DXPTaskRingtone[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

DXPTaskRingtone.dll
Size

950KB
MD5

5483d87ca77ce60b29d46bcb4c4c21fb
SHA1

98f371e1bf168ba43f5b97b526d26ac9edf6292b
SHA256

0add0a56e09a9e6bd1001e924622351cd54754f6db5dd651f9ad6a3fe24cc7f1
SHA512

3666ec6287503896866e24186c7bc1c0b8bd26898ea2fd11301a6719658ef39cfd8260c6d1af1fa8de16935ca75627851320187f7944073f7312955f4e8f3808
SSDEEP

6144:xBH8Q87f53vSqK/pwS7E+wh1zy4C2R1PRxXis06WnWw8dEEyK2Yv/xYImt2Aiq3J:xQ7R/U/ndqPRQnumgAiqoFmZlS43j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DXPTaskRingtone.dll

Files

DXPTaskRingtone.dll
.dll regsvr32 windows:6 windows x86 arch:x86

ad58ba7697b1986a7a930c88de5d68ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DxpTaskRingtone.pdb

Imports

msvcrt

_wcsicmp
free
malloc
memcpy_s
memmove_s
_vsnwprintf
_resetstkoflw
swprintf_s
??_U@YAPAXI@Z
_ftol2_sse
modf
_ftol2
memcpy
_purecall
_XcptFilter
_initterm
_amsg_exit
_except_handler4_common
realloc
_errno
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
__CxxFrameHandler3
memmove
qsort
wcschr
wcstol
_wcsdup
_vsnprintf
iswalpha
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
_isnan
iswalnum
??_V@YAXPAX@Z

ntdll

WinSqmAddToStream
EtwLogTraceEvent
WinSqmIncrementDWORD
WinSqmIsOptedIn

kernel32

GetVersion
lstrlenW
CompareStringW
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
InterlockedCompareExchange
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
MultiByteToWideChar
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDurationFormatEx
MulDiv
GetLocaleInfoW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
Sleep
DeleteFileW
DeactivateActCtx
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DebugBreak
VirtualQueryEx
GetModuleFileNameA
GetSystemDirectoryW
GetThreadUILanguage
GetUserDefaultUILanguage
SetProcessWorkingSetSize
TlsSetValue
TlsAlloc
TlsFree
LoadLibraryW
FreeLibrary
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
GetModuleHandleExW
CreateThread
FreeLibraryAndExitThread
GetTempPathW
WaitForMultipleObjects
FormatMessageW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
CloseHandle
LocalFree
CompareStringOrdinal
ResetEvent
DeleteCriticalSection
LocalAlloc
FindAtomW
GetThreadLocale
IsProcessorFeaturePresent
DeleteAtom
AddAtomW
GetAtomNameW
OutputDebugStringW
TlsGetValue
GetModuleHandleW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetProcessTimes
InitializeCriticalSection
RaiseException
SetEvent
CreateEventW
GetLastError
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetModuleFileNameW
QueryPerformanceCounter

gdi32

GetCurrentObject
SetBkColor
GdiTransparentBlt
GdiGradientFill
GdiAlphaBlend
PatBlt
DeleteEnhMetaFile
SetTextAlign
GetObjectW
StretchBlt
GetTextAlign
GetLayout
SetStretchBltMode
PlayEnhMetaFile
GetTextColor
ExtTextOutW
GetTextExtentPoint32W
SetBrushOrgEx
GetBrushOrgEx
RealizePalette
GetTextMetricsW
LPtoDP
StretchDIBits
CreateDIBPatternBrushPt
GetBkColor
CreatePatternBrush
SelectPalette
CreateHalftonePalette
GetDIBits
GetStockObject
SetWindowOrgEx
OffsetWindowOrgEx
GetBkMode
RectVisible
CombineRgn
ExtCreateRegion
GetRegionData
GetRgnBox
OffsetRgn
CreateDIBSection
GetPixel
SetPixel
BitBlt
CreateFontIndirectW
CreatePen
CreateSolidBrush
MoveToEx
LineTo
SetBkMode
SetTextColor
SetLayout
GetTextExtentPointW
TextOutW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps
CreateRectRgn

ole32

CLSIDFromString
CreateStreamOnHGlobal
PropVariantClear
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoDisconnectObject

oleaut32

SafeArrayGetDim
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysStringLen
VariantInit
SysAllocString
SysFreeString

shlwapi

SHCreateStreamOnFileEx
PathAppendW
PathFindFileNameW
PathRemoveExtensionW
PathFileExistsW
ord567
ord215
ord172
ord174
ord515
ord158
SHStrDupW
ord538
ord156
ord618
ord494
ord24
ord514
ord204
ord495
ord535
ord636
ord637
ord507
ord199
ord615
ord16
PathFindExtensionW
ord176
ord219

advapi32

RegOpenKeyExW
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
EventRegister
EventUnregister
TraceMessage
EventWrite
RegCloseKey
RegSetValueExW
RegGetValueW
RegCreateKeyExW
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptSignHashW
CryptHashData
CryptCreateHash
CryptImportKey
CryptAcquireContextW
TraceEvent
RegQueryValueExW
GetTraceEnableFlags

shell32

SHParseDisplayName
ord18
ord25
SHGetPropertyStoreFromParsingName
SHGetFolderPathEx
SHCreateItemFromIDList
ord67
SHBindToObject
SHCreateItemFromParsingName
SHGetNameFromIDList
ShellExecuteExW
SHGetKnownFolderPath
ord4
ord155
ord2
SHGetIDListFromObject
SHCreateItemInKnownFolder

user32

ReleaseCapture
DrawFrameControl
EqualRect
DestroyIcon
SetRect
GetIconInfo
CreateIconIndirect
IsRectEmpty
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
DrawIconEx
SetWindowPos
InvalidateRect
CreateWindowExW
DrawFocusRect
CallWindowProcW
DefWindowProcW
LoadCursorW
GetClassInfoExW
SetFocus
DestroyWindow
GetWindowLongW
GetFocus
DrawTextW
GetDC
ReleaseDC
SystemParametersInfoW
SetRectEmpty
ShowWindow
IsChild
GetKeyState
GetSysColor
OffsetRect
SetClassLongW
UnregisterClassA
CharUpperA
CharUpperW
SetCapture
EndPaint
FillRect
SetCursor
CopyRect
InflateRect
DrawEdge
SetWindowLongW
IsWindow
KillTimer
SetTimer
PostMessageW
LoadAcceleratorsW
CopyAcceleratorTableW
LoadStringW
SendMessageW
GetClientRect
DeleteMenu
GetMenuItemInfoW
GetMenuItemCount
SetMenuDefaultItem
DestroyMenu
RemoveMenu
GetSubMenu
LoadMenuW
LoadImageW
ScreenToClient
GetScrollInfo
SetScrollInfo
RegisterWindowMessageW
EnableWindow
SetParent
RedrawWindow
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClassLongW
GetWindowRect
UpdateWindow
SetWindowRgn
GetWindowRgnBox
MapWindowPoints
RegisterClassExW
GetParent
GetSystemMetrics
GetSysColorBrush
NotifyWinEvent
RemovePropW
SetPropW
GetPropW
ClientToScreen
GetMonitorInfoW
MonitorFromWindow
AdjustWindowRectEx
EnumChildWindows
GetMessagePos
IsCharAlphaNumericW
BeginPaint

propsys

PropVariantToStringAlloc
PropVariantToBooleanWithDefault
PropVariantToGUID
PSCreateMemoryPropertyStore
PSFormatForDisplayAlloc
PropVariantToUInt64

gdiplus

GdipTranslateWorldTransform
GdipDrawLine
GdipDrawLineI
GdipResetWorldTransform
GdipCreateFromHDC
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipAlloc
GdipFree
GdipDeleteGraphics

uxtheme

SetWindowTheme
DrawThemeBackground
EndBufferedPaint
BufferedPaintClear
GetBufferedPaintBits
BeginBufferedPaint
ord47
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
GetThemeMetric
GetThemeColor
GetThemeFont
GetThemeMargins
GetThemeAppProperties
IsAppThemed
GetThemeBackgroundContentRect
GetThemePartSize
OpenThemeData
CloseThemeData

winmm

timeGetTime

mf

MFTranscodeGetAudioOutputAvailableTypes
MFCreateTopologyNode
MFCreateMediaSession
MFGetService
MFCreateDeviceSource
MFCreateSampleGrabberSinkActivate
MFCreateTranscodeTopology
MFCreateTranscodeProfile
MFCreateAudioRendererActivate
MFCreateTopology

mfplat

MFInitMediaTypeFromWaveFormatEx
MFGetTimerPeriodicity
MFCreateMediaType
MFCreateWaveFormatExFromMFMediaType
MFCreateSourceResolver
MFTRegisterLocalByCLSID
MFTUnregisterLocalByCLSID
MFCreateAttributes
MFCreateAudioMediaType
MFRemovePeriodicCallback
MFStartup
MFShutdown
MFAddPeriodicCallback

wmpdui

SetGadgetStyle
DeleteHandle
GetGadgetFocus
GetGadgetSize
SetGadgetRect
BuildAnimation
BuildInterpolation
FindGadgetFromPoint
SetGadgetFocusEx
SetGadgetMessageFilter
CreateGadget
SetGadgetFocus
DUserSendEvent
UtilDrawBlendRect
GetStdColorBrushI
GetStdColorI
ForwardGadgetMessage
GetGadgetRgn
DetachWndProc
AttachWndProcW
MapGadgetPoints
GetGadgetTicket
DUserFlushDeferredMessages
InitGadgets
DisableContainerHwnd
LookupGadgetTicket
SetGadgetRootInfo
SetGadgetBufferInfo
FindStdColor
GetDUserModule
CreateAction
DUserPostEvent
GetGadgetRect
SetGadgetParent
GetGadgetAnimation
InvalidateGadget
DUserFlushMessages

oleacc

LresultFromObject
AccessibleObjectFromWindow
GetRoleTextW
CreateStdAccessibleObject
ObjectFromLresult

dwmapi

DwmIsCompositionEnabled

windowscodecs

WICCreateImagingFactory_Proxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad58ba7697b1986a7a930c88de5d68ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

gdi32

ole32

oleaut32

shlwapi

advapi32

shell32

user32

propsys

gdiplus

uxtheme

winmm

mf

mfplat

wmpdui

oleacc

dwmapi

windowscodecs

Exports

Exports

Sections

.text Size: 462KB - Virtual size: 461KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 449KB - Virtual size: 448KB

.reloc Size: 35KB - Virtual size: 35KB

.text
Size: 462KB - Virtual size: 461KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 449KB - Virtual size: 448KB

.reloc
Size: 35KB - Virtual size: 35KB