batmeter[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

batmeter.dll
Size

1.9MB
MD5

2b8cc6f4d855fe128ce84956d54dc4fd
SHA1

85b2f97efa20e3ce194af3da89bedec8856845b6
SHA256

f32f18d44f9a6511c73ca1a9a4a6edad38aff23a15fd4c75d9aaaaf31526a506
SHA512

030e78ab914aa857769b8562fbf6531b97c9226c6f6430474c09d672240fe481058db8f7bb2cddfa78010ebb1f72b5f772c61ceeef2658f7978464b822aec2d8
SSDEEP

6144:R7P0LLLCLLeLLL9UXIFw3333333BF3xIH3:TXPIH3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
batmeter.dll

Files

batmeter.dll
.dll windows:6 windows x64 arch:x64

5f33e52e0e973f421a7741a081e1bbba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

batmeter.pdb

Imports

msvcrt

_unlock
_lock
__C_specific_handler
_initterm
malloc
_amsg_exit
qsort
_XcptFilter
_onexit
free
__dllonexit
memset

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtPowerInformation
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage

user32

LoadStringW
GetDC
LoadImageW
ReleaseDC
GetSysColor
GetSystemMetrics
DestroyIcon
RegisterDeviceNotificationW
PostMessageW
UnregisterDeviceNotification
SystemParametersInfoW

gdi32

DeleteObject
GetDIBits
DeleteDC
StretchBlt
SetStretchBltMode
SelectObject
CreateDIBSection
CreateCompatibleDC

kernel32

DeactivateActCtx
ReleaseActCtx
CreateActCtxW
ResolveDelayLoadedAPI
DelayLoadFailureHook
GetProcAddress
LoadLibraryExW
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
Sleep
QueueUserWorkItem
ResetEvent
WaitForSingleObject
SetEvent
GetSystemPowerStatus
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
CreateFileW
CloseHandle
SetLastError
CancelIo
GetOverlappedResult
WaitForMultipleObjects
DeviceIoControl
CreateEventW
ActivateActCtx
LocalAlloc
CompareStringOrdinal
LocalFree
GetTickCount
GetLastError
DisableThreadLibraryCalls
FormatMessageW

Exports

Exports

BatMeterIconAnimationReset
BatMeterIconThemeReset
BatMeterOnDeviceChange
CleanupBatteryData
CreateBatteryData
GetBatMeterIconAnimationState
GetBatMeterIconAnimationTimeDelay
GetBatMeterIconAnimationUpdate
GetBatteryCapacityInfo
GetBatteryDetails
GetBatteryImmersiveIcon
GetBatteryInfo
GetBatteryStatusText
GetBatteryWorkingState
IsBatteryBad
IsBatteryHealthWarningEnabled
IsBatteryLevelCritical
IsBatteryLevelLow
IsBatteryLevelReserve
PowerCapabilities
QueryBatteryData
SetBatteryHealthWarningState
SetBatteryLevel
SetBatteryWorkingState
SubscribeBatteryUpdateNotification
UnsubscribeBatteryUpdateNotification
UpdateBatteryData
UpdateBatteryDataAsync

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f33e52e0e973f421a7741a081e1bbba

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.didat Size: 512B - Virtual size: 72B

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.didat
Size: 512B - Virtual size: 72B

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 512B - Virtual size: 88B