batt[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

batt.dll
Size

99KB
MD5

f6c262d0278baa06217949639a6392c6
SHA1

5520456cc7969bccecb7d20e5795495fb1f0e1ff
SHA256

307ef6c6a14667103b74654bc6ac77cfe9f67525d27bba9b77cb6bcd6f6ce5f8
SHA512

7b712b22731859de2ab075a62808300d57241da3bdc94b0b9e6510bc070d17cf11f1477a66d4478eba3ecd1ef2d1c5e6f5099c7b215a13b4901f3ffbd97f88aa
SSDEEP

1536:QqdN3VhYWffnzt1FwmzpjM7XAoYpcq0Z+n5um4jjSgPF76/7Dh7YcLrsN:QqdhVhfffzOm9MDdYP08nkZt6Dl7Yes

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
batt.dll

Files

batt.dll
.dll windows:6 windows x86 arch:x86

842941e11933a42e7ee3f5b3e9e92321

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

batt.pdb

Imports

msvcrt

ceil
_initterm
_amsg_exit
_except_handler4_common
_XcptFilter
_ftol2
free
malloc

ntdll

RtlInitUnicodeString
NtOpenFile

kernel32

GetCurrentThreadId
DeviceIoControl
CloseHandle
LocalAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLastError
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
DisableThreadLibraryCalls
LocalFree
SetLastError
InterlockedExchange

setupapi

SetupDiSetSelectedDriverA
SetupDiGetDeviceInstallParamsA
SetupWriteTextLog
SetupGetThreadLogToken
SetupWriteTextLogError
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiRegisterDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiInstallDevice
SetupDiDestroyDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiDestroyDriverInfoList

powrprof

PowerReadDCValue
PowerEnumerate
PowerWriteDCValueIndex

Exports

Exports

BatteryClassCoInstaller
BatteryClassInstall

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

842941e11933a42e7ee3f5b3e9e92321

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

setupapi

powrprof

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 856B

.rsrc Size: 90KB - Virtual size: 89KB

.reloc Size: 1024B - Virtual size: 724B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 856B

.rsrc
Size: 90KB - Virtual size: 89KB

.reloc
Size: 1024B - Virtual size: 724B