speedup[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

speedup.dll
Size

9KB
MD5

e79ed3a0f9e7313f7c9b5d94e9c28f7a
SHA1

b9efed8ffe7387ca50cf076715f4fb8268b5921f
SHA256

b83dc982698e74cd1becc145954bd6d6d655896828b3c1e5bb4725d24fc9fe4b
SHA512

d3ba8f1eff1b47c8eb8c737eb1ef6923c3c8072c5023008d2f075e20c0b264226541fede3d0db62d5407290d582d3690480ff2acc60f33d2580946b7e9848e1a
SSDEEP

96:0Poqql4CSdWsHbPQs7rVi5yEIBqQayNW:0g1hSdWs7PnrVPEUx8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
speedup.dll

Files

speedup.dll
.dll windows:4 windows x86 arch:x86

78f5f9356d4ad2ade26b171a0826eb21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

DisableThreadLibraryCalls
FreeLibrary
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetVersion
HeapAlloc
HeapFree
LoadLibraryA

cc3260

@_InitTermAndUnexPtrs$qv
__ErrorExit
__ErrorMessage
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argv_default_expand
__free_heaps
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__startupd
__wargv_default_expand
_memcpy

Exports

Exports

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
___CPPdebugHook
_fRegCloseKey
_fRegCreateKeyExA
_fRegOpenKeyExA
_fRegQueryValueExA
_fRegSetValueExA

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78f5f9356d4ad2ade26b171a0826eb21

Headers

File Characteristics

Imports

advapi32

kernel32

cc3260

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB