DDOIProxy[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

DDOIProxy.dll
Size

13KB
MD5

cfcfbb3fdf82df154e32dd58dfe4f9df
SHA1

2ab0c6630b1f90e129e92b0088e592848f11caf6
SHA256

fcd23b149606bc18a31b3025436b37d7a19ab5a02d38510e9cf7a73f457132d0
SHA512

86c4c6581f7c28767d64497090515fd9b91d268ff2fba6ffb0a3a6da826fd2f5f4eccdd3be2bf00be2bf8920d6c134c2209aa4dcad1fd7cff148be854d8bde2f
SSDEEP

192:DHzyGdT10HMTe5fSGn9yK+3BLQaSZbR3WQ7Wqi:DHnTPTe5fgHBLQaSZ93WQ7Wq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DDOIProxy.dll

Files

DDOIProxy.dll
.dll windows:10 windows x86 arch:x86

e309a6e6d0be0716928912045064ae5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DDOIProxy.pdb

Imports

ntdll

memcmp

kernel32

GetSystemTimeAsFileTime
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetTickCount

combase

NdrCStdStubBuffer_Release
ord3
ord9
ord8
ord5
ord6
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_AddRef
ord2
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
ord4
ord7

oleaut32

BSTR_UserSize
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserFree
BSTR_UserFree
LPSAFEARRAY_UserUnmarshal
BSTR_UserUnmarshal
BSTR_UserMarshal
LPSAFEARRAY_UserMarshal

rpcrt4

IUnknown_AddRef_Proxy
NdrOleFree
IUnknown_Release_Proxy
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
IUnknown_QueryInterface_Proxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e309a6e6d0be0716928912045064ae5e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

combase

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 820B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 748B

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 820B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 748B