c03cc808b64645455aba526be1ea018242fcd39278acbbf5ec3df544f9cf9595[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

c03cc808b64645455aba526be1ea018242fcd39278acbbf5ec3df544f9cf9595.dll
Size

20.1MB
MD5

351f45571fd7039de0241245aa85731f
SHA1

2ff66d370f7cedc92585c6abb37ef01b36ae6439
SHA256

c03cc808b64645455aba526be1ea018242fcd39278acbbf5ec3df544f9cf9595
SHA512

4230dca0ee8512ce05e148789be9c7e0e1ccc5570edb7281d374d795101b2ca33519dd8146b4630a18839ec59c12254c81c45f84e515f5d088532dce47c6d64d
SSDEEP

1536:N1vihn7gNNfuVk7Xk8WTB6mpbzWP6Nq5PVti:N1vi97gv2TRpbzW+q5P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c03cc808b64645455aba526be1ea018242fcd39278acbbf5ec3df544f9cf9595.dll

Files

c03cc808b64645455aba526be1ea018242fcd39278acbbf5ec3df544f9cf9595.dll
.dll windows:5 windows x86 arch:x86

555e0f7fb00b44fa8bb00b517dbfabca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathRemoveExtensionW

kernel32

GetEnvironmentStrings
lstrlenA
lstrlenW
SetErrorMode
SetUnhandledExceptionFilter
GetModuleFileNameW
GetEnvironmentVariableW
GetLastError
SetEnvironmentVariableW
lstrcatW
VirtualProtect
lstrcpyW
GetCommandLineW
CreateProcessW
WaitForSingleObject
CloseHandle
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
MultiByteToWideChar
ReadFile
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
CreateFileW
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

Exports

Exports

DllEntry

Sections

.text
Size: 20.1MB - Virtual size: 20.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

555e0f7fb00b44fa8bb00b517dbfabca

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 20.1MB - Virtual size: 20.1MB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 36KB - Virtual size: 36KB

.text
Size: 20.1MB - Virtual size: 20.1MB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 36KB - Virtual size: 36KB