SyncHostps[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SyncHostps.dll
Size

10KB
MD5

9c4beea91bf503f951fa38d40b993c77
SHA1

16e8ab9e1b77da3fde433ac7b6e56ed306c8e4ef
SHA256

4a11d6e544428d12580232e3d428a86676f6c9874cb00c49133d51956831bea0
SHA512

fafa6bce0e8a98ef0da126a9ef951ca73d809f824156b55ec60cfa3c3fe0846ac5eabbdf392d21971c67dc1a6cfb87657ca3b163a10fb5e1d40cc3072cc2181d
SSDEEP

192:Ag7grjqkT0O+oYccm5iAp00/qUPzRWq9WFA:AgYJ0O+oYccSUUFWq9W+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SyncHostps.dll

Files

SyncHostps.dll
.dll regsvr32 windows:10 windows x86 arch:x86

c81a1e7403c51bc76645a5a228c1dfa5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SyncHostPS.pdb

Imports

msvcrt

_except_handler4_common
_initterm
malloc
free
_amsg_exit
_XcptFilter
memcmp

combase

ord3
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_CountRefs
CStdStubBuffer_AddRef
ord2
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
CStdStubBuffer_QueryInterface

rpcrt4

NdrOleAllocate
IUnknown_Release_Proxy
NdrOleFree
IUnknown_AddRef_Proxy
NdrDllCanUnloadNow
NdrDllUnregisterProxy
NdrDllGetClassObject
NdrDllRegisterProxy
IUnknown_QueryInterface_Proxy

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
DisableThreadLibraryCalls

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c81a1e7403c51bc76645a5a228c1dfa5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

combase

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 864B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 1024B - Virtual size: 552B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 864B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 1024B - Virtual size: 552B