wdcnv230[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

wdcnv230.dll
Size

1.6MB
MD5

c69cdb7c84410f2216fd82caad347f96
SHA1

ac4b5f36c10f75486841e1c79b863535e98aadac
SHA256

8204b5d874d595b40c78c3f72c390c78af1b93e7dbf33d4c70c9a199c28d13f8
SHA512

a709cfd9dc461aa72ea98a7cb3d4e4c2674ce52a589b3fe7b39e991b76c1053bc3205382fb26caec4c533cd597f9b1deb93136694b289a255b618a03100e7345
SSDEEP

24576:Ikqm5XBmUlJtu8hKRVCbQdkZ5Vl8WtcLvih4r+HjUO/1ytxa6E7ih4r+38jeYriR:7TXGkZ5V9YTKzQxazW8j7igmtdH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
wdcnv230.dll

Files

wdcnv230.dll
.dll windows:6 windows x86 arch:x86

0104e1bad70efe91b5e0d7757129f5d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

B:\source\source.AP\99082\Release_WDConver_39\WX\Desktop_x86_32\Release\WDCnv230.pdb

Imports

kernel32

LeaveCriticalSection
GetLocalTime
LoadLibraryW
GetProcAddress
GetFileInformationByHandle
GetLogicalDriveStringsW
GetVolumeInformationW
CloseHandle
WriteFile
ReadFile
SetFilePointer
LockFile
LockFileEx
UnlockFile
UnlockFileEx
FlushFileBuffers
SetEndOfFile
SetFileValidData
SetErrorMode
SetLastError
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileW
DeleteFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
FindFirstFileW
FindClose
GetFileAttributesW
FindFirstFileExW
FindNextFileW
GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetFullPathNameW
GetDriveTypeW
FileTimeToLocalFileTime
FreeLibrary
IsBadReadPtr
IsBadWritePtr
CompareStringW
EnterCriticalSection
GetTimeZoneInformation
GetUserDefaultLangID
GetVersionExW
GetCurrentProcess
GetCurrentProcessId
WriteConsoleW
DecodePointer
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetStdHandle
GetACP
QueryPerformanceCounter
HeapAlloc
HeapFree
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
GetStringTypeW
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
DeleteCriticalSection
InitializeCriticalSection
FormatMessageW
GetTickCount
SetCurrentDirectoryW
WideCharToMultiByte
GetModuleHandleW
GetModuleFileNameW
GetLastError
MultiByteToWideChar
InterlockedExchangeAdd
LocalFree
InterlockedDecrement
InterlockedIncrement
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
InterlockedFlushSList
RaiseException
RtlUnwind
EncodePointer
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentThreadId

user32

PeekMessageW
LoadStringW
MessageBoxW
LoadCursorW
SetCursor
DispatchMessageW
TranslateMessage
wsprintfW
IsWindow
SetParent
SetWindowLongW
GetWindowLongW
GetDesktopWindow
GetWindowRect
GetParent
SetWindowPos
CharUpperW
CharUpperA
SetWindowTextW
GetActiveWindow
SendMessageW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
IsTextUnicode
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder

ole32

CoInitialize
CoCreateInstance
OleRun
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoUninitialize

oleaut32

VariantClear
VariantChangeType
GetErrorInfo
SysFreeString
SysStringLen
SysAllocString
VariantInit

Exports

Exports

CheckVersion
CommandeComposante
DeclareProxy
Execution
ExternalTermLibrary
FinConversion
IConvert_Add
IConvert_InitConversionMode
IConvert_InitConversionModeEx
IConvert_Release
IConvert_SetAnalysis
IConvert_SetAnalysisHF5
IConvert_SetCryptedAnalysis
IConvert_SetCryptedAnalysisHF5
IConvert_SetDataSourceEx
IConvert_SetInstallDirectory
IConvert_SetJauge
IConvert_SetMotDePasseCrypteFinalParNomLogique
IConvert_SetMotDePasseCrypteOuvertureParNomLogique
IConvert_SetMotDePasseFinalParNomLogique
IConvert_SetMotDePasseOuvertureParNomLogique
IConvert_SetParentHWND
IConvert_bAjouteFichier
IConvert_bAjouteFichierHF5FromREP
IConvert_bAjouteFichierHFFromRepertoire
IConvert_bExecute
IConvert_bGetCnxInfo
IConvert_bInitFromScript
IConvert_bSetDestinationDirectoryAsSourceDirectory
IConvert_bSetRepertoireDestination
IConvert_pszGetCheminWDD5
IConvert_pszGetLastError
IConvert_pszGetReportWarning
bExternalInitLibrary
nConversionDepassement
nConversionDepassementEx
nConversionDepassementExt
pCreerIConvert
pQueryProxy

Sections

.text
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0104e1bad70efe91b5e0d7757129f5d2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 444KB - Virtual size: 444KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 12KB - Virtual size: 16KB

.gfids Size: 512B - Virtual size: 300B

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 444KB - Virtual size: 444KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 12KB - Virtual size: 16KB

.gfids
Size: 512B - Virtual size: 300B

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 30KB - Virtual size: 29KB