doghelper[.]dll

General

Target

doghelper.dll
Size

57KB
MD5

973e0fb4595a4049f9cc88771645d792
SHA1

3b9a8259b631d5d094aea52c0558cb1ed0cdfe8e
SHA256

1e0a8a7096ecce6e2efd4cd3a004c50741e7c32ae7d76b0817b6000d417a46f7
SHA512

4e5c4b8938f26ee7b31d4c939c132135a7562de4547182b24f7531dcb3869780ef3fb55cf9442a79afb0301c866cf10179ccf92fcfbc5e3207594d54da2532fd
SSDEEP

1536:DS8jP3mCshL1vfcZMa1sA4MqqU+NV23S2b+bXb:+GP3mCgO1B4MqqDLy/b+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
doghelper.dll

Files

doghelper.dll
.dll windows:5 windows x86 arch:x86

d199f89a6bafa4d73367006c10860a6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\test\宏狗\doghelper\Release\doghelper.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
LoadLibraryW
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
GetSystemTimeAsFileTime
EncodePointer

msvcr100

_except_handler4_common
_onexit
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
sprintf
_lock
memcpy
memset

Exports

Exports

CheckDogDriver
DogChangeOrder
DogChangePassword
DogCheckExists
DogClose
DogCreateFile
DogDeleteFile
DogGetSerial
DogOpen
DogOperPass
DogReadData
DogVerifyPassword
DogWriteData
InstallDogDriver
ShowDogDriverDialog
UninstallDogDriver
free_install
init_install

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d199f89a6bafa4d73367006c10860a6e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr100

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 1KB