inetcomm[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

inetcomm.dll
Size

1009KB
MD5

291402d208db3270cea3618bf2f83233
SHA1

c1b25caf394dc850aad09e95bb7caac683e4e900
SHA256

cfb559c6c9a699184e1d5f0dcdfb42f9ebfc9606292ca9b2a38a2a26543d0435
SHA512

fae531eb3c15fa9471c38052cdb25efb371a56700446701b637a206ea432a349272dd424a2574f707be420e2048a4193dc8b12eb9dc7091f62d3213171f2c84a
SSDEEP

24576:ilKgfx5jz2SqQ5hgdqy/Ybfruw7aCSI+J/WrB:87fx5jz2+L8qVbVaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
inetcomm.dll

Files

inetcomm.dll
.dll windows:6 windows x64 arch:x64

54cfedc96364da6115d8960475e19cd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

inetcomm.pdb

Imports

msvcrt

_onexit
__dllonexit
wcschr
iswspace
strrchr
??3@YAXPEAX@Z
_purecall
memmove
strtoul
strtol
strchr
free
calloc
isspace
malloc
_ltoa
iswalpha
_XcptFilter
_amsg_exit
_initterm
__C_specific_handler
_lock
_unlock
atoi
??2@YAPEAX_K@Z
_vsnprintf
_vsnwprintf
memcmp
memcpy
memset
strcmp

msoert2

MessageBoxInstW
FInitializeRichEdit
HrStreamSeekSet
HrCopyStreamCB
HrCopyStream
PszToANSI
PszToUnicode
PszDupW
UlStripWhitespaceW
FIsSpaceW
OpenFileStream
PszSkipWhiteA
PszDupA
CleanupFileNameInPlaceA
PszAllocA
CleanupFileNameInPlaceW
PszAllocW
FIsEmptyW
HrSafeGetStreamSize
HrCopyStreamCBEndOnCRLF
IsDigit
HrDecodeObject
PVDecodeObject
HrStreamSeekCur
IsUpper
PszScanToCharA
HrIndexOfMonth
HrIndexOfWeek
HrFindInetTimeZone
PszMonthFromIndex
PszDayFromIndex
PszSkipWhiteW
FIsEmptyA
FreeTempFileList
CreateTempFileW
AppendTempFileList
WriteStreamToFileHandle
ReplaceCharsW
CryptAllocFunc
CryptFreeFunc
PVGetCertificateParam
SzGetCertificateEmailAddress
FMissingCert
ord160
OpenFileStreamW
OpenFileStreamShareW
HrGetStreamSize
HrCopyLockBytesToStream
HrGetStreamPos
StripCRLF
CreateEnumFormatEtc
HrCopyStreamToByte
CchFileTimeToDateTimeSz
CchFileTimeToDateTimeW
CreateTempFileStream
StrToUintW
PszFromANSIStreamA
ChConvertFromHex
HrGetCertificateParam
PVGetMsgParam
HrGetMsgParam
IVoidPtrList_CreateInstance
IUnknownList_CreateInstance
ord27
ord26
ord25
ord22
ord21
ord18
StrTokExA
StrToUintA
ord65
ord64
ord62
HrCreatePhonebookEntry
HrEditPhonebookEntryW
HrFillRasCombo
ord16
CreateLogFile
PszScanToWhiteA
ord46
FBuildTempPathW
ord210
ord211
FIsSpaceA
ord200
ord159
HrCheckTridentMenu
HrCreateTridentMenu
UpdateRebarBandColors
ord42
FIsHTMLFileW
HrIStreamWToBSTR
HrGetElementImpl
BrowseForFolderW
HrBSTRToLPSZ
HrSetDirtyFlagImpl
fGetBrowserUrlEncoding
WriteStreamToFileW
HrGetBodyElement
HrGetStyleSheet
CreateDataObject
GetTopMostParent
ord1
HrIStreamToBSTR
GetHtmlCharset
HrIsStreamUnicode
HrLPSZToBSTR
HrRewindStream
HrLPSZCPToBSTR
HrStreamToByte
RicheditStreamOut
RicheditStreamIn
SetFontOnRichEd
GetRichEdClassStringW
CenterDialog
IsValidFileIfFileUrlW
ord69
UnlocStrEqNW

shlwapi

StrCmpNIW
UrlCanonicalizeW
StrCmpNIA
PathFindExtensionA
PathFindFileNameW
PathFindExtensionW
StrStrA
StrCmpW
StrCmpIW
StrStrW
StrStrIW
ord157
ord158
ord219
UrlIsW
ord154
PathCreateFromUrlW
PathRemoveFileSpecW
ord176
StrDupW
StrCmpNA
ord153
StrToInt64ExA
StrToIntW
StrToInt64ExW
PathFindFileNameA
StrStrIA
UrlGetPartW
ord213
SHRegCloseUSKey
SHRegCreateUSKeyW
StrTrimA
SHStrDupW
PathIsDirectoryW
PathIsContentTypeW
StrFormatByteSizeW
PathQuoteSpacesW
AssocQueryKeyW
StrChrA
PathAppendW
UrlCombineW
PathFileExistsW
StrPBrkW
SHGetValueA
SHSetValueA
ord172
SHQueryValueExW
SHSetValueW
ord199
ord12
ord212
ord184
ord214
SHAutoComplete
wnsprintfW
StrChrW
SHRegGetBoolUSValueA
StrCmpNW
ord217
StrToIntA

advapi32

GetTraceLoggerHandle
GetTraceEnableFlags
RegisterTraceGuidsA
UnregisterTraceGuids
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextW
CryptGetProvParam
CryptReleaseContext
CryptAcquireContextA
CryptContextAddRef
CryptDuplicateKey
CryptSetProvParam
RegQueryInfoKeyA
RegEnumKeyExA
TraceEvent
CryptGenRandom
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptGetHashParam
GetTraceEnableLevel

gdi32

GetObjectA
CreateDIBSection
SelectObject
BitBlt
StretchBlt
DeleteDC
GetDIBits
SetDIBits
DeleteObject
GetDeviceCaps
SaveDC
CreateCompatibleBitmap
SetBkMode
SetBkColor
SetTextColor
RestoreDC
GetTextMetricsA
GetTextExtentPoint32W
CreateSolidBrush
PatBlt
EnumFontFamiliesExW
GetTextExtentPoint32A
ExtTextOutW
GetLayout
Rectangle
Ellipse
TranslateCharsetInfo
CreateFontIndirectA
EnumFontFamiliesExA
CreateCompatibleDC

kernel32

GetStringTypeExW
GetLocaleInfoA
CopyFileW
CreateFileW
Beep
GetVersionExA
MulDiv
GetWindowsDirectoryW
RtlMoveMemory
GetSystemDefaultLCID
LoadLibraryA
GetProcAddress
LoadLibraryExA
ExpandEnvironmentStringsA
HeapAlloc
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalSize
GlobalFree
lstrcmpiW
LocalFree
LocalAlloc
lstrcmpW
GetFileSize
RemoveDirectoryW
DeleteFileW
CompareStringW
CloseHandle
GetACP
IsValidCodePage
GetThreadUILanguage
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetCurrentThreadId
CompareStringA
IsDBCSLeadByte
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetTimeZoneInformation
GetLastError
SystemTimeToFileTime
GetSystemTime
GetSystemTimeAsFileTime
lstrcmpA
IsDBCSLeadByteEx
lstrcmpiA
HeapFree
DeleteCriticalSection
FreeLibrary
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
GetFileAttributesW
WaitForSingleObject
GetFileAttributesExW
SetLastError
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
CreateThread
FormatMessageW
CreateEventA
SetEvent
ResetEvent
ReleaseMutex
WaitForMultipleObjects
OpenThread
GetExitCodeThread
SetErrorMode
GetTimeFormatA
GetDateFormatA
CompareFileTime
CreateSemaphoreA
ReleaseSemaphore
GetModuleHandleA
GetUserDefaultUILanguage
GetModuleFileNameW
LoadLibraryW
HeapReAlloc
GetModuleHandleExW
FreeLibraryAndExitThread
CreateActCtxA
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
GetSystemWindowsDirectoryA
GetModuleFileNameA
DelayLoadFailureHook
ResolveDelayLoadedAPI
GetModuleHandleW
GetProcessHeap

oleacc

ObjectFromLresult

user32

RegisterClassW
CharLowerW
CharNextW
CreateDialogParamA
CharNextExA
DialogBoxParamA
SetForegroundWindow
PostQuitMessage
PeekMessageA
CreateWindowExA
GetWindowThreadProcessId
RegisterClipboardFormatA
MessageBoxW
LoadStringW
CharUpperW
SendDlgItemMessageA
LoadStringA
CharLowerA
CharPrevExA
IsWindow
LoadMenuA
GetSubMenu
RemoveMenu
DestroyMenu
DialogBoxParamW
SendMessageA
GetDlgItem
SetWindowTextW
CheckRadioButton
SetWindowLongPtrA
EnableWindow
GetWindowLongPtrA
GetWindowTextW
IsDlgButtonChecked
EndDialog
ShowWindow
GetKeyboardLayoutList
DrawTextW
SendMessageW
GetDC
ReleaseDC
LoadImageA
DestroyWindow
GetKeyState
SetFocus
GetClassInfoExA
LoadCursorA
GetSysColorBrush
RegisterClassExA
GetWindowLongA
CreateWindowExW
GetClientRect
DefWindowProcA
EnableMenuItem
GetWindowRect
TrackPopupMenu
GetParent
GetSystemMetrics
SetWindowPos
InvalidateRect
UpdateWindow
GetScrollInfo
PostMessageA
GetFocus
GetClassNameA
IsWindowVisible
CopyRect
ClientToScreen
FillRect
GetSysColor
BeginPaint
EndPaint
DrawTextExW
RegisterWindowMessageA
CallWindowProcA
MapWindowPoints
GetClassInfoW
UnregisterClassA
LoadIconA
EnableScrollBar
ScrollWindow
SetScrollPos
GetWindowTextLengthW
DeferWindowPos
BeginDeferWindowPos
ShowScrollBar
SetScrollInfo
EndDeferWindowPos
CreateDialogParamW
SetWindowLongPtrW
PostMessageW
GetWindowPlacement
SetWindowPlacement
LoadAcceleratorsW
TranslateAcceleratorW
KillTimer
SetTimer
GetCapture
SetCursor
SystemParametersInfoA
IsChild
CheckMenuItem
AppendMenuA
DrawEdge
InflateRect
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
MessageBeep
SetPropA
MoveWindow
GetWindow
RemovePropA
CheckMenuRadioItem
GetWindowTextA
GetMenuStringA
GetMenuStringW
GetPropA
GetDlgCtrlID
TranslateMessage
DispatchMessageA
GetClassInfoA
RegisterClassA
CharNextA
TrackMouseEvent
FrameRect
SetDlgItemTextW
CopyIcon
DestroyIcon
CreatePopupMenu
InsertMenuItemA
GetMenuItemCount
DrawIconEx
CallWindowProcW
GetMenuItemInfoA

Exports

Exports

CreateCommunityTransport
CreateIMAPTransport
CreateIMAPTransport2
CreateNNTPTransport
CreatePOP3Transport
CreateRASTransport
CreateRangeList
CreateSMTPTransport
DllCanUnloadNow
DllGetClassObject
EssContentHintDecodeEx
EssContentHintEncodeEx
EssKeyExchPreferenceDecodeEx
EssKeyExchPreferenceEncodeEx
EssMLHistoryDecodeEx
EssMLHistoryEncodeEx
EssReceiptDecodeEx
EssReceiptEncodeEx
EssReceiptRequestDecodeEx
EssReceiptRequestEncodeEx
EssSecurityLabelDecodeEx
EssSecurityLabelEncodeEx
EssSignCertificateDecodeEx
EssSignCertificateEncodeEx
GetDllMajorVersion
HrAthGetFileName
HrAthGetFileNameW
HrAttachDataFromBodyPart
HrAttachDataFromFile
HrCreateDisplayNameWithSizeForFile
HrDoAttachmentVerb
HrFreeAttachData
HrGetAttachIcon
HrGetAttachIconByFile
HrGetDisplayNameWithSizeForFile
HrGetLastOpenFileDirectory
HrGetLastOpenFileDirectoryW
HrSaveAttachToFile
HrSaveAttachmentAs
MimeEditCreateMimeDocument
MimeEditDocumentFromStream
MimeEditGetBackgroundImageUrl
MimeEditIsSafeToRun
MimeEditViewSource
MimeGetAddressFormatW
MimeOleAlgNameFromSMimeCap
MimeOleAlgStrengthFromSMimeCap
MimeOleClearDirtyTree
MimeOleConvertEnrichedToHTML
MimeOleCreateBody
MimeOleCreateByteStream
MimeOleCreateHashTable
MimeOleCreateHeaderTable
MimeOleCreateMessage
MimeOleCreateMessageParts
MimeOleCreatePropertySet
MimeOleCreateSecurity
MimeOleCreateVirtualStream
MimeOleDecodeHeader
MimeOleEncodeHeader
MimeOleFileTimeToInetDate
MimeOleFindCharset
MimeOleGenerateCID
MimeOleGenerateFileName
MimeOleGenerateMID
MimeOleGetAllocator
MimeOleGetBodyPropA
MimeOleGetBodyPropW
MimeOleGetCertsFromThumbprints
MimeOleGetCharsetInfo
MimeOleGetCodePageCharset
MimeOleGetCodePageInfo
MimeOleGetContentTypeExt
MimeOleGetDefaultCharset
MimeOleGetExtContentType
MimeOleGetFileExtension
MimeOleGetFileInfo
MimeOleGetFileInfoW
MimeOleGetInternat
MimeOleGetPropA
MimeOleGetPropW
MimeOleGetPropertySchema
MimeOleGetRelatedSection
MimeOleInetDateToFileTime
MimeOleObjectFromMoniker
MimeOleOpenFileStream
MimeOleParseMhtmlUrl
MimeOleParseRfc822Address
MimeOleParseRfc822AddressW
MimeOleSMimeCapAddCert
MimeOleSMimeCapAddSMimeCap
MimeOleSMimeCapGetEncAlg
MimeOleSMimeCapGetHashAlg
MimeOleSMimeCapInit
MimeOleSMimeCapRelease
MimeOleSMimeCapsFromDlg
MimeOleSMimeCapsFull
MimeOleSMimeCapsToDlg
MimeOleSetBodyPropA
MimeOleSetBodyPropW
MimeOleSetCompatMode
MimeOleSetDefaultCharset
MimeOleSetPropA
MimeOleSetPropW
MimeOleStripHeaders
MimeOleUnEscapeStringInPlace
MimeOleUnEscapeStringInPlaceW
RichMimeEdit_CreateInstance

Sections

.text
Size: 932KB - Virtual size: 932KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54cfedc96364da6115d8960475e19cd0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

msoert2

shlwapi

advapi32

gdi32

kernel32

oleacc

user32

Exports

Exports

Sections

.text Size: 932KB - Virtual size: 932KB

.data Size: 10KB - Virtual size: 12KB

.pdata Size: 35KB - Virtual size: 34KB

.idata Size: 16KB - Virtual size: 16KB

.didat Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 932KB - Virtual size: 932KB

.data
Size: 10KB - Virtual size: 12KB

.pdata
Size: 35KB - Virtual size: 34KB

.idata
Size: 16KB - Virtual size: 16KB

.didat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 7KB