87D5C23BE39F68E863D00A07FD0220F2[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

87D5C23BE39F68E863D00A07FD0220F2.dll
Size

1.7MB
MD5

87d5c23be39f68e863d00a07fd0220f2
SHA1

f195f50b60d5df62015b7325e658a35a2c620c93
SHA256

1ec3201162e5427fe9aae0be0f386892b21c2ec1b285a46e8c57285353295e5e
SHA512

60a2b2cd22be2818f67befe948e1bd69064320b0e05b3b49545a2874088fb102087689bc212221e25347b49d2dbdfe2e9592b57c6c18536fa3bfd84ca3f25c3a
SSDEEP

49152:VT5F1CCeuatcLwF8obXX7V6miE9s1VeQ:x7cC1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87D5C23BE39F68E863D00A07FD0220F2.dll

Files

87D5C23BE39F68E863D00A07FD0220F2.dll
.dll windows:6 windows x64 arch:x64

4f0a0b198872684d70d266fac8ebc437

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\WORK\Projects\rustdesk-master\rustdesk-master-eltrade\target\debug\deps\windows_implement-a3aaf4abbf936ea5.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetLastError
WaitForSingleObject
QueryPerformanceCounter
AcquireSRWLockExclusive
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetCommandLineW
FlushFileBuffers
GetCurrentProcess
SetFilePointerEx
GetStdHandle
GetCurrentProcessId
TerminateProcess
HeapFree
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseMutex
GetModuleHandleA
GetProcAddress
ReleaseSRWLockExclusive
HeapAlloc
FindNextFileW
FindClose
CreateFileW
GetConsoleMode
GetFileType
GetModuleHandleW
FormatMessageW
GetModuleFileNameW
ExitProcess
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
GetSystemTimeAsFileTime
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetProcessHeap
CloseHandle
GetConsoleOutputCP
WriteFile
SetStdHandle
HeapSize
GetStringTypeW
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
EncodePointer
EnterCriticalSection

ntdll

RtlNtStatusToDosError
NtWriteFile

Exports

Exports

__rustc_proc_macro_decls_5d58ff9571c4745d__
rust_metadata_windows_implement_5d58ff9571c4745d

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rustc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f0a0b198872684d70d266fac8ebc437

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ntdll

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 336KB - Virtual size: 336KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 101KB - Virtual size: 101KB

.rustc Size: 3KB - Virtual size: 2KB

_RDATA Size: 512B - Virtual size: 244B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 336KB - Virtual size: 336KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 101KB - Virtual size: 101KB

.rustc
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 512B - Virtual size: 244B

.reloc
Size: 6KB - Virtual size: 5KB