210e1a5026cb53e9949865312ee477e3c
SHA256

ebe231c90fad02590fc56d5840acc63b90312b0e2fee7da3c7606027ed92600e
SHA512

5fceb3ca684b174c93fc812de22c3204b611a510d91c4b18f3984879fe2ba912406e14a3230e8df189b1a42b972eb716c6b646ecf4e3de8b8581f8dc10442fe4
SSDEEP

3072:EJ2fAdzfVTW8iqVJNDkvA75tuzS+XVGhKkwPgDvFDMtP+XuSO9/zk:EAfAdzJWbGAA5tUXXhIFMP+VO9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PathCursorServiceEmpty.dll.exe

Files

PathCursorServiceEmpty.dll.exe
.dll windows:4 windows x64 arch:x64

a71f9a1c4a1445f92b7bbca6fba33a96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

_mbscmp
calloc
free
malloc
realloc
strcmp
strlen
wcscmp
wcslen

Exports

Exports

AclAviIconicPwr
AutomaticVolumeFullName
BrowseTaskPrompt
DllMain
PathDsUpper

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rddata
Size: 194B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71f9a1c4a1445f92b7bbca6fba33a96

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

Exports

Exports

Sections

.text Size: 178KB - Virtual size: 178KB

.rdata Size: 512B - Virtual size: 16B

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1024B - Virtual size: 876B

.bss Size: - Virtual size: 125KB

.edata Size: 512B - Virtual size: 172B

.idata Size: 512B - Virtual size: 336B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 512B - Virtual size: 12B

.rddata Size: 194B - Virtual size: 4KB

.text
Size: 178KB - Virtual size: 178KB

.rdata
Size: 512B - Virtual size: 16B

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1024B - Virtual size: 876B

.bss
Size: - Virtual size: 125KB

.edata
Size: 512B - Virtual size: 172B

.idata
Size: 512B - Virtual size: 336B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 512B - Virtual size: 12B

.rddata
Size: 194B - Virtual size: 4KB