meme-8f10c6b99078d194d57002ee82e2037c-sense[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

meme-8f10c6b99078d194d57002ee82e2037c-sense.dll
Size

1.1MB
MD5

4abcea3d552541f1ec4a76732d6a64c0
SHA1

2e3d05801441e79060575c6918c995eed21adf84
SHA256

1f141f8be2f8408f6fcfba517809d064b3bdb97e512cdd9ef2718873b4043f92
SHA512

6d95bd71dcdc5fad3fbe07723843f2c56b221114729d6706aa712b39c990d6e29bc7376e908259e54c7aff1bcb9e73341f61b9b9ac6026a4350bdf0032d7e537
SSDEEP

24576:pc6g/kWGNb5Tm7Nl0ilhsq/TDC2r46J4JDohO4emlW:S6g/kW4b5kNl0ilhnPC2rr4JDos4eIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
meme-8f10c6b99078d194d57002ee82e2037c-sense.dll

Files

meme-8f10c6b99078d194d57002ee82e2037c-sense.dll
.dll windows:6 windows x64 arch:x64

2b0b2f8c933f7db53bfb64cb619b398f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
CreateThread
GetThreadContext
SetThreadContext
ResumeThread
CloseHandle
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
InitializeSListHead
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RtlCaptureContext
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

MessageBoxA

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__std_exception_copy
_CxxThrowException
memset
__std_exception_destroy
__current_exception
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
terminate
_cexit
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initterm
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b0b2f8c933f7db53bfb64cb619b398f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1.0MB - Virtual size: 1.0MB

.pdata Size: 1024B - Virtual size: 804B

Size: 107KB - Virtual size: 107KB

.reloc Size: 512B - Virtual size: 96B

.rsrc Size: 512B - Virtual size: 233B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.pdata
Size: 1024B - Virtual size: 804B

.reloc
Size: 512B - Virtual size: 96B

.rsrc
Size: 512B - Virtual size: 233B