chartv[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

chartv.dll
Size

131KB
MD5

dd20fffafe9bde81ce67388fad0ee214
SHA1

24cd5130c7bc8c555570af971e9fb1b6c25ae39f
SHA256

cec20d6a7255f8cc1b736d70cca13c5f97b174859cf8a7dfa9f8e9bca6764560
SHA512

eb7ff72358a10ce50cfc38468222605a0b8f47dd051205c4d296608139b4e99e67c3f2d297c2b8ba15a59d5c2ef237940143d7031697b57bfe15ce67a410122d
SSDEEP

1536:3Z5Wdp3sXeKdJHc5J3nf4DtjlG8hiwz8jVb9GTVrKjbnuZbxiOitNgNjKhki8t:pQdpRJv8hlHiwz8jVR2ruCiODjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
chartv.dll

Files

chartv.dll
.dll windows:6 windows x64 arch:x64

639c32980aa675c4c8fcd7d6ffea7232

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

chartv.pdb

Imports

msvcrt

?name@type_info@@QEBAPEBDXZ
_purecall
memmove
_vsnwprintf
??2@YAPEAX_K@Z
wcsncmp
_XcptFilter
_amsg_exit
free
malloc
_initterm
__C_specific_handler
memset
memcmp
cos
ceilf
ceil
atan2
??3@YAXPEAX@Z
??1type_info@@UEAA@XZ
sin

ntdll

EtwEventRegister
EtwEventUnregister
EtwEventWrite
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

user32

GetParent
SetCapture
ReleaseCapture
TrackMouseEvent
GetWindowLongPtrW
DefWindowProcW
SendMessageW
InvalidateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
EndPaint
BeginPaint
RegisterClassExW
LoadStringW
SetWindowLongPtrW
DrawTextW
FillRect
SetRect
GetDC
ReleaseDC
SetCursor
GetClientRect
LoadCursorW
IsRectEmpty
PtInRect
GetSysColor
GetWindowLongW
EqualRect
IntersectRect
CopyRect

kernel32

TerminateProcess
DelayLoadFailureHook
ResolveDelayLoadedAPI
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
InitializeCriticalSection
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetUserDefaultLocaleName
MulDiv
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream
OleDuplicateData

gdi32

Polygon
GetTextExtentPoint32W
SetLayout
SetTextColor
GetDeviceCaps
CreateFontW
CreatePen
SetBkMode
CreateHatchBrush
GetStockObject
CreateSolidBrush
Ellipse
Pie
Rectangle
DeleteObject
Polyline
LineTo
MoveToEx
SelectClipRgn
CreateRectRgn
GetLayout
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
SelectObject
CreateDCW
BitBlt

gdiplus

GdipDrawRectangleI
GdiplusShutdown
GdipFillRectangleI
GdipDrawLinesI
GdipDrawPolygonI
GdipFillPolygonI
GdipDrawPieI
GdipFillPieI
GdipCreateFont
GdipCreateFontFamilyFromName
GdipSetSolidFillColor
GdipSetPenDashCap197819
GdipSetPenDashStyle
GdiplusStartup
GdipSetPenWidth
GdipSetPenColor
GdipResetClip
GdipSetClipRectI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipDeleteFont
GdipDeleteFontFamily
GdipDeletePen
GdipDeleteGraphics
GdipCloneBrush
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreatePen1
GdipCreateSolidFill

Exports

Exports

CvCloseDataSource
CvCreateDataSource
CvGetData
CvGetDataSourceName
CvInitialize
CvSetData
CvSetDataSourceName
CvUninitialize

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

639c32980aa675c4c8fcd7d6ffea7232

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

user32

kernel32

ole32

gdi32

gdiplus

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 4KB - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 5KB

.didat Size: 512B - Virtual size: 88B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 4KB - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 5KB

.didat
Size: 512B - Virtual size: 88B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB