Squashier[.]dll

Resubmissions

11/07/2024, 11:17

240711-nd6dsawgkd 3

19/06/2024, 21:03

240619-zv9y3swckp 3

Sharing

Copy URL Twitter E-mail

General

Target

Squashier.dll
Size

641KB
MD5

f36c12e72bf48de88c15fbe2399cf55d
SHA1

bdb194484f54ff4dc85df6d9ce6c61db1580c2aa
SHA256

2d99d3170530577cafc7392d708d8d8c66caf56fef8c6487b4ce665301047b0e
SHA512

b452552c476527ad9f15aad1f8d7560b5e282b857f0a7834538156cbf725a2ed62aab7d671e46a170991ec09ab991d866b83e04b851739f3f6e1700b04b0757f
SSDEEP

12288:GvwRHbSC3qLlWyNgZHOJ3jF3UHKugcZbLBhgns:2MSaqoyNgs5NUHFbLHgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Squashier.dll

Files

Squashier.dll
.dll windows:6 windows x86 arch:x86

d996b905fcc978d4c31b9343936a7ead

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
SetLastError
VirtualFree
GetCurrentProcess
lstrlenW
WriteFile
ExpandEnvironmentStringsW
GetSystemDefaultUILanguage
VirtualAlloc
TerminateProcess
GetUserDefaultLangID
InitializeCriticalSectionEx
GetLargePageMinimum
lstrlenA
WaitForSingleObject
CreateFileW
GetCurrentThreadId
SuspendThread
GetModuleHandleA
GetSystemDefaultLangID
GetACP
HeapSize
GetCommandLineA
IsValidCodePage
GetTempPathA
GetTickCount64
GetLastError
GetThreadUILanguage
GetCurrentThread
LoadLibraryA
lstrcatW
GlobalAlloc
HeapReAlloc
CloseHandle
CreateThread
HeapAlloc
SetStdHandle
DecodePointer
HeapDestroy
GetCurrentProcessorNumber
GetProcAddress
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
FreeLibrary
GetEnvironmentStrings
lstrcpyW
IsBadReadPtr
GetSystemDefaultLCID
GetTickCount
SetUnhandledExceptionFilter
ResumeThread
ReadConsoleW
ReadFile
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetConsoleCtrlHandler
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
WriteConsoleW
GetCommandLineW
GetCPInfo
FindNextFileW
FindFirstFileExW
FindClose
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
GetOEMCP
QueryPerformanceCounter
CreateDirectoryW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
OutputDebugStringW
RaiseException
EnterCriticalSection
LeaveCriticalSection

user32

CharNextA
EnumThreadWindows
wsprintfW
GetLastActivePopup
GetSystemMenu
GetMessageExtraInfo
GetMessagePos
OpenIcon
GetMenu
GetFocus
GetCaretPos
IsWindowVisible
GetCursor
ArrangeIconicWindows
GetShellWindow
GetSubMenu
GetActiveWindow
IsWindow
AnyPopup
BeginDeferWindowPos
GetDlgCtrlID
GetDoubleClickTime
GetTopWindow
GetForegroundWindow
IsWindowEnabled
GetMessageTime
DestroyMenu
GetUpdateRect
EndMenu
IsWow64Message
GetWindowDC
EndDeferWindowPos
IsZoomed
UnregisterClassA
GetCaretBlinkTime
GetDesktopWindow
IsWindowUnicode
GetWindowTextLengthA
GetParent
IsIconic
GetCursorPos
BeginPaint
EndPaint
GetCapture

advapi32

RegDeleteKeyA
RegEnumKeyA

oleaut32

SysFreeString

Exports

Exports

DllInitialize
DllInstall
Export
GetDllVersion
InitDll
Init_Dll
Main
MainDll

Sections

.text
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.read
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.foobar
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

d996b905fcc978d4c31b9343936a7ead

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 492KB - Virtual size: 492KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 3KB - Virtual size: 1.9MB

.msp Size: 2KB - Virtual size: 2KB

.code Size: 512B - Virtual size: 56B

.read Size: 8KB - Virtual size: 7KB

.foobar Size: 512B - Virtual size: 28B

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 492KB - Virtual size: 492KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 3KB - Virtual size: 1.9MB

.msp
Size: 2KB - Virtual size: 2KB

.code
Size: 512B - Virtual size: 56B

.read
Size: 8KB - Virtual size: 7KB

.foobar
Size: 512B - Virtual size: 28B

.reloc
Size: 34KB - Virtual size: 33KB