OpcServices[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

OpcServices.dll
Size

1.1MB
MD5

37485cc09b7e6e70093a4df62b3cc744
SHA1

64c859827a1d62735ecac2a41fe1ed312d340dfe
SHA256

34fc71ac85462f8c422cf0b49c83ddf8d05de366ceac4ded778150b5fffcd5c4
SHA512

20dbda41251c49380266e00b3283d585b0985f554f7510a0d360db5f93904be4c747eab5d92202241a3736f93e87530b03038a5899051d84c2cd1abfece0beff
SSDEEP

24576:F0NuKXR6J9j848KQbvqQClDCxowdNyMQ:F0tR6s4ybvqQW+dsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
OpcServices.dll

Files

OpcServices.dll
.dll windows:6 windows x86 arch:x86

884f8834c68c97ae66679975fe6755ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

OpcServices.pdb

Imports

msvcrt

isspace
wcsstr
memcpy
ldiv
_strtoui64
_strtoi64
sprintf_s
strcspn
memchr
localeconv
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
_ftol2
isupper
___lc_codepage_func
__crtLCMapStringA
_except_handler4_common
_onexit
___mb_cur_max_func
__uncaught_exception
setlocale
?terminate@@YAXXZ
isalnum
isdigit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
abort
tolower
__mb_cur_max
_errno
__pctype_func
_amsg_exit
_initterm
_XcptFilter
memset
__crtLCMapStringW
_vsnwprintf
__crtGetStringTypeW
_vsnprintf
_wcsicmp
islower
__CxxFrameHandler3
_purecall
??0exception@@QAE@ABQBD@Z
memcpy_s
memmove_s
malloc
_callnewh
_CxxThrowException
free
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
___lc_handle_func
??0exception@@QAE@XZ

kernel32

CreateFiber
TzSpecificLocalTimeToSystemTime
InitializeCriticalSectionAndSpinCount
GetTempPathW
FileTimeToDosDateTime
FileTimeToLocalFileTime
HeapAlloc
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
DelayLoadFailureHook
GetProcAddress
GetLastError
InterlockedCompareExchange
LoadLibraryExA
InterlockedIncrement
InterlockedDecrement
CloseHandle
FlushFileBuffers
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSection
lstrlenW
SwitchToFiber
WaitForSingleObject
SetEvent
CreateEventW
CreateThread
DeleteFiber
FreeLibrary
HeapFree
GetDynamicTimeZoneInformation
GetLocalTime
CreateFileW
LoadLibraryW
InitOnceBeginInitialize
OutputDebugStringA
InitOnceComplete
DebugBreak
CompareStringOrdinal
SetFilePointerEx
WriteFile
ReadFile
GetFileSizeEx
SetEndOfFile
WideCharToMultiByte
OutputDebugStringW
MultiByteToWideChar
ConvertThreadToFiber
SetLastError

oleaut32

GetErrorInfo
SetErrorInfo
VariantClear
VariantInit
SysAllocString
SysFreeString
SysReAllocString
SysStringLen
SysAllocStringLen

advapi32

EventRegister
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
EventUnregister
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
EventWrite

ole32

CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
StringFromGUID2

urlmon

CreateUri

shlwapi

ord12

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

884f8834c68c97ae66679975fe6755ce

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

advapi32

ole32

urlmon

shlwapi

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 102KB - Virtual size: 101KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 102KB - Virtual size: 101KB