nsis_tauri_utils[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

nsis_tauri_utils.dll
Size

1.1MB
MD5

1e38f56aba852b737f2866c48b823165
SHA1

53a7cfaeb6a4a9653d6d5fbff02a3c3b8720130a
SHA256

0eed48313a7f904d7cc1977b70000ab3f11f18cadc8e6a69b807d288ca71f9db
SHA512

5cbf6ca67aee29f5afbbaf57a72eb58e8f85b692e69aa5acd5817b00dc6948486189a8e74f4fcae302e9c453cc770eef78b3ffa70a914d911246e5b4992fc9a4
SSDEEP

24576:wSi9LsLAEnNUYZbeC4JwA9HU7Ncot2O/rBWDTRYQn652FOVE5TmcnlgVIH06iyQ:di9Y/W07NP/eTRPLD1n2IU6i3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
nsis_tauri_utils.dll

Files

nsis_tauri_utils.dll
.dll windows:6 windows x86 arch:x86

3d02628e8a8651e903e8432db76ebaca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SystemFunction036

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CloseHandle
Sleep
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
lstrcpyW
GlobalFree
GlobalAlloc
lstrcpynW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsSetValue
GetCurrentThread
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
GetStdHandle
GetLastError
GetConsoleMode
WaitForSingleObject
MultiByteToWideChar
WriteConsoleW
SetLastError
WaitForSingleObjectEx
LoadLibraryA
GetCurrentProcess
CreateMutexA
ReleaseMutex
GetEnvironmentVariableW
GetModuleHandleW
FormatMessageW
CreateFileW
GetFullPathNameW
CreateDirectoryW
GetFileInformationByHandle
GetFileInformationByHandleEx
FindFirstFileW
FindClose
SetHandleInformation
CreateThread
SetThreadStackGuarantee
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentDirectoryW
RtlCaptureContext
AcquireSRWLockShared
ReleaseSRWLockShared
SetFilePointerEx
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapSize
GetStringTypeW
GetFileType
DecodePointer
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetModuleFileNameW
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW

user32

ShowWindow
CreateWindowExW
FindWindowExW
SetWindowPos
SetWindowTextW
SendMessageW
GetWindowLongW

ws2_32

WSASend
WSARecv
recv
getsockname
getsockopt
closesocket
WSAGetLastError
getaddrinfo
freeaddrinfo
ioctlsocket
accept
WSACleanup
WSAStartup
send
connect
bind
listen
select
getpeername
setsockopt
WSASocketW

ntdll

RtlNtStatusToDosError
NtWriteFile

bcrypt

BCryptGenRandom

Exports

Exports

Download
FindProcess
KillProcess
SemverCompare

Sections

.text
Size: 581KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d02628e8a8651e903e8432db76ebaca

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

ws2_32

ntdll

bcrypt

Exports

Exports

Sections

.text Size: 581KB - Virtual size: 581KB

.rdata Size: 554KB - Virtual size: 553KB

.data Size: 2KB - Virtual size: 5KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 581KB - Virtual size: 581KB

.rdata
Size: 554KB - Virtual size: 553KB

.data
Size: 2KB - Virtual size: 5KB

.reloc
Size: 21KB - Virtual size: 21KB