dpx[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dpx.dll
Size

251KB
MD5

0c0df0f05baea320fa301f34e256e08b
SHA1

0af69a2dff3208af234b22f3b100363c0c29f9d7
SHA256

9d6c3cc1138aabec66eabd13905c24170f7f1fe6d7aa5dd6bf51f1d3bf66f03d
SHA512

27e7dd3699f4ecd491eff3e2a0b4943f5df20026badd55ccd31f0637a90ef62a276cdd5f122266969283acf7b3161a1528750b1f6c7ada01f65f01e23a31f1c1
SSDEEP

6144:JnAn1dpASU8nE0qAedrVKu0G/4O7dnMv8rz27kQUi1:1AvqB7U1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dpx.dll

Files

dpx.dll
.dll windows:6 windows x86 arch:x86

3b021bef6fe51bbeb6c46b71fd1210f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dpx.pdb

Imports

msvcrt

_write
_lseeki64
_fileno
__pioinfo
__badioinfo
ferror
_itoa
_snprintf
_iob
isleadbyte
__mb_cur_max
mbtowc
_isatty
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
_amsg_exit
_initterm
_XcptFilter
wcsstr
_vsnwprintf
_vscwprintf
memset
memcpy
_purecall
_vsnprintf
_CxxThrowException
malloc
free
_errno
__CxxFrameHandler

kernel32

LocalAlloc
LoadLibraryA
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange
SetFilePointer
GetFileSize
GetLongPathNameW
GetSystemTimeAsFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
CreateEventW
ResetEvent
SetEvent
WaitForSingleObjectEx
CloseHandle
VirtualFree
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
GetEnvironmentVariableW
SetFileAttributesW
GetFileAttributesW
RemoveDirectoryW
DeleteFileW
Sleep
GetLastError
MoveFileExW
FindClose
GetFileSizeEx
ReadFile
SetFilePointerEx
LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
GetFullPathNameW
FindNextFileW
FindFirstFileW
CreateDirectoryW
WriteFile
SetEndOfFile
SetFileTime
FreeLibrary
GetWindowsDirectoryW
GetProcAddress
LoadLibraryW
GetModuleHandleW

advapi32

TraceEvent
ControlTraceW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptDestroyHash
CryptCreateHash
RegCloseKey
RegCreateKeyW
RegOpenCurrentUser
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
CryptGetHashParam
CryptHashData
CryptAcquireContextA

rpcrt4

UuidCreate

Exports

Exports

DpxFreeMemory
DpxNewJob
DpxRestoreJob

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b021bef6fe51bbeb6c46b71fd1210f1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

rpcrt4

Exports

Exports

Sections

.text Size: 237KB - Virtual size: 236KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 237KB - Virtual size: 236KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB