beta[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

beta.dll
Size

364KB
MD5

a1c84c14a82f2cbb7e9a5f253d721159
SHA1

3aa5e70111c290c45daac06984281dfb5439115b
SHA256

53e65d071870f127bc6bf6c8e8ddfd131558153513976744ee7460eeb766d081
SHA512

f76691853fa45d93246dfd8569af5ec7e66fdd7536241b92ee10bb9202b0502e66dfd030fe539956fb28fe20e71b33cae524038c356facf555d4a130c64665ed
SSDEEP

6144:0CiMS1vKT70/Fl7GV547PYf4nZOniN0VEeQopwhTdCl:sT1ST78h+5KP3nj0VOopwhRCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beta.dll

Files

beta.dll
.dll windows:4 windows x64 arch:x64

12a655c0dc6057266cd8d7f72e465acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RaiseException
RtlPcToFileHeader
HeapReAlloc
FlsSetValue
GetCommandLineA
HeapSize
ExitProcess
FlsGetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
RtlVirtualUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentProcess
FlushFileBuffers
SetFilePointer
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetThreadLocale
GlobalGetAtomNameA
lstrcmpA
GetCurrentProcessId
SetErrorMode
GetCurrentThreadId
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FreeLibrary
GetModuleFileNameW
GetProcAddress
FormatMessageA
LocalFree
SetLastError
GetTickCount
GetProcessHeap
HeapAlloc
CompareStringA
GetVersion
GetModuleHandleA
lstrcpynW
lstrcpynA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateMutexA
GetLastError
lstrlenA
lstrcpyA
WideCharToMultiByte
CreateProcessA
WaitForSingleObject
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
CreateFileA
WriteFile
CloseHandle
SetHandleCount
GetVersionExA

user32

GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
GetWindowTextA
GetDlgItem
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
SendMessageA
GetKeyState
PeekMessageA
PostQuitMessage
DestroyMenu
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
InsertMenuA
LoadBitmapA
SetMenuItemBitmaps
IsWindow
PostMessageA
wsprintfA
EnumWindows
GetPropA
GetForegroundWindow
RemovePropA
SetPropA
GetClassLongPtrA
GetClassNameA
LoadCursorA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
SetWindowTextA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
CheckMenuItem
GetClassLongA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
DeleteDC
GetStockObject
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ScaleWindowExtEx
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

QueryServiceConfigA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA

shlwapi

PathFindFileNameA
PathAddBackslashA
PathFindExtensionA
PathRemoveFileSpecA
StrStrIA

ole32

ReleaseStgMedium
StringFromIID
CoGetMalloc

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
homq
DllUnregisterServer

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

*H^
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a655c0dc6057266cd8d7f72e465acd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 10KB - Virtual size: 33KB

.pdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 61KB - Virtual size: 61KB

.reloc Size: 4KB - Virtual size: 4KB

*H^ Size: 60KB - Virtual size: 60KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 10KB - Virtual size: 33KB

.pdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 61KB - Virtual size: 61KB

.reloc
Size: 4KB - Virtual size: 4KB

*H^
Size: 60KB - Virtual size: 60KB