1234[.]dllxxxxxxxxxxxxxxxxx | Triage

Submit
Reports

Overview

overview

3

Static

static

1

1234.dll

windows7-x64

3

1234.dll

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1234.dll

Resource

win7-20240705-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

1234.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

12 signatures

150 seconds

General

Target

1234.dllxxxxxxxxxxxxxxxxx
Size

1.3MB
MD5

523a4206740eb7ff56bb823b9f241cb6
SHA1

a62b6096fc1d53a219ea1e7fa8f0991a7e2daeb4
SHA256

57508d32f786eb73bf4831db896bb23dc7d4282cfe92c29b81f9ace9a00761c3
SHA512

81a46b23570fb9168641f328bb42713ac61553e5d48cb1e1b7ba931c963c039f4c4f30dbc0907780ee5886ee9987a026c8c900b88719c57cafd0cf49f3325c08
SSDEEP

24576:OLb606sGudbGtMDQ1/jVhVdcn0wx5UNmtRz/QW6z1q5fFM5b0h:OsKGB1/P4D0mfz/Q3z1qbM5b0h

Score

1^/10

Malware Config

Signatures

Files

1234.dllxxxxxxxxxxxxxxxxx
.dll regsvr32 windows:4 windows x86 arch:x86

3bca9563a63cc452f6a2cf90ce60b09a

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:ab:9b:2e:e6:79:14:b7:df:4c:47:95:40:de:c5:61
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

17/01/2007, 00:00

Not After

23/03/2010, 23:59

Subject

CN=Conduit Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Conduit Ltd.,ST=Israel,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Dvlp\EffectiveBrandToolbar\Release\tbedrs.pdb

Imports

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
CreatePropertySheetPageW
PropertySheetW
CreateToolbarEx
InitCommonControlsEx
ImageList_Create

wininet

HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetSetOptionA
InternetSetCookieW
FindCloseUrlCache
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
CommitUrlCacheEntryW
CreateUrlCacheEntryW
GetUrlCacheEntryInfoW
InternetGetConnectedState
HttpQueryInfoA
InternetCrackUrlW
InternetCrackUrlA
InternetSetOptionExA
InternetOpenA
HttpSendRequestA
InternetGetLastResponseInfoA
InternetConnectA
InternetQueryOptionA
HttpOpenRequestA
InternetCanonicalizeUrlW
InternetCanonicalizeUrlA
HttpOpenRequestW
FindFirstUrlCacheEntryW
InternetConnectW

shlwapi

PathFileExistsW
PathAppendW

wsock32

setsockopt
WSAGetLastError
socket
WSASetLastError
WSACleanup
htons
ioctlsocket
send
recv
WSAStartup
closesocket
gethostbyname
connect
select

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msimg32

GradientFill

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

crypt32

CryptMsgGetParam
CryptProtectData
CertFindCertificateInStore
CertGetNameStringA
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptQueryObject
CryptUnprotectData

winmm

PlaySoundW
sndPlaySoundW
timeGetTime
PlaySoundA

kernel32

VirtualProtect
GetSystemTimeAsFileTime
HeapReAlloc
ResumeThread
ExitThread
HeapAlloc
LocalFree
LocalAlloc
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
lstrlenW
GetModuleFileNameW
lstrcpyW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetLocalTime
GetCurrentThreadId
lstrcpyA
WriteFile
CreateFileW
FindClose
FindFirstFileW
CopyFileW
DeleteFileW
OutputDebugStringA
VirtualAlloc
SetLastError
GetVersion
lstrcmpiA
lstrcmpiW
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
FindNextFileW
TerminateThread
GetExitCodeThread
CreateThread
MulDiv
CreateProcessW
ExpandEnvironmentStringsW
Sleep
WaitForSingleObject
GlobalFree
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
CreateSemaphoreW
ReleaseSemaphore
GetFileAttributesW
FreeResource
SystemTimeToFileTime
GetSystemTime
GetTimeFormatW
GetDateFormatW
Beep
GetTickCount
CreateDirectoryW
GetLocaleInfoW
InterlockedDecrement
LoadLibraryA
HeapFree
ExitProcess
RtlUnwind
SetEnvironmentVariableA
SetEndOfFile
GetTimeZoneInformation
SetConsoleCtrlHandler
CreateFileA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetSystemInfo
GetDateFormatA
GetTimeFormatA
VirtualQuery
GetCommandLineA
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetFilePointer
OutputDebugStringW

user32

DrawIconEx
GetMonitorInfoA
MonitorFromRect
GetUpdateRect
EndPaint
BeginPaint
GetCursorPos
IsWindowVisible
SetCapture
DispatchMessageA
GetCapture
GetMessageA
TranslateMessage
SetActiveWindow
ReleaseCapture
LoadImageA
SetWindowPos
SetWindowRgn
LoadBitmapA
SetClassLongA
DestroyMenu
CreatePopupMenu
GetMenuItemInfoW
GetMenuItemCount
GetMonitorInfoW
TrackPopupMenu
DeleteMenu
EnableMenuItem
CheckMenuItem
SetMenuItemInfoW
GetMenuState
GetMenuItemID
SetMenuInfo
GetMenuInfo
IsMenu
InsertMenuItemW
MessageBoxA
GetScrollInfo
PostThreadMessageA
MsgWaitForMultipleObjects
LoadImageW
LoadStringW
DrawFrameControl
FrameRect
GetDlgItemTextA
CreateWindowExA
CharUpperA
CharLowerW
CharLowerA
IsDlgButtonChecked
GetIconInfo
MessageBoxW
CheckDlgButton
GetDlgCtrlID
GetWindowTextW
DefWindowProcW
SendMessageW
GetWindowTextLengthW
SystemParametersInfoW
CreateDialogParamW
DialogBoxParamW
SetForegroundWindow
EnableWindow
SetLayeredWindowAttributes
GetMenuItemInfoA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetClassInfoW
RegisterClassW
CreateWindowExW
GetSystemMetrics
ShowWindow
CallWindowProcW
IsWindowUnicode
GetClassNameW
GetFocus
IsChild
SetFocus
SetWindowLongA
CopyRect
RegisterWindowMessageW
GetDC
DestroyIcon
FillRect
ReleaseDC
MoveWindow
GetWindowRect
DrawTextW
ScreenToClient
GetAsyncKeyState
PostMessageA
GetWindow
UpdateWindow
GetClassInfoExW
DefWindowProcA
RegisterClassExW
LoadStringA
UnregisterClassA
wsprintfW
DestroyWindow
LoadCursorA
SetCursor
SetTimer
PeekMessageA
PtInRect
GetSysColor
GetDlgItemTextW
CharUpperW
SetDlgItemTextW
SetWindowTextA
SetWindowTextW
GetClientRect
CallWindowProcA
InvalidateRect
GetDlgItem
KillTimer
IsWindow
SetWindowLongW
GetWindowLongW
GetParent
ClientToScreen
GetWindowLongA
SendMessageA
EndDialog

gdi32

GetPixel
RoundRect
CombineRgn
CreateRectRgn
PlgBlt
GetStretchBltMode
SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
BitBlt
Polygon
SetTextAlign
SetPixel
GetObjectA
GetLayout
GetTextAlign
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
Rectangle
TextOutW
CreatePen
MoveToEx
LineTo
GetStockObject
DeleteObject
CreateCompatibleDC
DeleteDC
SelectObject
SetTextColor
GdiFlush
SetBkColor
GetWindowOrgEx
SetWindowOrgEx
SetBkMode
GetDeviceCaps

comdlg32

GetOpenFileNameW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptAcquireContextA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey

shell32

SHCreateDirectoryExW
SHGetFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CLSIDFromString
CoGetMalloc
StringFromIID
CreateStreamOnHGlobal
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantInit
CreateErrorInfo
VariantCopy
SafeArrayCreateVector
OleLoadPicture
VarBstrCmp
GetErrorInfo
VariantChangeType
SetErrorInfo
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllOpenUninstallPage
DllRegisterServer
DllShowTB
DllShowToolbar
DllShowToolbarWithIE
DllUnregisterServer

Sections

.text
Size: 804KB - Virtual size: 803KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy