ContactActivation[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ContactActivation.dll
Size

45KB
MD5

08b3ba05789a19f1067ce7e7cd5c074e
SHA1

f00f46a3a3d9252f95de2b5b5824b1daccee349d
SHA256

10d3ebd12a09100755254808aab8231b5fde80a3c488567b1154c12a1715c534
SHA512

035bf63f88c7bd43391920b11f13be6c0c287199528f38e6761075306d9b0e739aea717c671d77be42bcc235371b10249830b1d19dd798679ed5b2bf9c2f97d2
SSDEEP

768:K7H3N+ODc/Q0cJACGZxOUxdGlIH43vVYi2n/sRzjCy+8wts8whgp352/48O:Kbjc/Q0cDG/LRH43NYi2n/sRzjCj8wtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ContactActivation.dll

Files

ContactActivation.dll
.dll windows:10 windows x86 arch:x86

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ContactActivation.pdb

Imports

msvcrt

_callnewh
_amsg_exit
realloc
_purecall
memmove_s
memcpy
_except_handler4_common
_XcptFilter
_onexit
__dllonexit
_unlock
_lock
__CxxFrameHandler3
free
malloc
_initterm
memcmp
memset

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString
WindowsIsStringEmpty

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetLastError

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
CreateEventExW
InitializeSRWLock
ReleaseSRWLockShared
SetEvent

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoWaitForMultipleObjects
CoTaskMemAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

api-ms-win-shcore-stream-winrt-l1-1-0

CreateStreamOverRandomAccessStream

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

userdatatypehelperutil

ReadStreamContentA
GetStreamSize

Exports

Exports

AwaitContactPickerResults
ContactToVCardString
DeserializeContactFromString
SerializeContactToString
SerializeContactToVCard
ShowContactPickerAsync
VCardStringToContact

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-shcore-stream-winrt-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

userdatatypehelperutil

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 972B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 972B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB