api-ms-win-core-io-l1-1-1[.]dll | Triage

Sharing

General

Target

api-ms-win-core-io-l1-1-1.dll
Size

3KB
MD5

0973ef0717fe436de45dd4b0d5f6f4cd
SHA1

1fdedb74d8ebda4fd8cbce067190d44f413cee30
SHA256

ef06a73e38885cfa831cbfaa64f6d28438c62e9317b3506eb3d8b176711d0469
SHA512

f83a9bdf853c8e80991c500edf1721d15d8776b6601b7a027c64f0bccc368fb362cb1e93fd73e67d2a28ee9837fc69e5c5feecc130ff8a353c1ec4917be344ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-core-io-l1-1-1.dll

Files

api-ms-win-core-io-l1-1-1.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-io-l1-1-1.pdb

Exports

Exports

CancelIo
CancelIoEx
CancelSynchronousIo
CreateIoCompletionPort
DeviceIoControl
GetOverlappedResult
GetOverlappedResultEx
GetQueuedCompletionStatus
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus

Sections

.text
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ