ad16ec5eaf20dd43171efd623e509d3e3c7532d1963479582fd603c823e23784[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad16ec5eaf20dd43171efd623e509d3e3c7532d1963479582fd603c823e23784.dll
Size

200KB
MD5

7d1ca325ea5caadc1a20606643ceaa72
SHA1

d9be61520823d8442d485102ae525cbd52e75df7
SHA256

ad16ec5eaf20dd43171efd623e509d3e3c7532d1963479582fd603c823e23784
SHA512

a81fe33dc11bcc6e58e0965b5723aa157d6b0427ee9260d5c7328a11ec84ffe6001910cc5fbe633fa37747221365c44183c890b23972bab657a8c6dc7d9ec37b
SSDEEP

3072:nvITcmgbidbT6AceURk+U79BX0TiAtPUJ/zVHBoZx0jTR2MIpkW77h:nAZySKey9U/q0j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad16ec5eaf20dd43171efd623e509d3e3c7532d1963479582fd603c823e23784.dll

Files

ad16ec5eaf20dd43171efd623e509d3e3c7532d1963479582fd603c823e23784.dll
.dll windows:4 windows x86 arch:x86

0c42d1a6de36421454eed15d6e2b21df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetCurrentProcess
GetCurrentThreadId
GetLargePageMinimum
GetLastError
GetModuleHandleW
GetOEMCP
GetProcessHeap
GetSystemDefaultLangID
GetThreadUILanguage
GetTickCount

user32

AnyPopup
GetDesktopWindow
GetDoubleClickTime
GetForegroundWindow
GetMessageTime
GetParent
GetTopWindow
IsIconic
IsZoomed

Exports

Exports

GetModuleProp

Sections

.text
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ