test[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

test.dll
Size

457KB
MD5

a64105336ac59c576d95e8b9064a44f6
SHA1

7e0e7a9fdb40345469c163ae0f507aec99b1be64
SHA256

4a20c07564812865cb19215a4a4fe9c8c7218cfbe8b961aacc7864ff7febfe8c
SHA512

3c598304bd050c16acc65ef55f4bd78f45f0a7a6dd043aa18c559c84e9c103774fdf565b70c6fdb09c0a6f85c3b33ef3342f98732c97ac46f3d9906e5e6d6c1b
SSDEEP

6144:iVdmeAi4+c91eQ+kVnCvv3tmbTTEIJwTwxnRaZBOmCeu+bqPaHkWUMxFnpRZd:O064+c9uOfEIJNxnkLUdyJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
test.dll

Files

test.dll
.dll windows:6 windows x64 arch:x64

3d7d89a330de8003614642698e615d4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\pillo\Desktop\FLY AND GOOD GUI EDITION\x64\Release\test.pdb

Imports

kernel32

DeleteCriticalSection
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapCreate
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
GetThreadContext
GetCurrentProcessId
FlushInstructionCache
SetThreadContext
SetConsoleTitleA
AttachConsole
AllocConsole
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
HeapAlloc
CloseHandle
GetLastError
HeapReAlloc
InitializeCriticalSectionEx
GetCurrentProcess
HeapFree
Sleep
GetModuleHandleA
OpenThread
VirtualProtect

user32

CallWindowProcA
MessageBoxA
GetAsyncKeyState
GetKeyState
LoadCursorA
ScreenToClient
SetWindowLongPtrA
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
_Xtime_get_ticks
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

d3dcompiler_43

D3DCompile

xinput1_3

ord2
ord4

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memcmp
memchr
memmove
__std_type_info_destroy_list
_CxxThrowException
__current_exception_context
__current_exception
strstr
memset
__std_terminate
__std_exception_copy
__std_exception_destroy
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_seh_filter_dll
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_beginthreadex
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_wassert

api-ms-win-crt-stdio-l1-1-0

fseek
fclose
fflush
__acrt_iob_func
ftell
fwrite
_wfopen
__stdio_common_vsscanf
__stdio_common_vsprintf
freopen
fread
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strncpy
tolower
strcmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_ctime64

api-ms-win-crt-math-l1-1-0

sqrtf
cosf
fmodf
floorf
sinf
ceilf

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d7d89a330de8003614642698e615d4a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

imm32

d3dcompiler_43

xinput1_3

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 215KB - Virtual size: 215KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 166KB - Virtual size: 168KB

.pdata Size: 10KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 176B

.text
Size: 215KB - Virtual size: 215KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 166KB - Virtual size: 168KB

.pdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 176B