api-ms-win-core-console-l1-1-0[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

api-ms-win-core-console-l1-1-0.dll
Size

38KB
MD5

8d06de613be30602d1db3215b61f181a
SHA1

4034ed84d17ca0ee9e4ad8691482d61729e38182
SHA256

bd2bd5a141ae58c6ac78a8bb6cdc06b8da35bb17969b61630da596909e4c0604
SHA512

f538caa60fcabb033ce7f4a059059ff8182bdd751dcab72804d9c5ffddc57b6554364509d1ecdac253667ffb54f0c988b2093e5726ceb7c402a0e5921da3394b
SSDEEP

384:dFlWqhWfCsxXNbZR9zQoN94IYibMR4y308JN77hhN7jIYibMR38ZhCm/aGt:TuXFT9zFbYibMJ3hf7MYibMZK9t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-core-console-l1-1-0.dll

Files

api-ms-win-core-console-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Password: dvsdv

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

Exports

AllocConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ