IPELoggingDictationHelper[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

IPELoggingDictationHelper.dll
Size

47KB
MD5

878dbe1adb7a29d0418a7d938ca51045
SHA1

ef47e2bf345cbb436611022d0b3ea05b7ee4fbc4
SHA256

9f0a44143e603d11e29f8d44c79552d1e35efb0b207d04088ad682a803be4a22
SHA512

004b977566cd3a536bc0cbfcb41409c9ce4c75c6afdd07e37ce04363072fdaf82d5e7f6245fb2f695b981dc63c6ee001c2e7fe6112da581c94ce88818a0804e2
SSDEEP

768:4FSb+wdLB+ZjR2kzEyZAN0DzVhfenX88XA64/Qyk8s+4J7aGTbXTZrtpfmW:T+wdLBAjR2kzpyN0DzLv8XjkTkndTZrZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
IPELoggingDictationHelper.dll

Files

IPELoggingDictationHelper.dll
.dll windows:10 windows x86 arch:x86

3c7b8aae071c317eb6418a006a658514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

IPELoggingDictationHelper.pdb

Imports

msvcrt

_XcptFilter
_except_handler4_common
_initterm
_onexit
__CxxFrameHandler3
??3@YAXPAX@Z
swprintf_s
_purecall
_callnewh
??1type_info@@UAE@XZ
malloc
_lock
__dllonexit
_unlock
free
_amsg_exit
memcpy
_vsnprintf_s
_CxxThrowException
memcmp
memmove

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventSetInformation
EventUnregister
EventWriteTransfer

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection

msvcp110_win

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

api-ms-win-core-com-l1-1-0

CoCreateGuid

Exports

Exports

GetIPELoggingHelper

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c7b8aae071c317eb6418a006a658514

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-1-0

msvcp110_win

api-ms-win-core-com-l1-1-0

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB