clb[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

clb.dll
Size

14KB
MD5

93e39919ef5159c2bfd595b5b8cd65dd
SHA1

68cb42949651015111fa48897b9e9953f9f57fa0
SHA256

32d3b0b328ae730a883d94c8017587529220f95ad8a0d66cb3f9729d4298e7b1
SHA512

73f1b02b080a5845961f2e495501bf8cb8940323cd229f15e2e4e04d4299342a7038744f008afb1cac59cae41e55f18076cb1d9e47941d18d97bffeeac611ff7
SSDEEP

384:dS/VycM7ZNwRWGdg7+6I0WMSqXuWxeWp:dSd1MXodj7A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
clb.dll

Files

clb.dll
.dll windows:10 windows x86 arch:x86

37d6aae4f31bdc0e65915c176a2cec37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

clb.pdb

Imports

msvcrt

_initterm
_except_handler4_common
_wcsdup
malloc
_amsg_exit
_XcptFilter
free
wcstok

kernel32

MulDiv
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LocalAlloc
LocalFree
GetACP
LocalReAlloc

comctl32

ord17

gdi32

GetStockObject
Polyline
GetDeviceCaps
GetTextMetricsW
CreatePen
SelectObject
DeleteObject
SetROP2
CreateFontIndirectW
SetTextAlign
ExtTextOutW
TranslateCharsetInfo
SetBkColor
SetTextColor

user32

SendMessageW
CreateWindowExW
SetWindowPos
GetDC
DefWindowProcW
GetSystemMetrics
LoadStringW
GetWindowLongW
DialogBoxParamW
CheckDlgButton
IsDlgButtonChecked
EndDialog
DeferWindowPos
EndPaint
BeginPaint
ReleaseDC
GetParent
SetRect
GetDlgItem
GetClientRect
SetWindowLongW
EndDeferWindowPos
LoadCursorW
SetFocus
GetSysColor
DrawFocusRect
RegisterClassW
GetDlgCtrlID
RedrawWindow
BeginDeferWindowPos
UnregisterClassW

Exports

Exports

ClbAddData
ClbSetColumnWidths
ClbStyleW
ClbWndProc
CustomControlInfoW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37d6aae4f31bdc0e65915c176a2cec37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 652B

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 652B