delegatorprovider[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

delegatorprovider.dll
Size

25KB
MD5

0b0d994eeff244acf98f6d8c949ab131
SHA1

c0936fcefbe922611b2f2984f55d455d699a2848
SHA256

f64dc2ae9ebb8e22652f2c6bd76e0c850ff35d6971641143ff9a7c7053881bb9
SHA512

9b6565a4ce4d4e58e7f58ff19279d2fd7ce848b4bf92df59f23bf7c6cb39c5b5bc6dfe9b2882f7727bbfa4ff7b10ece28116c19f805ca4b9b09c05112fc78a46
SSDEEP

384:6Ynn8Rv7MoB5KAB9iQvSswpMRw4Li+0OKFLj/1JaZHFic69rve6Do4pKu1ITx0ai:0RA0+sJeMSwOzFLjalic6Vv7c8KGZJA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
delegatorprovider.dll

Files

delegatorprovider.dll
.dll windows:6 windows x64 arch:x64

3c01dce603e5f23913ea3f0e80347089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

DelegatorProvider.pdb

Imports

msvcrt

__dllonexit
_unlock
fopen_s
_lock
??1type_info@@UEAA@XZ
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
__CxxFrameHandler3
_onexit
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@XZ
_CxxThrowException
_callnewh
fflush
fwprintf
??0exception@@QEAA@AEBQEBDH@Z
malloc
free
vfwprintf
fclose
memcpy_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
memmove_s

api-ms-win-core-synch-l1-2-0

WaitForSingleObject
Sleep
ReleaseMutex
CreateMutexW

oleaut32

VariantInit
VariantClear

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetProcAddress
LoadLibraryExW

api-ms-win-core-registry-l1-1-0

RegGetValueA

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentThreadId
TerminateProcess
GetCurrentProcess
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-2-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-1

UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c01dce603e5f23913ea3f0e80347089

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-synch-l1-2-0

oleaut32

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-rtlsupport-l1-2-0

api-ms-win-core-errorhandling-l1-1-1

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 972B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 148B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 972B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 148B