IndexedDbLegacy[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

IndexedDbLegacy.dll
Size

188KB
MD5

f542e312bd84ffe6efd555b62233f053
SHA1

fcd841561a5806d1be42f3ce3d20b6a957e91ce2
SHA256

f710695dc0cd5336f613a3517f03ccce9babd7b8d29b09c41d94db6863f9e09f
SHA512

96a735a75c078b59046e7bc8e48330da7815a3dc6cf3580dbf7cfc7119cfa5b947ec31b70cc78a1c133556176544c45f82fca59b327aee3af4fb0558b69519b9
SSDEEP

3072:DO+EZlPiCMlJA6uI+j0z+iEh30XFtYNfWuxJAlaYFmqNMFo:DO1MbF+grw2HYNfWFmqaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
IndexedDbLegacy.dll

Files

IndexedDbLegacy.dll
.dll windows:10 windows x86 arch:x86

87ec0cf5d14d4a8c38bd6f46a8b5fa31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

IndexedDbLegacy.pdb

Imports

msvcrt

??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
?what@exception@@UBEPBDXZ
_CxxThrowException
memcpy
memmove
memmove_s
_purecall
mbstowcs_s
_ftol2_sse
floor
__CxxFrameHandler3
memcmp
_onexit
__dllonexit
_unlock
_lock
_except_handler4_common
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_initterm
malloc
free
_amsg_exit
_ftol2
_callnewh
_XcptFilter
_vsnprintf_s
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
memcpy_s
_vsnwprintf
memset

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameW
GetModuleFileNameA
GetModuleHandleW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-processthreads-l1-1-0

GetCurrentThread
TerminateProcess
GetCurrentProcess
CreateThread
GetCurrentProcessId
OpenProcessToken
OpenThreadToken
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessageVa

api-ms-win-core-sysinfo-l1-1-0

GetLocalTime
GetTickCount
GetSystemTimeAsFileTime
GetSystemTime

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
RaiseException
GetLastError
SetLastError
UnhandledExceptionFilter

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-synch-l1-1-0

CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
InitializeCriticalSection
DeleteCriticalSection
ReleaseSemaphore
LeaveCriticalSection
CreateSemaphoreExW
EnterCriticalSection
CreateEventW
SetEvent
WaitForMultipleObjectsEx
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
ResetEvent
CreateMutexW
WaitForSingleObject
ReleaseMutex
ReleaseSRWLockShared
InitializeSRWLock
AcquireSRWLockExclusive
AcquireSRWLockShared

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventRegister
EventUnregister

oleaut32

SafeArrayCreate
VariantClear
SysFreeString
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SafeArrayDestroy
SafeArrayUnlock
VariantCopyInd
SafeArrayCopy
SafeArrayGetVartype
VariantInit
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound

api-ms-win-core-heap-l2-1-0

GlobalFree
LocalAlloc
GlobalAlloc
LocalFree

api-ms-win-core-com-l1-1-0

CreateStreamOnHGlobal
CoTaskMemFree

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-file-l1-1-0

FindFirstFileW
GetDiskFreeSpaceExW
FindClose
FindNextFileW
DeleteFileW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentVariableW

api-ms-win-core-path-l1-1-0

PathCchAddBackslash
PathCchRemoveFileSpec

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc

ntdll

NtQueryInformationToken
ZwQueryWnfStateData
RtlQueryPackageClaims
RtlNtStatusToDosError

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-security-base-l1-1-0

GetTokenInformation
GetSidSubAuthority
CopySid
GetSidSubAuthorityCount

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualFree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

GetIndexedDbLegacyFunctions

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wpp_sf
Size: 512B - Virtual size: 341B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ec0cf5d14d4a8c38bd6f46a8b5fa31

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-eventing-provider-l1-1-0

oleaut32

api-ms-win-core-heap-l2-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-synch-l1-2-1

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

ntdll

api-ms-win-security-sddl-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-errorhandling-l1-1-2

api-ms-win-core-memory-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

api-ms-win-core-apiquery-l1-1-0

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.wpp_sf Size: 512B - Virtual size: 341B

.data Size: 3KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

.didat Size: 512B - Virtual size: 312B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 168KB - Virtual size: 168KB

.wpp_sf
Size: 512B - Virtual size: 341B

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

.didat
Size: 512B - Virtual size: 312B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB