httpapi[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

httpapi.dll
Size

26KB
MD5

9f0e1b129252e88094faa6d4640acfeb
SHA1

495ddff85992fda02dd690122b39e83f4b66f64a
SHA256

1c001cdc2337264d32732b2256cc4dbce7cc9117712cc6a4984543360859a75c
SHA512

e49f786c637bd0387fa0826d4e66a88b5c8b9b4c38113051f270822224572bb5e6bb57d08cb0707094ffa0db3dd23b21fad5c9f684256c07d9a2c1fbe687cf39
SSDEEP

384:jC2mbDRcOHf1jdsxLvtcALYIX4GmeaiWXhKtbUa7c8lAlPOqWLJWsk:jC2mb/f1jLGwimhGbT7Xlo2HM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
httpapi.dll

Files

httpapi.dll
.dll windows:10 windows x86 arch:x86

044f27e22e1edb346f50e8a0b8715005

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

httpapi.pdb

Imports

api-ms-win-core-crt-l1-1-0

_wcsnicmp
memcpy
_except_handler4_common
memset

api-ms-win-core-crt-l2-1-0

_initterm
_initterm_e

ntdll

NtCreateFile
NtCreateEvent
NtWaitForSingleObject
RtlAllocateHeap
NtDeviceIoControlFile
RtlFreeHeap
NtClose
RtlInitAnsiStringEx
RtlNtStatusToDosError
RtlInitUnicodeStringEx

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegEnumValueW
RegCloseKey
RegOpenKeyExW

api-ms-win-core-heap-obsolete-l1-1-0

LocalAlloc
LocalFree

api-ms-win-core-processthreads-l1-1-0

TlsFree
GetCurrentThreadId
GetCurrentProcessId
SwitchToThread
TlsSetValue
TlsGetValue
TerminateProcess
TlsAlloc
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime
GetComputerNameExW

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

HttpAddFragmentToCache
HttpAddUrl
HttpAddUrlToUrlGroup
HttpCancelHttpRequest
HttpCloseRequestQueue
HttpCloseServerSession
HttpCloseUrlGroup
HttpControlService
HttpCreateHttpHandle
HttpCreateRequestQueue
HttpCreateServerSession
HttpCreateUrlGroup
HttpDeclarePush
HttpDelegateRequest
HttpDelegateRequestEx
HttpDeleteServiceConfiguration
HttpEvaluateRequest
HttpFindUrlGroupId
HttpFlushResponseCache
HttpGetCounters
HttpGetExtension
HttpInitialize
HttpIsFeatureSupported
HttpPrepareUrl
HttpQueryRequestProperty
HttpQueryRequestQueueProperty
HttpQueryServerSessionProperty
HttpQueryServiceConfiguration
HttpQueryUrlGroupProperty
HttpReadFragmentFromCache
HttpReceiveClientCertificate
HttpReceiveHttpRequest
HttpReceiveRequestEntityBody
HttpRemoveUrl
HttpRemoveUrlFromUrlGroup
HttpSendHttpResponse
HttpSendResponseEntityBody
HttpSetRequestQueueProperty
HttpSetServerSessionProperty
HttpSetServiceConfiguration
HttpSetUrlGroupProperty
HttpShutdownRequestQueue
HttpTerminate
HttpUpdateServiceConfiguration
HttpWaitForDemandStart
HttpWaitForDisconnect
HttpWaitForDisconnectEx

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

044f27e22e1edb346f50e8a0b8715005

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-crt-l1-1-0

api-ms-win-core-crt-l2-1-0

ntdll

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 1020B

.idata Size: 2KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 40B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 1020B

.idata
Size: 2KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 828B