f3ahvoas[.]dll | Triage

Sharing

General

Target

f3ahvoas.dll
Size

8KB
MD5

373f2406ca325831be9204412dfaabfb
SHA1

7c41d7713f2e90c1a1ac5ba12ed7ae9ad6473ccc
SHA256

e0bdca6c043ccdafcdc8ecf3c7b82ab0cee22fc3521eb35423a77a1df8f7fc90
SHA512

fa274aa4357d1943bcff6b3910865cbd10282c9175d411ed581b9d82db76c9141155ae5c91ec02d66a0de845c8f6e0e4826f151c4a1beb8efd7b290f9f79ed52
SSDEEP

96:8l6gvbbVR9IScCICNcYhWvINQaWiofmWwA6:u6QbP9hKwVWNmWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3ahvoas.dll

Files

f3ahvoas.dll
.dll windows:10 windows x86 arch:x86

5fee61a2496e6d30478467592dd1e320

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

wf3ahvoas.pdb

Imports

win32u

NtUserCallTwoParam

Exports

Exports

FujitsuOyayubiControl
KbdLayerDescriptor
KbdNlsLayerDescriptor

Sections

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ