OnDemandBrokerClient[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

OnDemandBrokerClient.dll
Size

35KB
MD5

47614e8f53d9066409ff30cd897f888c
SHA1

65674bea3ea0b00dc01aaba29dd30b82cbed7d44
SHA256

4fcfbb9a47b4f8525e5d12877e230c27e9a2fe2ccd38bbb85fd00e18a6328451
SHA512

e0c5312012c5ae3d4a11d619d3a14c2c938cc97338c96248f1155c18a0d780c3d02b98c192103ca2371a5ea285e24461e770ec9b45bc4fe581b51bb87fea1c25
SSDEEP

384:2Q8dpO3RBCbozj6CeAxWHoywh5yi9Wrz5We049RKGunuYGYBw4iayiorPVZ1YVB0:23dpYRBcPwDDk0elJ+/e1Y313SgPFt8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OnDemandBrokerClient.dll

Files

OnDemandBrokerClient.dll
.dll windows:10 windows x86 arch:x86

f1af759ae854a2d2db6e0daf2bb26bcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

OnDemandBrokerClient.pdb

Imports

msvcrt

_except_handler4_common
malloc
memcmp
_initterm
_amsg_exit
_XcptFilter
_callnewh
__CxxFrameHandler3
free
memcpy_s
wcscpy_s
_wcsnicmp
_purecall
memset

rpcrt4

RpcBindingFree
RpcBindingBind
I_RpcMapWin32Status
NdrClientCall4
I_RpcExceptionFilter
RpcBindingCreateW

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
Sleep
InitializeCriticalSection

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

TerminateProcess
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-1

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-com-l1-1-1

CoTaskMemAlloc
CoCreateInstance
IIDFromString
CoCreateFreeThreadedMarshaler

oleaut32

SysFreeString

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

api-ms-win-security-base-l1-2-0

RevertToSelf
GetTokenInformation
ImpersonateLoggedOnUser

api-ms-win-core-winrt-error-l1-1-1

RoOriginateError

ntdll

RtlUnsubscribeWnfStateChangeNotification
RtlSubscribeWnfStateChangeNotification
RtlCopySid
RtlLengthSid
RtlUnsubscribeWnfNotificationWaitForCompletion

api-ms-win-appmodel-runtime-l1-1-1

GetPackagesByPackageFamily

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI
DelayLoadFailureHook

Exports

Exports

CreateOnDemandBrokerClient

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1af759ae854a2d2db6e0daf2bb26bcd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

rpcrt4

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-com-l1-1-1

oleaut32

api-ms-win-core-handle-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-security-base-l1-2-0

api-ms-win-core-winrt-error-l1-1-1

ntdll

api-ms-win-appmodel-runtime-l1-1-1

api-ms-win-core-delayload-l1-1-1

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 908B

.idata Size: 3KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 908B

.idata
Size: 3KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB