adhesive[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

adhesive.dll
Size

15.7MB
MD5

466e946c4ed3c76ebea734382c8f55a3
SHA1

0203b2d0cf32bd785e767d7b24966cbb2b1b4503
SHA256

d687fef3864e439fe339c58a0830e1dca9b27220199a05d2200d8cac4154dc5b
SHA512

5c7dbf5a571028f2c7e946699da53a7a9aff69b008e687ae11285b751d7c23e410182060e0cf8172b53cffa8586496ad6584c218534481cb45a72c396b4089e9
SSDEEP

393216:B/ZessuBZDmHcpdYIy9C7hsJre2sQED/Gsf9mcY+:1ucfB7hsiQELGcwC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adhesive.dll

Files

adhesive.dll
.dll windows:6 windows x64 arch:x64

b6c14d8bbc7806833d0e759d32e25c64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

crypt32

CertFindCertificateInStore

ws2_32

setsockopt

v8

?New@Function@v8@@SA?AV?$MaybeLocal@VFunction@v8@@@2@V?$Local@VContext@v8@@@2@P6AXAEBV?$FunctionCallbackInfo@VValue@v8@@@2@@ZV?$Local@VValue@v8@@@2@HW4ConstructorBehavior@2@W4SideEffectType@2@@Z

kernel32

FindNextFileW
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetProcessWindowStation
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

shell32

SHGetKnownFolderPath

net

?GetGUID@NetLibrary@@QEAA_KXZ

ros-patches-five

?IDidntDoNothing@@YAXXZ

net-base

?ToString@PeerAddress@net@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

citizen-resources-client

?GetLength@ResourceCacheDeviceV2@resources@@UEAA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

citizen-resources-core

?OnInitializeInstance@ResourceManager@fx@@2V?$fwEvent@PEAVResourceManager@fx@@@@A

vfs-core

?SetPathPrefix@Device@vfs@@UEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

scripting-gta

?RegisterNativeHandler@ScriptEngine@fx@@SAX_KV?$function@$$A6AXAEAVScriptContext@fx@@@Z@std@@@Z

rage-device-five

?OnInitialMount@fiDevice@rage@@2V?$fwEvent@$$V@@A

rage-nutsnbolts-five

?OnGameFrame@@3V?$fwEvent@$$V@@A

msvcp140

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

concrt140

?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z

setupapi

SetupDiDestroyDeviceInfoList

rpcrt4

RpcStringFreeA

vcruntime140

memmove

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-math-l1-1-0

_dclass

api-ms-win-crt-stdio-l1-1-0

_fileno

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-string-l1-1-0

_stricmp

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-convert-l1-1-0

strtoll

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_time64

bcrypt

BCryptGenRandom

advapi32

RegisterEventSourceW

oleaut32

SysStringLen

wtsapi32

WTSSendMessageW

Exports

Exports

CreateComponent
a
b

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfx0
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cfx1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c14d8bbc7806833d0e759d32e25c64

Headers

DLL Characteristics

File Characteristics

Imports

winmm

crypt32

ws2_32

v8

kernel32

user32

shell32

net

ros-patches-five

net-base

citizen-resources-client

citizen-resources-core

vfs-core

scripting-gta

rage-device-five

rage-nutsnbolts-five

msvcp140

concrt140

setupapi

rpcrt4

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

bcrypt

advapi32

oleaut32

wtsapi32

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 116KB - Virtual size: 190KB

.pdata Size: 116KB - Virtual size: 115KB

.cfx0 Size: 9.0MB - Virtual size: 9.0MB

.cfx1 Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 33KB - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 116KB - Virtual size: 190KB

.pdata
Size: 116KB - Virtual size: 115KB

.cfx0
Size: 9.0MB - Virtual size: 9.0MB

.cfx1
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB