DllMain
rst64
Static task
static1
1 signatures
General
-
Target
malver_dump2_SCY.dll
-
Size
101KB
-
MD5
c84a366ea52cb25968dc263fd65a3c90
-
SHA1
a9d503146764d959f7ccc982d31676844df3efb9
-
SHA256
4d73bce8fda7df9590a2ee976d90bf66d40c89720f91b0ee8352fd6b3e1666fd
-
SHA512
ee457d1a5243809de516e187bf0532fb622105e769c9b06cead283faea0633abb3008b3a27aa400b1b68e4c900d3e0918a25a37baa7180df73e00740167a9cb1
-
SSDEEP
3072:KSUzJcbKW8cPxPEhcH4UQ+zCGscu6mjPJfT4RFt15fhDZDQcxCNNqCVRuYQ8C322:RKvc4At1NccxCVTuZFG2
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource malver_dump2_SCY.dll
Files
-
malver_dump2_SCY.dll.dll windows:5 windows x64 arch:x64
3264cf38b95d12e2647b2529b2b7098f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
advapi32
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
kernel32
VirtualFree
GetThreadTimes
GetDiskFreeSpaceExW
GlobalMemoryStatus
GetFileSize
SetFilePointerEx
FlushFileBuffers
MoveFileExW
lstrcmpiW
UnmapViewOfFile
lstrcmpiA
GetModuleHandleA
LoadLibraryW
MoveFileW
DeleteFileW
CreateProcessW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetExitCodeThread
CreateThread
SetThreadPriority
ResumeThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetCurrentProcess
ReadProcessMemory
TlsAlloc
TlsFree
WideCharToMultiByte
MultiByteToWideChar
GetLastError
SetLastError
GetCurrentThread
CreateMutexW
WaitForSingleObject
TerminateThread
CloseHandle
LoadLibraryA
FreeLibrary
GetProcAddress
SetErrorMode
GetVersion
GetVersionExA
Sleep
VirtualProtect
user32
LoadIconW
DispatchMessageW
TranslateMessage
PeekMessageW
UnregisterClassW
LoadCursorW
GetCursorPos
CreateWindowExW
UpdateWindow
DefWindowProcW
RegisterClassW
CloseWindow
ShowWindow
msvcrt
_snprintf
_amsg_exit
_initterm
time
localtime
free
memcmp
memcpy
calloc
_XcptFilter
strtoul
_mbscat
_mbscpy
_vsnprintf
_vsnwprintf
??3@YAXPEAX@Z
memset
wcscpy
wcslen
memcpy
strlen
_snwprintf
strncpy
wcsncpy
__C_specific_handler
__CxxFrameHandler
malloc
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Exports
Exports
Sections
.text Size: 75KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.SCY Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE