MSAMRNBEncoder[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

MSAMRNBEncoder.dll
Size

195KB
MD5

3d123159a3a9f445a401c998ce87b6a4
SHA1

b06091bbd870b24438ca77dae68dd536c1899064
SHA256

71e8c1cecd2b1d277c285015960a41374814897a0fe19c2025e85deeb73d5da5
SHA512

78004fc3d8d8dd378d99433b1abcc5a3b98df143f8bcd9dac18a2c160a1feb49f7e9a400d8b4a1b6b89855f64779b0983c1d14b54ea6b7e9cd39da2d094ad5c3
SSDEEP

6144:5qUWGeRjPbA3EE+6qc4732qsv8OWnz4l:5JWG+jE3JyPUl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MSAMRNBEncoder.dll

Files

MSAMRNBEncoder.dll
.dll regsvr32 windows:10 windows x86 arch:x86

3deebe93d9cb1583af4f89f327a5629c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MSAMRNBEncoder.pdb

Imports

msvcrt

??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
calloc
?what@exception@@UBEPBDXZ
_callnewh
??0exception@@QAE@XZ
_CxxThrowException
_XcptFilter
free
malloc
_amsg_exit
_initterm
memcpy
_except_handler4_common
??1type_info@@UAE@XZ
__CxxFrameHandler3
memset

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
FreeLibrary
GetModuleHandleExW
GetProcAddress
GetModuleFileNameW

api-ms-win-core-registry-l1-1-0

RegDeleteTreeW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

mfplat

MFCreateMediaType
MFTUnregister
MFTRegister

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-processthreads-l1-1-1

GetProcessMitigationPolicy

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-handle-l1-1-0

CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3deebe93d9cb1583af4f89f327a5629c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-synch-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

mfplat

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-heap-l2-1-0

api-ms-win-core-handle-l1-1-0

Exports

Exports

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 1024B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB