056cdb544f37d5bd97e9d78d6afdd23279681ca849e25d377b6a04f5da8108e0[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

056cdb544f37d5bd97e9d78d6afdd23279681ca849e25d377b6a04f5da8108e0.dll
Size

188KB
MD5

9bae6b37c68fccca453e2dd0f33b113d
SHA1

aaf2b005c2a21abe4c5b8bf029eea2afee2d5549
SHA256

056cdb544f37d5bd97e9d78d6afdd23279681ca849e25d377b6a04f5da8108e0
SHA512

0730cf11d0bc99a491e945fd181223bb40b0128fe042ca0b999f742b18eaeafe0c4fb640f4fb178fdc594358fe16c50d89fbe03355983577b9009cc19b42a3ef
SSDEEP

3072:1hkmmmmmmmmmJJ+uMK7pq+N2B5mZS7kmmmmmmmmmpAmcZfwxb603tfNiwcD7Nxmo:16mmmmmmmmmj+uMAMY2B5mZS7kmmmmmR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056cdb544f37d5bd97e9d78d6afdd23279681ca849e25d377b6a04f5da8108e0.dll

Files

056cdb544f37d5bd97e9d78d6afdd23279681ca849e25d377b6a04f5da8108e0.dll
.dll windows:5 windows x86 arch:x86

ac93ce0d3d1fc80cb7289efe7198517e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VarBstrFromI4

crypt32

CryptVerifyMessageSignature
CertGetCRLFromStore

avifil32

AVIStreamInfoW

user32

TranslateMessage
NotifyWinEvent
TileWindows
GetMenuState
UnpackDDElParam
ChildWindowFromPointEx
RegisterClassA

shlwapi

SHRegGetBoolUSValueW
StrFromTimeIntervalW

rpcrt4

RpcServerUseProtseqExW

setupapi

CM_Free_Log_Conf_Handle
SetupDiGetDeviceInterfaceDetailA

lz32

LZClose

netapi32

NetSessionDel
NetGroupGetUsers

gdi32

Pie
GetICMProfileA
BitBlt

pdh

PdhExpandWildCardPathHW

esent

JetRollback

msvcrt

ftell

shell32

Shell_NotifyIconA

ole32

StgSetTimes

opengl32

glEvalCoord2f

advapi32

ReportEventA
SetPrivateObjectSecurity
RegLoadAppKeyW

winmm

mixerGetControlDetailsA
mciSendStringW

kernel32

GetLogicalDriveStringsW
LocalHandle
SetProcessAffinityMask
GetModuleHandleA
CloseHandle
LoadLibraryExA
LoadLibraryA
OutputDebugStringA
SetProcessShutdownParameters

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00wwO
Size: 120KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac93ce0d3d1fc80cb7289efe7198517e

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

crypt32

avifil32

user32

shlwapi

rpcrt4

setupapi

lz32

netapi32

gdi32

pdh

esent

msvcrt

shell32

ole32

opengl32

advapi32

winmm

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.00wwO Size: 120KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.00wwO
Size: 120KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 3KB