SortWindows61[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SortWindows61.dll
Size

40KB
MD5

214784bc4412b28a110b708dcd49744d
SHA1

fcbd3f750c8e618661403553cad0c8f6d78e9201
SHA256

2d9f1f9373774c835a278d039a0a6ed0a9700279ed92468f9850118ba7551f8c
SHA512

7c612ffe7e20328dbe0419f1903070b2a9cb2193468185b09b049fc8f143b932a7cf094bc87e0bd0085f610ad64134cdfe97a848a6a5baf821cdbed20833255e
SSDEEP

768:D281B1uxHsJNy74Fq23qYW1zC4/u8N9Z:31BCHsJNqon3qYo/u8L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SortWindows61.dll

Files

SortWindows61.dll
.dll windows:6 windows x86 arch:x86

17988c287127f6a65351b5a1c51421a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SortWindows61.pdb

Imports

msvcrt

_except_handler4_common
_initterm
malloc
bsearch
free
_amsg_exit
_XcptFilter
memset

ntdll

RtlFreeHeap
RtlAllocateHeap

kernel32

GetCurrentProcessId
MapViewOfFile
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
CloseHandle
CreateFileMappingW
CreateFileW
SetLastError
Sleep
QueryPerformanceCounter
GetSystemWindowsDirectoryW

Exports

Exports

SortCloseHandle
SortGetHandle

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ