CallButtons[.]ProxyStub[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

CallButtons.ProxyStub.dll
Size

12KB
MD5

6a084be7bbb190ba9a353bb9fec68490
SHA1

0042d27f8930af07a1cc2a9ad775258cecb79f0d
SHA256

5a1f215308e6058eda13d43a3581703f420ad97e768b4affdbaf1c2dfd80c5bc
SHA512

28bbea9f524bab7698d9928e819a83caf188b3a4bc7672d23d27a002ef4c55bf496313e8595da16bc2b8f7f4eeb4d6b5a732e449d58748dec2eb18dee0239936
SSDEEP

192:4MvhIvLHwwA/XfdEv02SXggx2EqW35WV3j+DuH:4bTE402agpbW35WVSD8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CallButtons.ProxyStub.dll

Files

CallButtons.ProxyStub.dll
.dll regsvr32 windows:6 windows x86 arch:x86

f3fc456fc8fd5f20a07e95f093f451f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

CallButtons.ProxyStub.pdb

Imports

rpcrt4

CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrStubForwardingFunction
NdrOleAllocate
NdrDllUnregisterProxy
CStdStubBuffer_CountRefs
NdrStubCall2
NdrDllGetClassObject
IUnknown_Release_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer2_Release
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllCanUnloadNow

api-ms-win-core-winrt-string-l1-1-0

HSTRING_UserMarshal
HSTRING_UserUnmarshal
HSTRING_UserFree
HSTRING_UserSize

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

combase

ord13
ord33
ord11
ord16
ord7
ord14
ord6
ord17
ord32
ord10
ord12
ord5
ord9
ord2
ord20
ord8
ord21
ord34
ord19
ord15
ord18

msvcrt

memcmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3fc456fc8fd5f20a07e95f093f451f0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

combase

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.orpc Size: 1024B - Virtual size: 526B

.data Size: 512B - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 932B

.text
Size: 6KB - Virtual size: 5KB

.orpc
Size: 1024B - Virtual size: 526B

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 932B