547e81ee477ae73f30b4435bfa093d48082a0edfa3186a0e4af2eeab60b8d8e0[.]dll | Triage

Sharing

General

Target

547e81ee477ae73f30b4435bfa093d48082a0edfa3186a0e4af2eeab60b8d8e0.dll
Size

184KB
MD5

d34090815345e28dd3a62aa3872e472c
SHA1

abea10f0071e1f3785b16c55826c544b157ffe79
SHA256

547e81ee477ae73f30b4435bfa093d48082a0edfa3186a0e4af2eeab60b8d8e0
SHA512

34739649a44dc7f2a0cca1ce07aecbbc3b4b5a75117572cdef2708eac3f75a74d0ec6ee0888fb42e8dd215a0179b15cb612819cf4fba4615dc47653445a324f5
SSDEEP

3072:sZ/Aq5HJv6rBXHdH1iF3P74buGdSg4GeLfqMsnwXB:sbRQBXHtq3PUbt3te7Bsn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
547e81ee477ae73f30b4435bfa093d48082a0edfa3186a0e4af2eeab60b8d8e0.dll

Files

547e81ee477ae73f30b4435bfa093d48082a0edfa3186a0e4af2eeab60b8d8e0.dll
.dll windows:5 windows x86 arch:x86

296c5ce0ec7abebda668048df2df9b05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
LoadLibraryExA
LoadLibraryA
LoadLibraryW
CloseHandle
GetModuleHandleA
GetComputerNameA
GetProcessId

shlwapi

PathSearchAndQualifyW
StrDupA

advapi32

RegLoadAppKeyW
GetSidIdentifierAuthority
OpenServiceA

winmm

timeKillEvent
mmioSeek

iphlpapi

NotifyAddrChange

ole32

CoGetInterfaceAndReleaseStream

setupapi

SetupDiDeleteDeviceInterfaceData
SetupDiSetSelectedDevice

user32

CreateDialogIndirectParamA
TranslateMessage
SwapMouseButton

comdlg32

CommDlgExtendedError

oleaut32

SysReAllocString

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00wwO
Size: 120KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ