DRC225SVC[.]dll

Resubmissions

12-03-2024 18:57

240312-xlwnzsgf6w 3

Sharing

Copy URL

Twitter E-mail

General

Target

DRC225SVC.dll
Size

128KB
MD5

beed0f17758cd18bb98796921ba5e52a
SHA1

1b5f07a22bb5d15952ff5b06d3e488be903cbd53
SHA256

ae3f7e48984f5a311843f3b32e8bec425035318d1d91e6c9dd3c80a7bd4e2a86
SHA512

0dea85b36c2d05e56b8797073adc75c6861fdb08cddd511cadc275d327fa6566450ac669808f765fce137f6ea718489d116d0c928c6a86c9d7f4355e4364e648
SSDEEP

3072:HyK64GIbcLgKTk3P+XfnZAxyCBbHb0QcGOJVfZ8NcSLcovQhU3:Aqc7TDXfnZAowH68aSLrvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DRC225SVC.dll

Files

DRC225SVC.dll
.dll windows:5 windows x64 arch:x64

71a3c7206b4ace83885da3299464775b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\home\CeiDriver\STI\SVCDll\DRSvcDll\x64\Release\DRSvcDll.pdb

Imports

kernel32

CloseHandle
GetModuleFileNameW
CreateProcessW
LocalAlloc
LocalFree
CreateMutexW
WaitForSingleObject
ReleaseMutex
lstrcatW
lstrcpynW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FormatMessageW
CreateFileW
WriteFile
ReadFile
CreateThread
CreateNamedPipeW
Sleep
DisconnectNamedPipe
CreateEventW
SetEvent
GetLocalTime
SetFilePointer
GetCurrentThreadId
LoadResource
lstrlenW
FindResourceExW
GetUserDefaultLangID
InitializeCriticalSectionAndSpinCount
SetHandleCount
FlsAlloc
FlsFree
FlsGetValue
RtlUnwindEx
FlushFileBuffers
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
HeapReAlloc
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetProcAddress
SetLastError
GetLastError
LoadLibraryW
GetModuleHandleW
LockResource
FreeLibrary
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
DecodePointer
EncodePointer
HeapAlloc
HeapFree
FlsSetValue
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStdHandle
RaiseException
RtlPcToFileHeader
ExitProcess
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
GetFileType

user32

CharPrevW
LoadStringW
TranslateAcceleratorW
CallWindowProcW
ReleaseDC
EndPaint
DrawIcon
BeginPaint
GetDC
LoadIconW
IsDlgButtonChecked
EndDialog
SetWindowPos
SetWindowTextW
SetWindowLongPtrW
GetDlgItem
CreateWindowExW
RegisterClassExW
DefWindowProcW
DestroyWindow
PostQuitMessage
SetTimer
DialogBoxIndirectParamW
DialogBoxParamW
TranslateMessage
DispatchMessageW
GetMessageW

advapi32

InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
SetSecurityDescriptorDacl

ole32

CoUninitialize
CLSIDFromString
CoInitialize

shlwapi

PathFileExistsW
PathAddExtensionW
PathAppendW
StrStrIW
PathFindFileNameW

Exports

Exports

DeviceArrival
EntryPointInst
EntryPointUserMessage
EntryPointUserMessageDisplay
GetNotification
Initialize

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

71a3c7206b4ace83885da3299464775b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 6KB - Virtual size: 15KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 6KB - Virtual size: 15KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB