engine[.]dll | Triage

Resubmissions

02/08/2024, 19:21

240802-x2xafs1grf 3

Sharing

Copy URL Twitter E-mail

General

Target

engine.dll
Size

3.3MB
MD5

b40370913036d5fe5cd655d6f4d0dfb8
SHA1

bf65d1a57c96bd1c68f9e9b9a45ad675e8390430
SHA256

511ae5fe91750705ffaf783b8b6778c912657751d8cbdfad74a18301fab73027
SHA512

939e778c56e37ada3c7276d592f872fda5ad72019d339bf4564aab119fe1a0d61f0a0508efb25c963e2873327945abc3d1076183244819997c2545bd425fcff0
SSDEEP

49152:tIboN4wKGl1VVSbG5G729tEwkFKR8rgP571NljWceVd3TXY/222:qEN6GlF5IAEwkFOOSdoce/k/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
engine.dll

Files

engine.dll
.dll windows:5 windows x86 arch:x86

9a827b29c7da6510bcd807d6fac6b3a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SVN\local\linzx\Release\AutoMacro\AutoMouseKey_Full.pdb

Imports

gdiplus

GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipDisposeImage
GdipFree
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipBitmapSetPixel
GdipDrawImageRectRectI
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectI

kernel32

InterlockedExchangeAdd
CreateDirectoryW
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetDriveTypeW
DuplicateHandle
AllocConsole
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
lstrcmpA
GetSystemInfo
VirtualAlloc
VirtualFree
GetModuleHandleA
lstrcatA
FormatMessageW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetCurrentProcessId
GetVersionExA
CompareStringW
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
SetEvent
CreateEventW
GetThreadLocale
FindClose
FindNextFileW
FindFirstFileW
GlobalGetAtomNameW
QueryPerformanceCounter
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
SetErrorMode
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
GetFileSizeEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
SetStdHandle
GetFileType
RtlUnwind
HeapReAlloc
GetCommandLineA
RaiseException
ExitProcess
ExitThread
HeapSize
VirtualQuery
GetTimeZoneInformation
HeapCreate
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
GetExitCodeProcess
LocalFree
GetDriveTypeA
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
SetEnvironmentVariableW
QueryPerformanceFrequency
FlushFileBuffers
WriteFile
SetFilePointer
WriteConsoleW
GetStdHandle
GetConsoleWindow
MulDiv
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
VirtualProtectEx
VirtualQueryEx
GetCurrentThreadId
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrlenA
ReadFile
CreateProcessW
GetStartupInfoW
CreatePipe
WaitForSingleObject
ExpandEnvironmentStringsW
GetModuleHandleW
IsBadWritePtr
GetFileSize
GetFileTime
LoadLibraryA
TerminateThread
GetPrivateProfileIntW
lstrcmpiW
GetTickCount
GetSystemDefaultLCID
SuspendThread
ResumeThread
Beep
InterlockedDecrement
InterlockedIncrement
DeleteFileW
GetFileAttributesW
CreateThread
CopyFileW
SetCurrentDirectoryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetFileTime
CreateFileW
lstrcmpW
FlushInstructionCache
VirtualProtect
TlsGetValue
FreeConsole
GetCurrentThread
SetThreadPriority
TlsSetValue
Sleep
WideCharToMultiByte
SetCurrentDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
TlsFree
GetCurrentDirectoryW
IsBadReadPtr
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateMutexW
SetLastError
GetVersionExW
TlsAlloc
GetLastError
GetCurrentProcess
lstrcpynW
lstrcpyW
GetModuleFileNameW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenW
GetModuleFileNameA
MultiByteToWideChar
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
GetCommandLineW

user32

DeferWindowPos
AdjustWindowRectEx
RegisterClassW
GetClassInfoExW
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetClassLongW
GetCapture
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
DestroyMenu
CharNextW
GetSysColorBrush
UnregisterClassW
CopyAcceleratorTableW
GetNextDlgGroupItem
PostThreadMessageW
CharUpperW
SetRectEmpty
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
SetMenuInfo
GetMenuItemInfoW
IsMenu
GetMenuItemID
ModifyMenuW
MessageBoxA
wsprintfW
ChildWindowFromPoint
IsClipboardFormatAvailable
EndPaint
BeginPaint
GetCursorInfo
ClientToScreen
SetMenu
TrackPopupMenu
CreatePopupMenu
CreateMenu
SetLayeredWindowAttributes
SetParent
FlashWindowEx
ShowCaret
HideCaret
EnumChildWindows
SetFocus
GetNextDlgTabItem
DestroyAcceleratorTable
GetActiveWindow
IsWindowEnabled
GetDesktopWindow
CreateAcceleratorTableW
GetWindowLongW
IsDialogMessageW
TranslateAcceleratorW
WindowFromDC
DrawIconEx
GetIconInfo
GetCursor
AttachThreadInput
GetWindowThreadProcessId
GetWindowDC
GetScrollInfo
VkKeyScanW
MessageBeep
InsertMenuW
RegisterClassExW
DefWindowProcW
GrayStringW
DrawTextExW
TabbedTextOutW
GetWindowTextLengthW
FrameRect
DestroyWindow
ChangeClipboardChain
SetClipboardViewer
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
WindowFromPoint
ReleaseCapture
SetCapture
SetCursor
LoadCursorW
GetFocus
InflateRect
GetComboBoxInfo
DrawTextW
CopyRect
GetSysColor
SetActiveWindow
ExitWindowsEx
SetTimer
CreateWindowExW
IntersectRect
GetDlgCtrlID
EndDialog
GetForegroundWindow
DialogBoxParamW
SetWindowTextW
GetDlgItem
RedrawWindow
RemoveMenu
GetSubMenu
LoadMenuW
LockWindowUpdate
GetParent
EnableMenuItem
GetMenuItemCount
UpdateWindow
IsZoomed
PtInRect
InvalidateRect
GetMessageW
SetWindowPos
SetForegroundWindow
ShowWindow
DrawIcon
IsIconic
RegisterHotKey
UnregisterHotKey
MoveWindow
SetWindowLongW
PostMessageW
CheckMenuItem
DeleteMenu
OffsetRect
AppendMenuW
GetSystemMenu
LoadBitmapW
mouse_event
KillTimer
SetClipboardData
EmptyClipboard
EnumWindows
GetClassNameW
IsWindowVisible
GetWindowTextW
CloseClipboard
GetClipboardData
OpenClipboard
RegisterClipboardFormatW
IsWindow
EqualRect
SetRect
MessageBoxW
keybd_event
GetAsyncKeyState
SetCursorPos
GetKeyState
GetCursorPos
IsChild
FindWindowW
GetClassInfoW
LoadIconW
LoadImageW
LoadImageA
DispatchMessageW
TranslateMessage
SetScrollInfo
GetMenu
SystemParametersInfoA
GetWindowPlacement
CreateDialogIndirectParamW
GetLastActivePopup
GetMenuStringW
InvalidateRgn
SetWindowRgn
DrawFocusRect
GetWindow
PeekMessageW
ReleaseDC
GetDC
SetPropW
CallWindowProcW
RemovePropW
GetPropW
GetMenuState
DrawStateW
FillRect
PrintWindow
GetMenuInfo
ScreenToClient
GetWindowRect
SystemParametersInfoW
GetSystemMetrics
GetKeyNameTextW
MapVirtualKeyW
SendMessageW
GetClientRect
EnableWindow
IsRectEmpty

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
Rectangle
GetBkMode
Ellipse
CreateFontW
CreateHatchBrush
GetMapMode
CreatePatternBrush
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
ExcludeClipRect
LineTo
MoveToEx
GetCurrentObject
StretchBlt
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateEllipticRgn
LPtoDP
GetRgnBox
CombineRgn
CreateRectRgnIndirect
DeleteObject
DPtoLP
CreateRectRgn
RoundRect
GetPixel
GetBitmapBits
CreatePen
GetBkColor
GetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectW
DeleteDC
GetDeviceCaps
CreateDCW
CreateBitmap
CreateDIBSection
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetBitmapBits
GetTextExtentPointA
GetTextMetricsA
GetTextMetricsW
CreatePalette
CreateDIBitmap
SetBkColor
SetBkMode
SetTextColor
GetClipBox

msimg32

TransparentBlt
GradientFill

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyW
GetUserNameW
RegDeleteKeyW
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
DragQueryFileW
DragFinish
ShellExecuteExW
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathRelativePathToW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize

oleaut32

SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantChangeType
VariantInit
VariantCopy
VariantClear
SafeArrayDestroy
OleCreateFontIndirect
GetErrorInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

PlaySoundW

winhttp

WinHttpReceiveResponse
WinHttpOpen
WinHttpConnect
WinHttpReadData
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpSendRequest

iphlpapi

GetAdaptersInfo

Exports

Exports

InitApp
MsgFilter
PlayFile
PlayPack
StartApp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 546KB - Virtual size: 545KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9a827b29c7da6510bcd807d6fac6b3a2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

winmm

winhttp

iphlpapi

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 546KB - Virtual size: 545KB

.data Size: 80KB - Virtual size: 456KB

.rsrc Size: 235KB - Virtual size: 234KB

.reloc Size: 167KB - Virtual size: 167KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 546KB - Virtual size: 545KB

.data
Size: 80KB - Virtual size: 456KB

.rsrc
Size: 235KB - Virtual size: 234KB

.reloc
Size: 167KB - Virtual size: 167KB