ContactActivation[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

ContactActivation.dll
Size

46KB
MD5

f261d92de9efb9b79e8704c02e999f2f
SHA1

81c4d907d176457ac6b406569f51596f15c581a6
SHA256

34e13ed45cbfead366ba88a1afabe8e226ba897ddb4375be19b20210385b88dc
SHA512

48a205bb8ad6a6bbadc0b03d1130474ede4f1316757d7e5a297a3bd016293d072f52adc3692acbdc80c50a664501d6169b1c19aeb77ecce73c98bbfd5d389742
SSDEEP

768:PYrAVt1WhuNUWUgIc0g58GRZ9FvVqUXidfY26XeYMLiY/5Eqh63PncU2Omp6UvzF:aAPxUvgIc0g1RZjvVtXieSYMLiY/5Eqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ContactActivation.dll

Files

ContactActivation.dll
.dll windows:10 windows x86 arch:x86

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ContactActivation.pdb

Imports

msvcrt

_callnewh
_amsg_exit
realloc
_purecall
memmove_s
memcpy
_except_handler4_common
_XcptFilter
_onexit
__dllonexit
_unlock
_lock
__CxxFrameHandler3
free
malloc
_initterm
memcmp
memset

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString
WindowsIsStringEmpty

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetLastError

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
CreateEventExW
InitializeSRWLock
ReleaseSRWLockShared
SetEvent

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoWaitForMultipleObjects
CoTaskMemAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

api-ms-win-shcore-stream-winrt-l1-1-0

CreateStreamOverRandomAccessStream

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

userdatatypehelperutil

ReadStreamContentA
GetStreamSize

Exports

Exports

AwaitContactPickerResults
ContactToVCardString
DeserializeContactFromString
SerializeContactToString
SerializeContactToVCard
ShowContactPickerAsync
VCardStringToContact

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2525b0b82dcc9efdda5a8552f317881c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-shcore-stream-winrt-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

userdatatypehelperutil

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 972B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 972B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB