iasdatastore[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

iasdatastore.dll
Size

55KB
MD5

596831ac38348fc82237f55c80690d37
SHA1

4068c3f3a03217616afbd125eba6ec7eefc289c2
SHA256

9240c48af7a14b0b068136f060047dd7981d011e886614fc2f8451ef9df83cf3
SHA512

ab92ab96f75ea1f130fbc7a1ccbcb70f370b048119a0196292f9f9ff0fbb8426f87808ebcb2b7f67b8089c2e812de867ce14523372b16f6b07c2cdd6ca260f25
SSDEEP

1536:RhAW87RpNOxTNp+gYgZ+TTQLmIe6XXfcoZqwinMeb+Up9xcQ:RhAW87RpNOxT2gYgZ+TTQLmIcoX8bttc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
iasdatastore.dll

Files

iasdatastore.dll
.dll regsvr32 windows:10 windows x86 arch:x86

647c8efcb832ec74abe166c58e978ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

iasdatastore.pdb

Imports

msvcrt

swprintf_s
wcsncpy_s
vsprintf_s
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
malloc
sprintf_s
wcsrchr
_strnicmp
free
_purecall
?what@exception@@UBEPBDXZ
_XcptFilter
_amsg_exit
_initterm
_except_handler4_common
??1type_info@@UAE@XZ
_lock
__CxxFrameHandler3
_unlock
__dllonexit
_onexit
memcpy
_callnewh
memcmp
wcscpy_s
_wtoi
wcscat_s
_wcsupr_s
memset

atl

ord22
ord16
ord21
ord15
ord18
ord23
ord32

iassvcs

IASGetProductLimits
IASRegisterComponent
IASVariantChangeType

ntdll

RtlImageNtHeader

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CloseServiceHandle
OpenSCManagerA
QueryServiceStatusEx
OpenServiceA
TraceMessage
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle

kernel32

GetLastError
SwitchToThread
GetSystemDirectoryW
GetModuleFileNameW
SizeofResource
FindResourceW
GetModuleHandleW
FormatMessageA
VirtualQuery
LocalFree
ExpandEnvironmentStringsW
CreateFileW
GetFileInformationByHandle
CloseHandle
MultiByteToWideChar
lstrlenA
LoadResource
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
LeaveCriticalSection
GetSystemInfo
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TryEnterCriticalSection

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleRun
ObjectStublessClient10
ObjectStublessClient9
ObjectStublessClient8
ObjectStublessClient6
ObjectStublessClient5
ObjectStublessClient7
ObjectStublessClient3
ObjectStublessClient11
ObjectStublessClient4

oleaut32

GetErrorInfo
SysAllocStringByteLen
VariantInit
VariantClear
SysStringLen
SysAllocString
SysFreeString

rtutils

TraceVprintfExA
TraceDeregisterW
TraceRegisterExW

rpcrt4

CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
NdrOleAllocate
IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface

vssapi

CreateWriter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647c8efcb832ec74abe166c58e978ffe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

atl

iassvcs

ntdll

advapi32

kernel32

ole32

oleaut32

rtutils

rpcrt4

vssapi

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB