ec156cb0f64588f8c34a7d45c57b250779143cf3816081829810a017f0cf966f[.]dll

General

Target

ec156cb0f64588f8c34a7d45c57b250779143cf3816081829810a017f0cf966f.dll
Size

7KB
MD5

b3017435b63a99f6a3037cfe0c7c8b1e
SHA1

41a582b60f099b65f95ac64e1a5cdce0356a6b6f
SHA256

ec156cb0f64588f8c34a7d45c57b250779143cf3816081829810a017f0cf966f
SHA512

0545420a282027c38754c532415ccdcbcd25d931cd90745da76edb7e0bf73172102aa0198f5b391a650eaad2de4262f8456c9f1da8a59fb273adee11d3aeb5d5
SSDEEP

96:WSVl/7KOuFlKHMpXGu8FX6eT3sQk1u2QmIG4fa9IJ4V:WSVl+hSs2u85TTHkZQmgy9I0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec156cb0f64588f8c34a7d45c57b250779143cf3816081829810a017f0cf966f.dll

Files

ec156cb0f64588f8c34a7d45c57b250779143cf3816081829810a017f0cf966f.dll
.dll windows:6 windows x86 arch:x86

9f4228b95ba1827b2dc7f6da088b955c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityDescriptorDacl
IsTextUnicode
InitializeSecurityDescriptor

user32

CharNextExA
CharPrevW
CharNextW
SendMessageW
wsprintfW
FindWindowExW

kernel32

IsDBCSLeadByteEx
MultiByteToWideChar
CopyFileW
lstrlenW
lstrcatW
lstrcpyW
GetCommandLineW
CreateFileW
DeleteFileW
GetTempFileNameW
ReadFile
CloseHandle
CreatePipe
PeekNamedPipe
WaitForSingleObject
Sleep
GetCurrentProcess
ExitProcess
TerminateProcess
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
GetVersion
GetTickCount
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalReAlloc
GlobalFree
lstrcmpiW
lstrcpynW
lstrcpyA

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f4228b95ba1827b2dc7f6da088b955c

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 244B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 244B