SyncInfrastructureps[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

SyncInfrastructureps.dll
Size

17KB
MD5

7836a61daf675031d7257fabe8425edb
SHA1

fe397ae0b5574f8ca981d420ceb6640744d87ae7
SHA256

c8e90400eac54d560c34e2a51785a2e4c9920859cab94864392611c71b5d2c35
SHA512

1f3d1d3cb915feb1011935d7bd9f24241bcef9f5a31e90754f6a20d30bd8fcd66781bee5255ef2766a2a1c9b3ad84f4f7d71c64261dc4aebcd43f9ef0b5b1cda
SSDEEP

192:ic4AG1ThzQos7ea6Xw25b1u/nBpadtoNTWMAuQLXRGMZPQpqKWqkUeTWVZ+l:wpNhjnu/nBpafohW37wRWqkhTWVZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SyncInfrastructureps.dll

Files

SyncInfrastructureps.dll
.dll regsvr32 windows:6 windows x86 arch:x86

324f6e31086c2e4ee7cb186b1ccf443a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SyncInfrastructurePS.pdb

Imports

msvcrt

_except_handler4_common
_initterm
malloc
free
_amsg_exit
_XcptFilter
memcmp

kernel32

GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
DisableThreadLibraryCalls
TerminateProcess
SetUnhandledExceptionFilter

combase

ord8
ord4
ord2
ord9
ord5
ord12
ord10
ord7
ord3
ord11
ord6

oleaut32

BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserSize
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserMarshal
BSTR_UserMarshal
LPSAFEARRAY_UserSize

rpcrt4

CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerQueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllUnregisterProxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

324f6e31086c2e4ee7cb186b1ccf443a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

combase

oleaut32

rpcrt4

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.orpc Size: 512B - Virtual size: 340B

.data Size: 512B - Virtual size: 928B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.orpc
Size: 512B - Virtual size: 340B

.data
Size: 512B - Virtual size: 928B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 2KB - Virtual size: 1KB