esentprf[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

esentprf.dll
Size

64KB
MD5

acc149b05735b392e26c6ac58a54ef63
SHA1

014f0abc1d64ecc1dc224263c4a1d4741cde8118
SHA256

2cfd2c59e838e882cfa742e81672b17789f82673bc8c4c3834e1381f49af2208
SHA512

1110a5a0639cab1e1264a3f3737b0ea1c233ad50bab1457ae8fd52ee8796c40fe651f721d56c15aaef67a6dba57eab05ac757e291f9d02ea9cf1e07806d44384
SSDEEP

768:VOW7RIl88qICzCC54G3eOWW2BwF21RYma0eksBAcHcVo3E:Vd7WlDedjNF21KmnevBAcHAo0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
esentprf.dll

Files

esentprf.dll
.dll windows:6 windows x64 arch:x64

150f1e5b23cbc276781a794376c159ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ESENTPRF.pdb

Imports

msvcrt

??2@YAPEAX_K@Z
wcstok_s
_amsg_exit
bsearch
__dllonexit
_vsnwprintf
_XcptFilter
malloc
qsort
free
_unlock
_onexit
wcstoul
_wcsicmp
_lock
wcschr
??3@YAXPEAX@Z
__C_specific_handler
_initterm
memcpy
memset

api-ms-win-core-memory-l1-1-2

UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
VirtualFree
VirtualAlloc
CreateFileMappingW

api-ms-win-core-synch-l1-2-0

ResetEvent
Sleep
SetEvent
WaitForSingleObject
CreateMutexW
OpenEventW
ReleaseMutex
OpenMutexW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

api-ms-win-core-errorhandling-l1-1-1

SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-processenvironment-l1-2-0

ExpandEnvironmentStringsW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-2-1

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-2-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-heap-obsolete-l1-1-0

LocalFree

api-ms-win-eventlog-legacy-l1-1-0

DeregisterEventSource

Exports

Exports

ClosePerformanceData
CollectPerformanceData
OpenPerformanceData

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

150f1e5b23cbc276781a794376c159ed

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-memory-l1-1-2

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-rtlsupport-l1-2-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-eventlog-legacy-l1-1-0

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 37KB - Virtual size: 52KB

.pdata Size: 1024B - Virtual size: 828B

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 36B

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 37KB - Virtual size: 52KB

.pdata
Size: 1024B - Virtual size: 828B

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 36B