cmpbk32[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

cmpbk32.dll
Size

25KB
MD5

5a6b1769e64d94855c0dcb0b0a9abd6e
SHA1

89295f83d3045fa2bd9b600bd386278b6cc80891
SHA256

31e94fb1540fe9de63bb2e24dbdc6553b97a2dc371a4b27e42fc30bb0f9f5d2e
SHA512

23fb9c17ed60a64103e647c3ac5e54cc78b224932f6cb4acb8fb44336a1ef1b9181b426b6273caa79b90a4543140d775ae4c5da8350673b3c6bd8ea15dabfe5c
SSDEEP

768:wNThhCfmYqyGAUN0d4PC7Ta41mgLB5EVVx:q9AUu6yTxMgLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cmpbk32.dll

Files

cmpbk32.dll
.dll windows:6 windows x86 arch:x86

b3092c53dbd552540c6092c74cc2983b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmpbk32.pdb

Imports

msvcrt

_amsg_exit
_initterm
free
malloc
_XcptFilter
memset
memcpy
_vsnprintf

cmutil

GetOSVersion
GetOSMajorVersion
GetOSBuildNumber
CmRealloc
?GPPS@CIniA@@QBEPADPBD00@Z
?SetFile@CIniA@@QAEXPBD@Z
?GetFile@CIniA@@QBEPBDXZ
??0CIniA@@QAE@PAUHINSTANCE__@@PBD111@Z
CmFree
CmMalloc
CmMoveMemory
CmStrrchrA
CmStrCpyAllocA
?SetEntry@CIniA@@QAEXPBD@Z
?GPPI@CIniA@@QBEKPBD0K@Z
CmStrtokA
??1CIniA@@QAE@XZ

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleA
WriteFile
DeleteFileA
MoveFileA
GetLastError
GetPrivateProfileStringA
CompareStringW
CompareStringA
DisableThreadLibraryCalls
lstrlenW
SearchPathA
LoadLibraryA
GetProcAddress
FreeLibrary
SetLastError
lstrlenA
ReadFile
CloseHandle
CreateFileA

Exports

Exports

PhoneBookCopyFilter
PhoneBookEnumCountries
PhoneBookEnumNumbers
PhoneBookEnumNumbersWithRegionsZero
PhoneBookEnumRegions
PhoneBookFreeFilter
PhoneBookGetCountryId
PhoneBookGetCountryNameA
PhoneBookGetCountryNameW
PhoneBookGetCurrentCountryId
PhoneBookGetPhoneCanonicalA
PhoneBookGetPhoneDUNA
PhoneBookGetPhoneDescA
PhoneBookGetPhoneDispA
PhoneBookGetPhoneNonCanonicalA
PhoneBookGetPhoneType
PhoneBookGetRegionNameA
PhoneBookHasPhoneType
PhoneBookLoad
PhoneBookMatchFilter
PhoneBookMergeChanges
PhoneBookParseInfoA
PhoneBookUnload

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3092c53dbd552540c6092c74cc2983b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

cmutil

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB