normaliz[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

normaliz.dll
Size

20KB
MD5

25a38b00df321c5684c175d9e5366963
SHA1

4c025b45e6015d0cd33fa25b08d35481ab02086d
SHA256

1ecb627d6532331316567c2e1a98a61f14720f02b03fa1b836c4a206442cd392
SHA512

c6de7f303c9d8b81c70ec27f4b82387b867e66fb59cd02bc50d0d5cdb21ee44ec423c942b35872be2fd6d65f546e0c2de0e1146fbe2e25f36290236e1856f421
SSDEEP

384:fsfiNSEc6E/IyW4vLZas/hWUyIFCPZhtzXbvAxb0WU0ZWc8:fsfi8EcE8vL5sUyGW5rt0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
normaliz.dll

Files

normaliz.dll
.dll windows:6 windows x86 arch:x86

2badf22e65ac7a7ba47b98eab90841ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

normaliz.pdb

Imports

msvcrt

free
_wcsnicmp
_adjust_fdiv
_amsg_exit
_initterm
memset
malloc
_XcptFilter
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy

ntdll

RtlUnwind

kernel32

InterlockedCompareExchange
Sleep
InterlockedExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
OpenFileMappingW
GetSystemDirectoryW
CreateFileW
CreateFileMappingW
SetLastError
GetStringTypeW
GetLastError
UnmapViewOfFile
CloseHandle
MapViewOfFile

Exports

Exports

IdnToAscii
IdnToNameprepUnicode
IdnToUnicode
IsNormalizedString
NormalizeString

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ