491c6c21040bb6e3d285df53b6ac95d6[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

491c6c21040bb6e3d285df53b6ac95d6.dll
Size

292KB
MD5

491c6c21040bb6e3d285df53b6ac95d6
SHA1

8296a8e41272767d80df694152b9c26b607d26ee
SHA256

7cb1326d33cd9a84410411649f9159b6547750d6bff90c6c268bdf27c6a88698
SHA512

ad1cb5c7bdac28ef71dd5256792e14faee0f8c24fe7672c70607025a2a6208cd4eaa16a3aa33b4ea7e0e97f863adc1223fed31d6135b1b43fc530f6f61a312d7
SSDEEP

6144:1sOiLmKZlmHV2SQ7nuMRFDAMXGtayqbrL2HVN0P16P3:1NoZlmHcF9DAbt6rLqMkP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
491c6c21040bb6e3d285df53b6ac95d6.dll

Files

491c6c21040bb6e3d285df53b6ac95d6.dll
.dll windows:6 windows x86 arch:x86

c57801975caf02f122a1b6732693b7c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateInstance

cabinet

ord22
ord20
ord23
ord21

kernel32

GetSystemTimeAsFileTime
SetEnvironmentVariableA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetVersionExA
CreateFileA
CloseHandle
GetFileAttributesA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
Sleep
InterlockedIncrement
GetModuleHandleA
GetCurrentThread
LoadLibraryExW
GetCurrentProcess
GetLastError
VirtualQuery
SetLastError
GetModuleHandleW
VirtualProtect
ResumeThread
TerminateProcess
ExitProcess
InterlockedCompareExchange
GetCurrentThreadId
FlushInstructionCache
SetThreadContext
GetThreadContext
VirtualFree
SuspendThread
VirtualAlloc
EncodePointer
DecodePointer
HeapAlloc
HeapFree
ReadFile
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WriteFile
WideCharToMultiByte
GetConsoleCP
SetFilePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RaiseException
RtlUnwind
GetTimeZoneInformation
InterlockedDecrement
GetModuleHandleExW
AreFileApisANSI
HeapSize
GetStdHandle
GetModuleFileNameW
GetProcessHeap
CreateFileW
GetFileType
SetStdHandle
InitializeCriticalSectionAndSpinCount
SetFilePointerEx
DeleteCriticalSection
GetStartupInfoW
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
OutputDebugStringW
LoadLibraryW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
SetEndOfFile
GetStringTypeW
FlushFileBuffers

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57801975caf02f122a1b6732693b7c8

Headers

DLL Characteristics

File Characteristics

Imports

ole32

cabinet

kernel32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 128KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 128KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 26KB - Virtual size: 26KB