admparse[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

admparse.dll
Size

71KB
MD5

ac1a21c0e2360e384dd2e6e4344b3210
SHA1

a3cfea6b5c021d807366f751317e8069eae6274f
SHA256

a038b4b0ee42cc771fe68f99418261e024eb3483a27efd19821990cb699708c5
SHA512

835168e973a4aa72608625f2645cf9c5f2edf93089cd9d25a44548aca215e5348e28a909b52a6b067127bd7cc888ce09df6c46f481d3b07f42a42ee1953279f9
SSDEEP

1536:Wmjj0KXCc2EmNUU6mIBRQzC9+i11qGLT:j3qc2N16XB+zCEiHV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
admparse.dll

Files

admparse.dll
.dll windows:6 windows x86 arch:x86

b3713dbd467034362cd14e822c432c47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

admparse.pdb

Imports

msvcrt

bsearch
_wcsicmp
_wcsnicmp
wcsncmp
memcpy
memset
??3@YAXPAX@Z
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CxxThrowException
_vsnwprintf

kernel32

MultiByteToWideChar
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
FreeLibrary
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
LoadResource
FindResourceExW
LocalReAlloc
GetPrivateProfileStringA
lstrlenA
GetLastError
WideCharToMultiByte
ReadFile
FormatMessageW
GetFileAttributesW
HeapFree
LocalFree
GetProcessHeap
CompareStringW
HeapReAlloc
HeapAlloc
lstrlenW
GetPrivateProfileStringW
CloseHandle
LocalAlloc
GetFileSize
CreateFileW
SetLastError
WritePrivateProfileSectionW
WritePrivateProfileStringW
lstrcmpW
GetPrivateProfileSectionW
GetModuleFileNameW
GetVersionExW
DeleteCriticalSection
DeleteAtom
FindAtomA
InitializeCriticalSection
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GlobalAlloc
AddAtomA
WriteFile
SetFilePointer
lstrcmpiW
InterlockedDecrement
InterlockedExchange
Sleep
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

DrawTextW
SetWindowPos
CreateWindowExW
GetScrollInfo
GetDC
ReleaseDC
GetParent
GetWindowRect
GetWindowTextW
DialogBoxParamW
CallWindowProcW
GetDlgItem
EnableWindow
GetDlgItemTextW
MessageBoxW
SetDlgItemTextW
EndDialog
SetWindowTextW
SendMessageW
MoveWindow
DestroyWindow
LoadCursorW
RegisterClassA
CreateWindowExA
GetWindowLongW
DefWindowProcW
SetScrollPos
SetWindowLongW
GetClientRect
LoadStringW
SetScrollRange
ShowWindow
UnregisterClassA

gdi32

GetTextExtentPoint32W
SelectObject
DeleteObject
GetStockObject
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps

shlwapi

ord217
PathFindFileNameW
ord346
StrCmpW
StrRChrW
StrCSpnW
StrSpnW
StrCmpNW
StrDupW
StrToIntW
StrCmpIW

oleaut32

SysFreeString
VariantInit
VariantClear
SysStringLen
SysAllocString

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

comctl32

ord16

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

mlang

ord113
ord112

Exports

Exports

AdmClose
AdmFinished
AdmInit
AdmReset
AdmSaveData
CheckDuplicateKeys
CreateAdmUi
DllMain
GetAdmCategories
GetFontInfo
IsAdmDirty
ResetAdmDirtyFlag

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3713dbd467034362cd14e822c432c47

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

shlwapi

oleaut32

ole32

comctl32

advapi32

mlang

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 53KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 53KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 5KB