LA_build[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

LA_build.dll
Size

6.2MB
MD5

c831e04aaca8635ca256d5324f783f95
SHA1

99d63aa45a3a9206dda7b7cf1b857368eb63fbfc
SHA256

3f19a9806c0fa0092dbcac304455c35f39a7897119e39f9595ff44a33bf2b248
SHA512

9f45bfca052211e8c95881da831e597d76768145c444223875af2c6b52b6d7a9cb645a22275335b4bb847249600647aa6bbe79be5aef96ad9d583d809f645ad8
SSDEEP

98304:EJSm+GRIjRHNMqc3cWfbyhW87BgFHYcqq/oKKk:tmtaVNM/byBgF4cqPKK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LA_build.dll

Files

LA_build.dll
.dll windows:6 windows x86 arch:x86

a54ebcc36783f9458e89712925e9dcf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\fr1ndz\Desktop\LunaSrc-main\Build\CompiledDLL\LA_build.pdb

Imports

ws2_32

WSACleanup
WSAStartup
getaddrinfo
send
recv
connect
socket
WSAGetLastError
freeaddrinfo
closesocket

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
GetTickCount
GetStdHandle
CreateDirectoryA
SetConsoleTextAttribute
VirtualProtect
FindClose
FindFirstFileA
FindNextFileA
GetCurrentProcess
WriteProcessMemory
WideCharToMultiByte
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
LoadLibraryA
AllocConsole
AttachConsole
SetConsoleTitleA
CloseHandle
CreateThread
ExitThread
DisableThreadLibraryCalls
GetLastError
FreeLibrary
GetModuleFileNameA
LoadLibraryExA
FormatMessageA
GetModuleHandleA
K32GetModuleInformation
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreA
InitializeSRWLock
FlushInstructionCache
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
AreFileApisANSI
FindNextFileW
FindFirstFileExW
GetCurrentThreadId
GetSystemTimeAsFileTime
LocalFree
GetLocaleInfoEx
InitializeSListHead
DeleteCriticalSection
TerminateProcess
SetLastError

user32

LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
GetKeyState
IsChild
ReleaseCapture
SetCapture
GetCapture
GetClipboardData
EmptyClipboard
SetClipboardData
GetAsyncKeyState
CallWindowProcA
OpenClipboard
CloseClipboard

shell32

ShellExecuteA

msvcp140

??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??Bios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
?fail@ios_base@std@@QBE_NXZ
?setf@ios_base@std@@QAEHH@Z
?setf@ios_base@std@@QAEHHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QBE_JXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xbad_function_call@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency
_Thrd_sleep
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAHH@Z
_Mtx_lock
_Mtx_trylock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

vcruntime140

memset
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcpy
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
__std_exception_copy
strrchr
_setjmp3
longjmp
strchr
strstr
memcmp
memchr
_purecall
__current_exception
memmove

api-ms-win-crt-runtime-l1-1-0

abort
exit
_errno
_initterm_e
_initterm
strerror
_cexit
_crt_atexit
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
system
_seh_filter_dll
terminate

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
_callnewh

api-ms-win-crt-math-l1-1-0

frexp
_dclass
fmaxf
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
_libm_sse2_log_precise
_libm_sse2_sin_precise
_CIatan2
remainderf
floor
_CIfmod
_fdclass
_libm_sse2_asin_precise
_libm_sse2_log10_precise
_libm_sse2_atan_precise
_libm_sse2_tan_precise
ceil
ldexp
roundf
llround
_dsign
_libm_sse2_exp_precise
_libm_sse2_acos_precise

api-ms-win-crt-stdio-l1-1-0

fsetpos
_fseeki64
fwrite
__stdio_common_vsscanf
setvbuf
ungetc
fgets
clearerr
_ftelli64
_pclose
__stdio_common_vsprintf
__stdio_common_vsprintf_s
_popen
tmpfile
tmpnam
ferror
ftell
freopen_s
feof
fseek
freopen
getc
__stdio_common_vfprintf
_wfopen
fputc
__acrt_iob_func
fopen
fgetpos
_get_stream_buffer_pointers
fclose
fgetc
fflush
fread

api-ms-win-crt-filesystem-l1-1-0

rename
_lock_file
remove
_unlock_file

api-ms-win-crt-string-l1-1-0

strpbrk
strncpy
strspn
isdigit
tolower
isalnum
isalpha
isupper
towlower
iswalpha
strcpy_s
islower
ispunct
isgraph
iscntrl
isxdigit
strcoll
isspace
isblank
strncmp
toupper

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-time-l1-1-0

_localtime64
_time64
_gmtime64
_mktime64
_difftime64
clock
strftime

api-ms-win-crt-convert-l1-1-0

strtoul
strtoull
strtol
atof
atoi
strtoll
strtod

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
localeconv
setlocale

api-ms-win-crt-environment-l1-1-0

getenv

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a54ebcc36783f9458e89712925e9dcf3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

shell32

msvcp140

imm32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 430KB - Virtual size: 430KB

.data Size: 2.9MB - Virtual size: 9.6MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 89KB - Virtual size: 89KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 430KB - Virtual size: 430KB

.data
Size: 2.9MB - Virtual size: 9.6MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 89KB - Virtual size: 89KB