b54dc5193824eb35233c3922687a5adc462ab474362dd4effd488c2ae0dae301[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

b54dc5193824eb35233c3922687a5adc462ab474362dd4effd488c2ae0dae301.dll
Size

442KB
MD5

7e9449a1e238d8caaf39b5e911d71b21
SHA1

1b5e7aa02340d85b14af3dddf7c86c2f7502bf50
SHA256

b54dc5193824eb35233c3922687a5adc462ab474362dd4effd488c2ae0dae301
SHA512

5ab0e98db6bdb5b5c9601be27308130f792084dd1cdd1fec026a4915012a750c8b404ce5e855c6cd1b05c152135bedf29e939480ae9ed4325aabf01b48b840b7
SSDEEP

12288:kHlAiJHCwjXvMHk37t4Mv//IfN/YoyL8ozF0nxatQp:kHltJHCkvH/IJvUWxatu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b54dc5193824eb35233c3922687a5adc462ab474362dd4effd488c2ae0dae301.dll

Files

b54dc5193824eb35233c3922687a5adc462ab474362dd4effd488c2ae0dae301.dll
.dll windows:6 windows x86 arch:x86

3a94ffcdb86144f7d0b6d92dd3393d93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Baby\High\Ease\gener\side \Soon.pdb

Imports

kernel32

TlsAlloc
LoadLibraryW
VirtualProtectEx
GetModuleHandleW
CreateSemaphoreW
GetTempPathW
WriteConsoleW
CloseHandle
CreateFileW
OutputDebugStringW
ReadConsoleW
GetEnvironmentVariableW
InitializeCriticalSection
GetModuleFileNameW
RemoveDirectoryW
DeviceIoControl
GetCurrentProcess
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
SetLastError
RtlUnwind
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetStdHandle
GetFileType
SetConsoleCtrlHandler
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadFile
DecodePointer

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

cryptui

CryptUIDlgViewContext
CryptUIDlgViewCertificateW
CryptUIWizDigitalSign
CryptUIWizFreeDigitalSignContext
CryptUIWizImport
CryptUIWizExport
CryptUIDlgSelectCertificateFromStore

Exports

Exports

Bonebegin
Father
Ratherdesign
Scorematch
Silverwere
StoneNumeral

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 621KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a94ffcdb86144f7d0b6d92dd3393d93

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

cryptui

Exports

Exports

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 114KB - Virtual size: 114KB

.data Size: 3KB - Virtual size: 621KB

.gfids Size: 1024B - Virtual size: 552B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 114KB - Virtual size: 114KB

.data
Size: 3KB - Virtual size: 621KB

.gfids
Size: 1024B - Virtual size: 552B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB