PerceptionDevice[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

PerceptionDevice.dll
Size

150KB
MD5

e5f3cd12859d1cb7bea9d9071a7c1481
SHA1

d0c40875a83f0f38cf3bbe5606bfa1c3e17ced3b
SHA256

71aa41d5789dd871ce4aeb7bc8dcc2741cdf07a9caf141bdd46a8f021bf6b4e8
SHA512

32d28da571ec4c5da1ef44d10678561867c6a9f4686171aab72fb8d01e3c22019662d20ae259cf6669c861991f47dbecb604fb100905f08089bcc709e14427a3
SSDEEP

3072:UUJABnc29Pxqa7zOM4ZDL3bj1iz5phSVEgC5vgclPim3LrEcpSSYoMT:UB22rqz3t0pMEtr3rEcpPM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PerceptionDevice.dll

Files

PerceptionDevice.dll
.dll windows:10 windows x86 arch:x86

0da0b78c42225d755a324edd9d84d830

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

PerceptionDevice.pdb

Imports

msvcp_win

?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o_ceil
_o_free
_o_iswspace
_o_malloc
_except_handler4_common
_CxxThrowException
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler3
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
GetModuleHandleW

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
ResetEvent
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
WaitForSingleObject
InitializeCriticalSectionEx
DeleteCriticalSection
CreateEventW
SetEvent
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
AcquireSRWLockShared
ReleaseSRWLockShared
WaitForSingleObjectEx
ReleaseSRWLockExclusive

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError
RaiseException

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventSetInformation
EventUnregister

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
WaitOnAddress
WakeByAddressAll

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
SetRestrictedErrorInfo
GetRestrictedErrorInfo

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoTaskMemFree

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Unregister_Notification
CM_Register_Notification
CM_Get_Device_Interface_ListW
CM_MapCrToWin32Err

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
CloseThreadpoolWork

api-ms-win-core-io-l1-1-0

GetOverlappedResult
DeviceIoControl
GetQueuedCompletionStatus
CreateIoCompletionPort
CancelIoEx
PostQueuedCompletionStatus

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsDeleteString
WindowsCreateString
WindowsPromoteStringBuffer
WindowsDeleteStringBuffer
WindowsPreallocateStringBuffer

oleaut32

SysFreeString
SysStringLen

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

Exports

Exports

CreateSpatialObjectDDIClientFactory
PerceptionDeviceCreateFactory
PerceptionDeviceSetCreateFactoryOverride
_DllMain@12

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da0b78c42225d755a324edd9d84d830

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-devices-config-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

oleaut32

api-ms-win-core-string-l1-1-0

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 1KB - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 1KB - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB