dinput8[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dinput8.dll
Size

167KB
MD5

ce3b1bf2da18b3f90a08b147a5243724
SHA1

6af2533337f7b252b03aaf682c2aa45bbc38f83e
SHA256

b287dd87985f07a4c23e39ede02ff6d4311d8ab7aa177fc29f5401dc1f8f5fbd
SHA512

b06b4fbc0ade5cedbf41b2f4108fcf0d0cecfe8fd8ea22ae2329a987332ab4f2894301991295d417b7ea38b55be612b7d2762b3cd8f7feab12e26bebb91d18e9
SSDEEP

3072:OhOOKdFNXL/brRqJx2FVDvc99Ex/pfR50fr2IaVDpJQVh:Ooxv1LDkMVDE9u/xT4r2XDfQV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dinput8.dll

Files

dinput8.dll
.dll regsvr32 windows:10 windows x86 arch:x86

38993cb335d5a249143ea3e48ca9b0b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dinput8.pdb

Imports

msvcrt

iswctype
towupper
_wcsnicmp
_except_handler4_common
malloc
_wsplitpath_s
_vsnwprintf
free
_XcptFilter
memcpy
strchr
_initterm
_amsg_exit
_CIatan2
_CIcos
_CIsin
_CIsqrt
_ftol2_sse
memcmp
memset

kernel32

lstrlenW
GetSystemTimeAsFileTime
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SetEvent
DeleteCriticalSection
ResetEvent
WideCharToMultiByte
GetCurrentProcessId
lstrcmpW
WaitForSingleObject
FreeLibraryAndExitThread
LoadLibraryW
CreateEventW
CreateThread
SetThreadPriority
WaitForMultipleObjects
lstrcmpiW
ReadFileEx
GetCurrentProcess
DuplicateHandle
MulDiv
ReleaseMutex
GetVersion
LocalReAlloc
LocalAlloc
SleepEx
ResumeThread
DisableThreadLibraryCalls
GetProcAddress
UnmapViewOfFile
MultiByteToWideChar
CompareFileTime
lstrlenA
Sleep
GetWindowsDirectoryW
GetPrivateProfileStringW
GetSystemDirectoryW
WriteFileEx
HeapAlloc
GetProcessHeap
HeapFree
DeviceIoControl
GetLocalTime
SystemTimeToFileTime
CreateMutexW
CreateFileMappingW
MapViewOfFile
FindResourceW
LoadResource
CreateProcessW
InitializeCriticalSection
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetSystemInfo
SetFilePointer
ReadFile
CreateFileW
GetFullPathNameW
GetModuleHandleW
GetModuleFileNameW
LocalFree
FreeLibrary
GetTickCount
CloseHandle
RaiseException
GetLastError
CreateFileA
GetFullPathNameA
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryExA
VirtualProtect
GetFileSize
VirtualQuery

advapi32

EventWriteTransfer
GetSecurityInfo
RegDeleteKeyW
SetEntriesInAclW
GetUserNameW
FreeSid
SetSecurityDescriptorControl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegSetKeySecurity
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyW
RegCreateKeyW
RegEnumValueW
RegQueryValueW
EventUnregister
EventRegister
EventSetInformation
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

GetKeyNameTextW
ToUnicodeEx
MapVirtualKeyExW
GetKeyboardLayout
GetActiveWindow
IsWindow
CallWindowProcW
SetPropW
RemovePropW
GetPropW
GetRawInputDeviceList
GetRawInputDeviceInfoW
GetKeyboardType
CharUpperW
PostMessageW
UnhookWindowsHookEx
CallNextHookEx
GetForegroundWindow
IsIconic
GetWindowThreadProcessId
SetWindowsHookExW
GetWindowLongW
PostThreadMessageW
MsgWaitForMultipleObjects
DefWindowProcW
LoadCursorW
LoadIconW
RegisterClassW
CreateWindowExW
GetInputState
SetTimer
PeekMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
SystemParametersInfoW
GetClientRect
MapWindowPoints
GetWindowRect
GetDesktopWindow
IntersectRect
SetWindowLongW
ShowCursor
ClipCursor
GetAsyncKeyState
mouse_event
SetCursorPos
ReleaseCapture
GetMessageTime
SendNotifyMessageW
GetSystemMetrics
GetCursorPos
MapVirtualKeyW
LoadStringW
keybd_event
SubtractRect
IsRectEmpty
RegisterWindowMessageW
ord2597
SetCapture

api-ms-win-downlevel-kernel32-l1-1-0

QueueUserWorkItem
GetModuleHandleExW
SetLastError
InitOnceExecuteOnce

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetdfDIJoystick

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38993cb335d5a249143ea3e48ca9b0b4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

user32

api-ms-win-downlevel-kernel32-l1-1-0

Exports

Exports

Sections

.text Size: 141KB - Virtual size: 141KB

.data Size: 7KB - Virtual size: 44KB

.idata Size: 5KB - Virtual size: 5KB

.didat Size: 512B - Virtual size: 16B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 141KB - Virtual size: 141KB

.data
Size: 7KB - Virtual size: 44KB

.idata
Size: 5KB - Virtual size: 5KB

.didat
Size: 512B - Virtual size: 16B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 7KB