api-ms-win-core-processthreads-l1-1-0[.]dll

General

Target

api-ms-win-core-processthreads-l1-1-0.dll
Size

4KB
MD5

be5cbc1d1cff18e377525d4426c5afa8
SHA1

7a03e3a9baa3e2a7cb9c3f129b04d7b14beab608
SHA256

9761a785f4764d94b97a3b7fa709cc551d7d8963645ed5a12137a6ed007baccb
SHA512

f9a7c1873863cfa11bf859f8cafa1d5fd29f6248480e43dadb0faceab7e2e5908048e1da45ffc8ad57ed4ce32974a16626041988002ff1c5304c515de9e84905
SSDEEP

48:q/OxVBScIfVkfWeKB+vpgge6gig8YSzYFTdshgW9M2PkSvtsOIZWUKcsbh/5WwaE:QceuYFT4s9OEWcsthWwn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-core-processthreads-l1-1-0.dll

Files

api-ms-win-core-processthreads-l1-1-0.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

API-MS-Win-Core-ProcessThreads-L1-1-0.pdb

Exports

Exports

CreateProcessA
CreateProcessAsUserW
CreateProcessW
CreateRemoteThread
CreateRemoteThreadEx
CreateThread
DeleteProcThreadAttributeList
ExitProcess
ExitThread
FlushProcessWriteBuffers
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetPriorityClass
GetProcessId
GetProcessIdOfThread
GetProcessTimes
GetProcessVersion
GetStartupInfoW
GetThreadId
GetThreadPriority
GetThreadPriorityBoost
InitializeProcThreadAttributeList
OpenProcessToken
OpenThread
OpenThreadToken
ProcessIdToSessionId
QueryProcessAffinityUpdateMode
QueueUserAPC
ResumeThread
SetPriorityClass
SetProcessAffinityUpdateMode
SetProcessShutdownParameters
SetThreadPriority
SetThreadPriorityBoost
SetThreadStackGuarantee
SetThreadToken
SuspendThread
SwitchToThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UpdateProcThreadAttribute

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 26B

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 26B