NcdProp[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

NcdProp.dll
Size

19KB
MD5

5ef8494b08da187e27a9a07546783c98
SHA1

219a811a38746e9d80bed794a2d6a4d753b9aeb2
SHA256

8e56f1c06a4020dd85da5f8caf8d8660dcddc99cffe1f745ae9cc2fec5779227
SHA512

394947d265ff903fe692ccc6c1c5aff833853e08960c937f69911749faaf5c822f449383b0442f9ac69127c4d3058fc9db1ead2c26f83a05e654c7e5269b2016
SSDEEP

384:CsbDdC8Z2KHyE1aEZXXKw3YmROp31A/CirgMiCVxgxWyOvtWE:C78Z9Hyl8JYmkMFeo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NcdProp.dll

Files

NcdProp.dll
.dll windows:6 windows x86 arch:x86

7423616e5c53dee8ce736f75ee4112d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

NcdProp.pdb

Imports

msvcrt

_amsg_exit
memset
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_except_handler4_common
_initterm
free
malloc
_XcptFilter
_vsnwprintf

kernel32

InterlockedCompareExchange
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
InterlockedExchange
GlobalLock
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
LoadLibraryA
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
OutputDebugStringA
DisableThreadLibraryCalls
GetCurrentProcessId

ole32

ReleaseStgMedium
PropVariantClear

oleaut32

VariantClear

user32

GetDlgItem
RegisterClipboardFormatW
DestroyIcon
SendDlgItemMessageW
ShowWindow
SendMessageW
EnableWindow
GetWindowLongW
SetWindowLongW
LoadStringW

shell32

ord25
ShellExecuteW
ord18
SHBindToParent
SHGetFileInfoW
ord155

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7423616e5c53dee8ce736f75ee4112d6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

ole32

oleaut32

user32

shell32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB