ContactActivation[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ContactActivation.dll
Size

45KB
MD5

d7abf92ce91fa05f044dcb01a5eafdf9
SHA1

c763234fcc6accae420e60f4bb8af55cf00cff8d
SHA256

9a6a712c1f35c6282bdda88df7865e31688fa02556c946941a9a59de8d9635cf
SHA512

4cc45437dcb41b598557a438949f73948064d01b99eae378b33de2eb5de99abf8834fc735ecfde5be771e504eb57683fb3441ce9e81357f8c59603bbffe8cc98
SSDEEP

768:Wkv3N+ODc/Q0cJACGZxOUxdGlIH43vVYi2n/sRzjCy+8wts8vh/p5d2/48O:Wijc/Q0cDG/LRH43NYi2n/sRzjCj8wtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ContactActivation.dll

Files

ContactActivation.dll
.dll windows:10 windows x86 arch:x86

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ContactActivation.pdb

Imports

msvcrt

_callnewh
_amsg_exit
realloc
_purecall
memmove_s
memcpy
_except_handler4_common
_XcptFilter
_onexit
__dllonexit
_unlock
_lock
__CxxFrameHandler3
free
malloc
_initterm
memcmp
memset

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString
WindowsIsStringEmpty

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetLastError

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
CreateEventExW
InitializeSRWLock
ReleaseSRWLockShared
SetEvent

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoWaitForMultipleObjects
CoTaskMemAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

api-ms-win-shcore-stream-winrt-l1-1-0

CreateStreamOverRandomAccessStream

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

userdatatypehelperutil

ReadStreamContentA
GetStreamSize

Exports

Exports

AwaitContactPickerResults
ContactToVCardString
DeserializeContactFromString
SerializeContactToString
SerializeContactToVCard
ShowContactPickerAsync
VCardStringToContact

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-shcore-stream-winrt-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

userdatatypehelperutil

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 972B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 972B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB