SndVolSSO[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SndVolSSO.dll
Size

215KB
MD5

2cfa4569350b7f84f815e9ec34e85766
SHA1

561210644c0028c247a1044c9e7c3a47144be383
SHA256

8de5f880f23435256e697c24bddfa9b8994acc3faa063af274bec918fe012788
SHA512

ee18fbe17988b8f1b45e590cdb2c21ebdcf60528a5024f9c71bcc1473c8b47981aa47dea0a3da19702931445d7ffce85e763da8b4c471eceea4d6411acbbfa07
SSDEEP

1536:AJgvGwmm8U6bRU38q0UdEP2zxhlT49H4LdpzJod/yI32FicZOnqWFWqWeXo/V:AJBTeqRU3VTzxyYJp6FyI3byOnqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SndVolSSO.dll

Files

SndVolSSO.dll
.dll windows:6 windows x86 arch:x86

11456de9949160829a3e9b99f5917c39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SndVolSSO.pdb

Imports

msvcrt

??3@YAXPAX@Z
rand
srand
memset
__CxxFrameHandler3
_vsnwprintf
??2@YAPAXI@Z
_CxxThrowException
wcstol
_purecall
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
_except_handler4_common
??1type_info@@UAE@XZ
_amsg_exit
_initterm
_XcptFilter
malloc
free
_wcsicmp
swprintf_s
memmove_s
_resetstkoflw
memcpy_s
vswprintf_s
_vscwprintf

ntdll

EtwEventWrite
EtwTraceMessage
EtwEventRegister
EtwEventUnregister
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwGetTraceLoggerHandle

user32

DestroyWindow
LoadImageW
LoadIconW
PrivateExtractIconsW
PostMessageW
UnregisterClassA
GetRawInputDeviceList
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceInfoW
RegisterClassExW
LoadCursorW
GetClassInfoExW
CreateWindowExW
FindWindowW
LoadStringW
DestroyIcon
IsWindow
KillTimer
SetTimer
GetWindowLongW
SetWindowLongW
CallWindowProcW
DefWindowProcW
LoadMenuW
GetSubMenu
SetMenuItemInfoW
TrackPopupMenuEx
BringWindowToTop
SendMessageW
SetForegroundWindow

comctl32

ord381
ord380

ole32

PropVariantClear
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

hid

HidP_GetUsages

kernel32

GetUserDefaultUILanguage
GetLocaleInfoW
EnumUILanguagesW
OutputDebugStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
Sleep
VirtualAlloc
VirtualFree
LoadLibraryA
InterlockedExchange
LoadLibraryExW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryExA
InterlockedCompareExchange
FreeLibrary
GetProcAddress
DelayLoadFailureHook
GetTickCount64
GetCurrentProcess
FlushInstructionCache
RaiseException
GetCurrentThreadId
LocalFree
FormatMessageW
SetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetVersionExW
CreateProcessW
CreateMutexW
GetLastError
GetExitCodeProcess
CloseHandle
ExpandEnvironmentStringsW
GetTickCount
GetVersionExA

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

NotifyServiceStatusChangeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11456de9949160829a3e9b99f5917c39

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

user32

comctl32

ole32

hid

kernel32

api-ms-win-service-winsvc-l1-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-service-management-l2-1-0

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 139KB - Virtual size: 138KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 139KB - Virtual size: 138KB

.reloc
Size: 3KB - Virtual size: 2KB