CallButtons[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

CallButtons.dll
Size

74KB
MD5

f732c52569d19da7ae36c80de81cfd81
SHA1

6843d3c761349aa07f817aa5ed7ee064f6ee4573
SHA256

fd4e3b8b7ba3bded584dcf153e4c2a48c8f00ac0cd7f01c051d49cc01123c46a
SHA512

14daff77caba1236d6be17b1ae84876964bf06dc4c1b40c37308509ca1720ca20cd89e30d351bca69ffde1810f0a386e0b0454cdc3935969e3900c8c3014a0f2
SSDEEP

1536:t6Z6By0aTHVLWi31QRQ2nhl7c1cDNFIWt+bP9i611:mXFFQl7lNFNwb1i61

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CallButtons.dll

Files

CallButtons.dll
.dll windows:10 windows x86 arch:x86

68a51a0e35bf6f71fd6fe20187948033

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

CallButtons.pdb

Imports

msvcrt

_except_handler4_common
??1type_info@@UAE@XZ
memcmp
memcpy_s
_purecall
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
memmove_s
atol
_callnewh
_errno
realloc
_initterm
malloc
_amsg_exit
_XcptFilter
free
_vsnwprintf
memset

api-ms-win-core-winrt-error-l1-1-1

RoReportFailedDelegate
RoOriginateErrorW
RoTransformError
IsErrorPropagationEnabled
RoGetMatchingRestrictedErrorInfo
RoOriginateError

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-2-0

AcquireSRWLockExclusive
CreateEventW
WaitForMultipleObjectsEx
ResetEvent
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockShared
Sleep
WaitForSingleObject
SetEvent
ReleaseSRWLockShared

api-ms-win-core-com-l1-1-1

CoTaskMemFree
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoGetCallContext

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsConcatString
WindowsStringHasEmbeddedNull
WindowsCreateStringReference
WindowsCreateString
WindowsDuplicateString
WindowsGetStringRawBuffer
WindowsIsStringEmpty

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
CreateThread

api-ms-win-core-sysinfo-l1-2-1

GetSystemTimeAsFileTime
GetTickCount64
GetTickCount

api-ms-win-core-errorhandling-l1-1-1

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
RaiseException

ntdll

RtlPublishWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlNtStatusToDosError
RtlSubscribeWnfStateChangeNotification

api-ms-win-core-winrt-l1-1-0

RoInitialize
RoGetActivationFactory

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal

rpcrt4

RpcBindingFree
RpcBindingFromStringBindingW
NdrClientCall4
RpcStringBindingComposeW
RpcStringFreeW

api-ms-win-core-file-l1-2-1

WriteFile
ReadFile

api-ms-win-core-heap-l1-2-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-io-l1-1-1

CancelIo
GetOverlappedResult

hid

HidP_GetValueCaps
HidP_SetUsageValueArray
HidP_GetUsageValueArray
HidP_GetUsages
HidP_GetSpecificValueCaps
HidP_GetLinkCollectionNodes
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidP_MaxUsageListLength
HidP_GetUsageValue
HidP_GetButtonCaps
HidP_SetUsageValue
HidP_SetUsages
HidP_UnsetUsages

api-ms-win-core-debug-l1-1-1

OutputDebugStringA

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68a51a0e35bf6f71fd6fe20187948033

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-errorhandling-l1-1-1

ntdll

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-string-l1-1-0

rpcrt4

api-ms-win-core-file-l1-2-1

api-ms-win-core-heap-l1-2-0

api-ms-win-core-io-l1-1-1

hid

api-ms-win-core-debug-l1-1-1

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB