dciman32[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

dciman32.dll
Size

11KB
MD5

02f8ccf27184184afb35b19e0f968875
SHA1

9dc398a485ccf0567069afd3f2006ef04d3d502d
SHA256

2af1ea84dab62ac8c9a21b6812c6df4e78a9a5dbb8e92bfb26cec5ac67efddb9
SHA512

d0308269354c789b8159fb32074206fb50277504ac582411ae9213f9f2de6a21eee51e4c661f81f12f6bb8593ab29eae78af0ec3d9de27fb94282e5202985898
SSDEEP

192:DC6SqFxrAdNVpTN+wI7sFVZN78emk3WZOWucG:pxkzvTN+wI7sFVzek3WZOW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dciman32.dll

Files

dciman32.dll
.dll windows:10 windows x86 arch:x86

96c5a4d5a0f41234d0db8450f0085e04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dciman32.pdb

Imports

msvcrt

_except_handler4_common
malloc
free
_amsg_exit
memcpy
_XcptFilter
_initterm
memset

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
GetProcAddress
LocalFree
GetModuleHandleW
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime

gdi32

GdiEntry3
GetRandomRgn
GdiEntry2
CreateDCW
CreateRectRgn
DeleteDC
GetRegionData
GdiEntry6
GdiEntry10
GdiEntry1
DeleteObject

user32

GetSystemMetrics
ReleaseDC
GetDC

Exports

Exports

DCIBeginAccess
DCICloseProvider
DCICreateOffscreen
DCICreateOverlay
DCICreatePrimary
DCIDestroy
DCIDraw
DCIEndAccess
DCIEnum
DCIOpenProvider
DCISetClipList
DCISetDestination
DCISetSrcDestClip
GetDCRegionData
GetWindowRegionData
WinWatchClose
WinWatchDidStatusChange
WinWatchGetClipList
WinWatchNotify
WinWatchOpen

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96c5a4d5a0f41234d0db8450f0085e04

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 888B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 512B - Virtual size: 436B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 888B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 512B - Virtual size: 436B