Impulse[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

Impulse.dll
Size

1.2MB
MD5

e89300f7c9512e5904fd006a12267898
SHA1

9d1c3ea00c80a11630d00f3dec38ce100f30dfa7
SHA256

01b91360c8f85726f29f29f3f55d9044ef9a43eff74ec30bd186e9e9713e5e01
SHA512

c3178a940793fb747fb6e681e06eba68f1b78ed9f68118b81be0636549b9a3ce0635e765b400b22f65f7ab898ce722d1a178f0e930b4a4edbe159e9eb64efb71
SSDEEP

24576:kN0qP7PIwf709oO936V4prP48drEeSPprhkCj+przr7r8r5FYbQAebrtDneQ6op5:SBQwT0X936V4prP48drEeSPprhkCj+pY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Impulse.dll

Files

Impulse.dll
.dll windows:6 windows x86 arch:x86

ee8b5f77bc5b84812a648bf194c41ef7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Leon\source\repos\Dll1\Release\Impulse.pdb

Imports

kernel32

GetFileAttributesExW
FindNextFileW
FindFirstFileW
FindClose
CreateFileW
FindFirstFileExW
AreFileApisANSI
GetFileInformationByHandleEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
LocalFree
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetModuleFileNameW
WideCharToMultiByte
K32QueryWorkingSetEx
VirtualProtect
VirtualAlloc
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
GetLastError
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
Process32FirstW
Process32NextW
OpenProcess
VirtualQuery
LoadLibraryW
ReadProcessMemory
LoadLibraryA
FreeLibrary
QueryPerformanceFrequency
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
VirtualFree
FormatMessageA
GetCurrentProcess
GetLocaleInfoEx
CloseHandle
CreateThread
ReleaseSRWLockExclusive

user32

LoadCursorW
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SendInput
WindowFromDC
GetAsyncKeyState
SetCursor
EnumWindows
GetWindowThreadProcessId
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
ReleaseCapture
SetCapture
GetCapture
TrackMouseEvent
IsWindowUnicode
GetMessageExtraInfo
GetClientRect
ScreenToClient
GetCursorPos
SetCursorPos
ClientToScreen
GetForegroundWindow
GetKeyState
GetSystemMetrics

msvcp140

?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPBDH@Z
??Bios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
_Thrd_sleep
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
_Xtime_get_ticks
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??1_Lockit@std@@QAE@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAE_J_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exceptions@std@@YAHXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
_Query_perf_counter
_Query_perf_frequency
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xlength_error@std@@YAXPBD@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?_Throw_Cpp_error@std@@YAXH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QAE@H@Z

opengl32

wglGetCurrentDC

vcruntime140

__std_exception_copy
_CxxThrowException
__std_type_info_destroy_list
__current_exception
__current_exception_context
memset
__FrameUnwindFilter
strstr
_purecall
_except_handler4_common
__CxxUnregisterExceptionObject
memmove
__std_exception_destroy
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
_get_stream_buffer_pointers
fwrite
fclose
_wfopen
fseek
fputc
ftell
ungetc
fgetc
fread
fflush
setvbuf
fsetpos
_fseeki64
__stdio_common_vsprintf
fgetpos
__acrt_iob_func
__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
terminate
_initterm
_cexit
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_beginthreadex
_execute_onexit_table
abort
_errno
_invalid_parameter_noinfo
_crt_atexit

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

winhttp

WinHttpOpenRequest
WinHttpOpen
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpConnect

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-string-l1-1-0

strncpy
_wcsicmp
strncmp

api-ms-win-crt-math-l1-1-0

_dsign
fmin
_dtest

api-ms-win-crt-time-l1-1-0

asctime
_gmtime64
strftime
_localtime64
_time64

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
localeconv

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-convert-l1-1-0

atof

mscoree

_CorDllMain

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 813KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee8b5f77bc5b84812a648bf194c41ef7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

opengl32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

winhttp

imm32

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

mscoree

Sections

.text Size: 354KB - Virtual size: 354KB

.rdata Size: 813KB - Virtual size: 813KB

.data Size: 5KB - Virtual size: 34KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 354KB - Virtual size: 354KB

.rdata
Size: 813KB - Virtual size: 813KB

.data
Size: 5KB - Virtual size: 34KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 4KB - Virtual size: 3KB