c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e.dll
Size

2.5MB
MD5

91681de8bfda5e0e0b4199df1c22f71a
SHA1

00c8f13daa10581a06d8fe3983159e83fcaf4c8c
SHA256

c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e
SHA512

00c1206b25317434c3d26d20b46696329b9c932778cecf4a3f9fd32b4a70dfedad71e37926196c31a28b483131989f9e146863038129139d4935a5579042aceb
SSDEEP

49152:NjybmkFiXO5zFEY8M2nWgdfLd9Q/+a4zgpfd4XZeH6XNndzPhvmmTgPB:NSmvetFE84WgP9faRpf6i6XNlhv3gB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e.dll

Files

c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e.dll
.dll windows:5 windows x86 arch:x86

8588c87e2dab8ee4c9c791c9af9d3346

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

InitializeAcl

gdi32

FlattenPath
SetROP2
Chord
GetMetaFileA
SelectClipPath

winmm

waveInGetDevCapsA

kernel32

LoadLibraryExW
OutputDebugStringA
LoadLibraryExA
GetModuleFileNameA
GetBinaryTypeA
CancelIo
AssignProcessToJobObject
GetSystemTimeAsFileTime
LoadLibraryW

version

VerQueryValueA

user32

IsCharLowerW
DeleteMenu
LoadAcceleratorsW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dJikU40
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJv48hjo
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ