c29a130805c2f71b1c78f48816de499ffc24a67ef8ad708b92988a02844930ba

Sharing

Copy URL Twitter E-mail

General

Target

c29a130805c2f71b1c78f48816de499ffc24a67ef8ad708b92988a02844930ba
Size

288KB
MD5

82d75d9eea43314d2ff9a73426cd7b21
SHA1

6748faab735e80ccd8eb53bc7ae6620a724fa0ea
SHA256

c29a130805c2f71b1c78f48816de499ffc24a67ef8ad708b92988a02844930ba
SHA512

73785b46ab4d3d6d17edd16590f0901a2dff6d71b2430221297592ecf2a2a2f37be6abd53db74eff490b62a2c04f5449140d1b50053340091e2fb4180a3b9be3
SSDEEP

6144:ypZgfQsE+ddleXqOCSEIKwzy3AOsL6+L2:yE/fddlZSE32/L2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c29a130805c2f71b1c78f48816de499ffc24a67ef8ad708b92988a02844930ba

Files

c29a130805c2f71b1c78f48816de499ffc24a67ef8ad708b92988a02844930ba
.dll windows:6 windows x86 arch:x86

6e5e69b454e7b25264187f727bfed70b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\source\repos\Dll1\Release\Dll1.pdb

Imports

kernel32

VirtualAlloc
CreateThread
CloseHandle
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
GetLastError
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
ReadFile
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetFileType
SetFilePointerEx
GetConsoleMode
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetFileSizeEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
CreateFileW
HeapSize
SetEndOfFile
WriteConsoleW

Exports

Exports

Hdfes_bind_double
Hdfes_bind_int
Hdfes_bind_int64
Hdfes_bind_null
Hdfes_bind_parameter_count
Hdfes_bind_parameter_index
Hdfes_bind_parameter_name
Hdfes_bind_text
Hdfes_bind_text16
Hdfes_bind_value
Hdfes_bind_zeroblob
Hdfes_blob_bytes
Hdfes_blob_close
Hdfes_blob_open
Hdfes_blob_read
Hdfes_blob_reopen
Hdfes_blob_write
Hdfes_busy_handler
Hdfes_busy_timeout
Hdfes_changes
Hdfes_clear_bindings
Hdfes_close
Hdfes_collation_needed
Hdfes_collation_needed16
Hdfes_column_blob
Hdfes_column_bytes
Hdfes_column_bytes16
Hdfes_column_count
Hdfes_column_database_name
Hdfes_column_database_name16
Hdfes_column_decltype
Hdfes_column_decltype16
Hdfes_column_double
Hdfes_column_int
Hdfes_column_int64
Hdfes_column_name
Hdfes_column_name16
Hdfes_column_origin_name
Hdfes_column_origin_name16
Hdfes_column_table_name
Hdfes_column_table_name16
Hdfes_column_text
Hdfes_column_text16
Hdfes_column_type
Hdfes_column_value
Hdfes_commit_hook
Hdfes_compileoption_get
Hdfes_compileoption_used
Hdfes_complete
Hdfes_complete16
Hdfes_config
Hdfes_context_db_handle
Hdfes_create_collation
Hdfes_create_collation16
Hdfes_create_collation_v2
Hdfes_create_function
Hdfes_create_function16
Hdfes_create_function_v2
Hdfes_create_module
Hdfes_create_module_v2
Hdfes_data_count
Hdfes_db_config
Hdfes_db_filename
Hdfes_db_handle
Hdfes_db_mutex
Hdfes_db_readonly
Hdfes_db_release_memory
Hdfes_db_status
Hdfes_declare_vtab
Hdfes_enable_load_extension
Hdfes_enable_shared_cache
Hdfes_errcode
Hdfes_errmsg
Hdfes_errmsg16
Hdfes_exec
Hdfes_expired
Hdfes_extended_errcode
Hdfes_extended_result_codes
Hdfes_file_control
Hdfes_finalize
Hdfes_free
Hdfes_free_table
Hdfes_get_autocommit
Hdfes_get_auxdata
Hdfes_get_table
Hdfes_global_recover
Hdfes_initialize
Hdfes_interrupt
Hdfes_last_insert_rowid
Hdfes_libversion
png_access_version_number
png_build_grayscale_palette
png_check_cHRM_fixed
png_check_sig
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_struct
png_destroy_struct_2
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_asm_flagmask
png_get_asm_flags
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pixel_aspect_ratio
png_get_pixels_per_meter
png_get_progressive_ptr
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_meter
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_malloc
png_malloc_default
png_malloc_warn
png_memcpy_check
png_memset_check
png_mmx_support
png_permit_empty_plte
png_permit_mng_features
png_process_data
png_progressive_combine_row
png_read_end
png_read_image
png_read_info
png_read_init
png_read_init_2
png_read_init_3
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_asm_flags
png_set_bKGD
png_set_background
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_dither
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gray_1_2_4_to_8
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_progressive_read_fn
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_strip_error_numbers
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_init
png_write_init_2
png_write_init_3
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e5e69b454e7b25264187f727bfed70b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 7KB

.gfids Size: 1024B - Virtual size: 900B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 1024B - Virtual size: 900B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 10KB - Virtual size: 9KB