dinput[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dinput.dll
Size

132KB
MD5

08d0bca4841c06bce64bd94586632f16
SHA1

4fd07e16d18fc5b012e1060af906413778276ade
SHA256

46797c469015a219cc0f17227c5610c12881b2e3cb30eaf385f15854769c09fd
SHA512

1df957a9458d1dfc4da07373ad932cecf4c4b3fc42b2cb56904b114b922a15ecdf4cae7d578c94cf75981103e8e63092c31086f77dc11e2d04a40d56eb1eb39f
SSDEEP

3072:OQ84DqHCKPjU1izm8ai7Bss6Y+7yqXGU0Ugq1mfOh6jih:OQxqHCKPkinss6dyqXGGR1mfw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dinput.dll

Files

dinput.dll
.dll regsvr32 windows:10 windows x86 arch:x86

f9f87a292ff85c82a63dd8c6ec69ddec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dinput.pdb

Imports

msvcrt

_vsnwprintf
_amsg_exit
_except_handler4_common
free
malloc
memcpy
_initterm
_XcptFilter
_CIatan2
_CIcos
_CIsin
_CIsqrt
_ftol2_sse
memcmp
memset

kernel32

CloseHandle
GetSystemTimeAsFileTime
lstrlenW
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SetEvent
DeleteCriticalSection
ResetEvent
GetCurrentProcessId
WideCharToMultiByte
WaitForSingleObject
FreeLibraryAndExitThread
LoadLibraryW
CreateEventW
CreateThread
SetThreadPriority
WaitForMultipleObjects
GetLastError
FreeLibrary
lstrcmpiW
ReadFileEx
GetCurrentProcess
DuplicateHandle
MulDiv
ReleaseMutex
GetVersion
LocalReAlloc
LocalAlloc
SleepEx
ResumeThread
DisableThreadLibraryCalls
GetProcAddress
OpenEventW
UnmapViewOfFile
Sleep
MultiByteToWideChar
lstrcmpW
GetWindowsDirectoryW
GetPrivateProfileStringW
lstrcmpiA
WriteFileEx
HeapAlloc
GetProcessHeap
HeapFree
DeviceIoControl
GetLocalTime
SystemTimeToFileTime
CreateMutexW
CreateFileMappingW
MapViewOfFile
FindResourceW
LoadResource
CreateProcessW
InitializeCriticalSection
GetVersionExW
lstrlenA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetSystemInfo
SetFilePointer
ReadFile
CreateFileW
GetFullPathNameW
GetModuleHandleW
GetModuleFileNameW
LocalFree
GetTickCount
RaiseException
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryExA
VirtualProtect
GetFileSize
VirtualQuery

advapi32

RegQueryValueW
GetSecurityInfo
RegEnumKeyExW
FreeSid
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
RegDeleteKeyW
RegOpenKeyW
RegCreateKeyW
RegEnumValueW
RegQueryValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyW
RegSetValueExW
RegCloseKey

user32

IsWindow
CallWindowProcW
SetPropW
RemovePropW
GetPropW
GetRawInputDeviceList
GetRawInputDeviceInfoW
GetKeyboardType
CharUpperW
UnhookWindowsHookEx
CallNextHookEx
GetForegroundWindow
IsIconic
GetWindowThreadProcessId
SetWindowsHookExW
GetWindowLongW
PostThreadMessageW
MsgWaitForMultipleObjects
DefWindowProcW
LoadCursorW
LoadIconW
RegisterClassW
CreateWindowExW
GetInputState
SetTimer
PeekMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
ClipCursor
SystemParametersInfoW
GetClientRect
MapWindowPoints
GetWindowRect
GetDesktopWindow
IntersectRect
SetCapture
ShowCursor
GetAsyncKeyState
mouse_event
SetCursorPos
SetWindowLongW
GetMessageTime
SendNotifyMessageW
GetSystemMetrics
GetCursorPos
MapVirtualKeyW
LoadStringW
keybd_event
SubtractRect
IsRectEmpty
FindWindowW
SendMessageW
RegisterWindowMessageW
ord2597
PostMessageW
ReleaseCapture

winmm

mmioWrite
mmioRead
mmioCreateChunk
mmioClose
mmioOpenA
mmioAscend
mmioDescend

api-ms-win-downlevel-kernel32-l1-1-0

QueueUserWorkItem
SetLastError
InitOnceExecuteOnce
GetModuleHandleExW

Exports

Exports

DirectInputCreateA
DirectInputCreateEx
DirectInputCreateW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9f87a292ff85c82a63dd8c6ec69ddec

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

user32

winmm

api-ms-win-downlevel-kernel32-l1-1-0

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 9KB

.idata Size: 5KB - Virtual size: 4KB

.didat Size: 512B - Virtual size: 16B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 109KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 9KB

.idata
Size: 5KB - Virtual size: 4KB

.didat
Size: 512B - Virtual size: 16B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB