DUI70[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DUI70.dll.exe
Size

320KB
MD5

caa16eb9c17c381a6d80c821fb0daf0a
SHA1

7ae6a4dccfad29879bb904cf72ea055ed3521630
SHA256

5289529957d52c9d5fc2e47aa9924fd1de21b902509dee0241d5d6b056733a94
SHA512

30ca2061acdce01bebd3501bc82e0edb0fd20d45cda97fcb9c12c74de3cd2bce47f98d4e14b409f42b797bbf8bc46968b3073c007756e444234493ea2d9473ba
SSDEEP

6144:/aAVa1ONI/wbUxBDEzauQvZUMLkGITiJKPc/1ple3CSpc+wdb:/an1ONI/6UxBDEzxQHccpe3C+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DUI70.dll.exe

Files

DUI70.dll.exe
.dll windows:5 windows x64 arch:x64

7f5fe327181902e5c3fc41f6277349ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
ReadFile
CreateFileW
CloseHandle
LocalFree
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
GetCurrentDirectoryW
GetFileType
DuplicateHandle
FileTimeToDosDateTime
FindFirstFileW
MapViewOfFile
UnmapViewOfFile
FileTimeToSystemTime
GetLastError
FindClose
GetLocalTime
CreateFileMappingW
GetFileSize
GetFileInformationByHandle
GetSystemTime
PeekNamedPipe
SetErrorMode
CreateProcessW
HeapAlloc
UpdateProcThreadAttribute
HeapFree
WaitForSingleObject
GetTickCount
GetProcessHeap
OpenProcess
Sleep
TerminateProcess
GetTempPathW
CreatePipe
InitializeProcThreadAttributeList
DeleteFileW
GetCurrentProcessId
GetCommandLineW
OutputDebugStringW
GetModuleFileNameW
FreeLibraryAndExitThread
CreateThread
GetProcAddress
IsBadReadPtr
GetModuleHandleA
LoadLibraryA
FindNextFileW
LocalAlloc
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
HeapReAlloc
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
FlsSetValue
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
RtlUnwindEx
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetStringTypeW
HeapSize
GetModuleHandleW
ExitProcess
RaiseException
RtlPcToFileHeader
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
SetStdHandle

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
LookupPrivilegeValueW
RegCloseKey

shell32

CommandLineToArgvW

ole32

CoInitializeEx
CoInitializeSecurity

Exports

Exports

InitProcessPriv
InitThread
ShutdownLockAppHostServer
StartLockAppHostServer
UnInitProcessPriv
UnInitThread

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f5fe327181902e5c3fc41f6277349ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 222KB - Virtual size: 221KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 26KB - Virtual size: 45KB

.pdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 222KB - Virtual size: 221KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 26KB - Virtual size: 45KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 2KB