api-ms-win-downlevel-ole32-l1-1-0[.]dll

General

Target

api-ms-win-downlevel-ole32-l1-1-0.dll
Size

4KB
MD5

8bcf720a0e3f47229f5b26051ad2d5b4
SHA1

1efd1baa75dbf3e394e56dc642505cd823845dbf
SHA256

1f543fcd0015de3ef9644d6e6ff6f0b21d41f7b4cd089c6f28fba602aee9c805
SHA512

e22bab3a4718eefb6d7ce47d88746d1f31bc2b3b324fa3c4cb815918aa4a79e3059b5d77778bbf02845bdde03fbb1c82769858d348146f2cc4d23b435eb1a5d4
SSDEEP

48:6yND4ux/tqgbTJpftnaAW/v00n3I0GIZWUnfBI56h/5Wwa:xNZEEtndW/v08mEW4UohWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-downlevel-ole32-l1-1-0.dll

Files

api-ms-win-downlevel-ole32-l1-1-0.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-downlevel-ole32-l1-1-0.pdb

Exports

Exports

CLSIDFromProgID
CLSIDFromString
CoCopyProxy
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoCreateInstanceEx
CoDisconnectObject
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetApartmentType
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoGetMarshalSizeMax
CoGetObjectContext
CoGetStdMarshalEx
CoGetTreatAsClass
CoImpersonateClient
CoInitializeEx
CoInitializeSecurity
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoRegisterClassObject
CoRegisterInitializeSpy
CoRegisterMessageFilter
CoReleaseMarshalData
CoRevertToSelf
CoRevokeClassObject
CoRevokeInitializeSpy
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateStreamOnHGlobal
FreePropVariantArray
GetHGlobalFromStream
IIDFromString
ProgIDFromCLSID
PropVariantClear
PropVariantCopy
StringFromCLSID
StringFromGUID2
StringFromIID

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 512B - Virtual size: 26B

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 512B - Virtual size: 26B