CallButtons[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

CallButtons.dll
Size

74KB
MD5

4e3d8b8e06b0969dd988cc1a1b5af8ae
SHA1

2147cef6a18be5ce721887432d9b66cc94c83233
SHA256

5fdc25b0aabde47582f4fa919ba59a976566a1055cf7bd5068a7792db106e912
SHA512

5a1813b2de461aac0f7945bc2b7276f6a323871200c37dfd444f6e4150c1e5273329c31d84fa5ab3c99de0a9df87de896ea8c37448a311c19579e861e29fc768
SSDEEP

1536:1hZAFXXb6By0aTZwjJ9crQKV34YT0O+xRm/kH0nlC0u68P1cf5:nOFH9PCYTYxR+xH8Ncf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CallButtons.dll

Files

CallButtons.dll
.dll windows:6 windows x86 arch:x86

ea4f20f0314a260d2f914cdc7ddf2c6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

CallButtons.pdb

Imports

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_lock
_initterm
malloc
free
_except_handler4_common
_amsg_exit
_XcptFilter
memcmp
_purecall
??3@YAXPAX@Z
??1type_info@@UAE@XZ
realloc
_errno
memcpy_s
_vsnwprintf
atol
??_U@YAPAXI@Z
??_V@YAXPAX@Z
memmove_s
memset

hid

HidP_GetUsageValueArray
HidP_UnsetUsages
HidP_MaxUsageListLength
HidP_GetUsageValue
HidP_GetValueCaps
HidP_GetUsages
HidP_GetButtonCaps
HidP_SetUsageValue
HidP_SetUsages
HidP_SetUsageValueArray
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidP_GetSpecificValueCaps
HidP_GetLinkCollectionNodes

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-2-0

AcquireSRWLockShared
WaitForMultipleObjectsEx
ResetEvent
ReleaseSRWLockExclusive
Sleep
CreateEventW
WaitForSingleObject
AcquireSRWLockExclusive
InitializeSRWLock
SetEvent
ReleaseSRWLockShared

api-ms-win-core-winrt-error-l1-1-1

RoOriginateError
RoOriginateErrorW
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
RoTransformError
IsErrorPropagationEnabled

api-ms-win-core-winrt-string-l1-1-0

WindowsStringHasEmbeddedNull
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsCreateStringReference
WindowsConcatString
WindowsDeleteString
WindowsCreateString
WindowsDuplicateString

api-ms-win-core-com-l1-1-1

CoTaskMemFree
CoGetCallContext
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentProcess
CreateThread
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetTickCount64
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-1

RaiseException
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-winrt-l1-1-0

RoInitialize
RoGetActivationFactory

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal

rpcrt4

NdrClientCall2
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcStringFreeW
RpcBindingFree

api-ms-win-core-file-l1-2-1

WriteFile
ReadFile

api-ms-win-core-heap-l1-2-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-io-l1-1-1

CancelIo
GetOverlappedResult

ntdll

RtlPublishWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlNtStatusToDosError
RtlSubscribeWnfStateChangeNotification

api-ms-win-core-debug-l1-1-1

OutputDebugStringA

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea4f20f0314a260d2f914cdc7ddf2c6b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

hid

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-string-l1-1-0

rpcrt4

api-ms-win-core-file-l1-2-1

api-ms-win-core-heap-l1-2-0

api-ms-win-core-io-l1-1-1

ntdll

api-ms-win-core-debug-l1-1-1

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB