LithiumBeta[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

LithiumBeta.dll
Size

7.7MB
MD5

0c8de855b86f3fe27e5af94064207b5f
SHA1

b7935a26577052a60298c2f3fa39e1459b1d5ad6
SHA256

63721b8533fd7d22e1e1b3d3041db680988435eef26b5446ae10745eeedf6c9c
SHA512

f57f66a1afa533613f7f2382915595998ed14828029903e8f4fde310a0bd911474f58f13f87bc2e9281a69ad275d4e4a27b67e52160de62471982de7120e5769
SSDEEP

196608:7A/l3WoBrJkQ1x0fCU1SbDmm0/yvIOsu7RFumUK:ql35kQ12rkXayvHuJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LithiumBeta.dll

Files

LithiumBeta.dll
.dll windows:6 windows x86 arch:x86

1b624e4ba1658340e6e861d24fbc117d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CallWindowProcA
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

vcruntime140

_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_errno

api-ms-win-crt-stdio-l1-1-0

fopen_s

api-ms-win-crt-string-l1-1-0

tolower

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-filesystem-l1-1-0

_unlock_file

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-math-l1-1-0

_libm_sse2_cos_precise

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b624e4ba1658340e6e861d24fbc117d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

wtsapi32

Sections

.text Size: - Virtual size: 2.3MB

.rdata Size: - Virtual size: 36KB

.data Size: - Virtual size: 834KB

.upx0 Size: - Virtual size: 4.9MB

.upx1 Size: 7.7MB - Virtual size: 7.7MB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 2.3MB

.rdata
Size: - Virtual size: 36KB

.data
Size: - Virtual size: 834KB

.upx0
Size: - Virtual size: 4.9MB

.upx1
Size: 7.7MB - Virtual size: 7.7MB

.reloc
Size: 2KB - Virtual size: 1KB