a670e25daabef49a9a4e6d1a499971f5cbdae0a65f2d5910733f1f2dcd66a186[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

a670e25daabef49a9a4e6d1a499971f5cbdae0a65f2d5910733f1f2dcd66a186.dll
Size

3.7MB
MD5

19f330d44484a05377331cf2eb04bd6d
SHA1

4d8a61a1371d765570f92c705791026c710b7648
SHA256

a670e25daabef49a9a4e6d1a499971f5cbdae0a65f2d5910733f1f2dcd66a186
SHA512

36b44e700250165b28ff4c03a14976ff782becbf9c1c1bd773a036bd5625a04605aa211fd002a098a578d2abd3950229b4edb4e7650ca8d9103083242bea3931
SSDEEP

98304:ziXAEqfpQA7KhbchheGvUapVXNe1gNuqh+CaO:eQxRQA7K9QPfZNe1rqh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a670e25daabef49a9a4e6d1a499971f5cbdae0a65f2d5910733f1f2dcd66a186.dll

Files

a670e25daabef49a9a4e6d1a499971f5cbdae0a65f2d5910733f1f2dcd66a186.dll
.dll windows:5 windows x86 arch:x86

0566bf4ce656c9433015abeb3ee79fc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

VssProvider.pdb

Imports

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyExW
RegSetValueExW
GetUserNameA
CryptDestroyHash
CryptGetHashParam
CryptHashData
RegQueryValueExA
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
CryptCreateHash
OpenThreadToken
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA

kernel32

MultiByteToWideChar
lstrlenA
lstrlenW
WideCharToMultiByte
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
GetProcessHeap
LocalAlloc
ReadFile
LeaveCriticalSection
GetLastError
CreateFileW
GetFileType
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
RaiseException
SizeofResource
LockResource
LoadResource
WaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
SetThreadPriority
InterlockedCompareExchange
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
LoadLibraryW
FreeLibrary
FindAtomW
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
WriteFile
GetFileInformationByHandle
OpenEventA
GetVersionExA
GetProfileIntA
GlobalFree
CreateEventA
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
GetUserDefaultUILanguage
FindClose
SetFileTime
GetCurrentProcessId
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
CreateDirectoryW
DeleteFileW
FindFirstFileW
ResumeThread
FindNextFileW
FindResourceW
FormatMessageW
GetDateFormatW
GetFileAttributesW
GetFullPathNameW
GetModuleFileNameW
GetVersionExW
GetSystemDirectoryW
GetTempPathW
GetTimeFormatW
HeapFree
GlobalAddAtomW
LoadLibraryExW
MoveFileW
MoveFileExW
OutputDebugStringW
SetFileAttributesW
FindResourceExA
GlobalDeleteAtom
GetSystemDefaultLCID
GetSystemTimeAsFileTime
GetThreadLocale
SetThreadLocale
GetEnvironmentVariableW
TryEnterCriticalSection
GetTickCount
GetModuleHandleA
GetModuleHandleW
GetProcAddress
DisableThreadLibraryCalls
InterlockedExchange
FindResourceA
lstrcmpA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
SetLastError
Sleep
InitializeCriticalSection
DuplicateHandle

gdi32

SetROP2
SetBrushOrgEx
UnrealizeObject
CreateBitmap
CreatePatternBrush
GetNearestColor
GetClipBox
IntersectClipRect
GetBkColor
ExcludeClipRect
SetTextAlign
Polygon
CreateFontIndirectW
GetTextExtentPoint32W
GetTextExtentExPointW
SetPixel
GetPixel
CreateRectRgnIndirect
SelectClipRgn
SetBkMode
SetTextColor
SetBkColor
PatBlt
SelectObject
GetTextMetricsA
DeleteObject
ExtCreatePen
MoveToEx
LineTo
GetStockObject
CreatePen
Rectangle
GetDeviceCaps
GetObjectA
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
SysStringLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
CreateErrorInfo
SafeArrayCopy
VariantClear
VariantInit
SetErrorInfo
GetErrorInfo
VariantChangeType
VarUI4FromStr
UnRegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetElement
SafeArrayUnlock
SafeArrayLock
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayDestroy
VariantCopy

ole32

CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoCreateFreeThreadedMarshaler
OleRun
CoCreateGuid
CoDisconnectObject
RegisterDragDrop
StringFromGUID2
OleFlushClipboard
RevokeDragDrop
OleSetClipboard
DoDragDrop
ReleaseStgMedium
OleDuplicateData
IIDFromString
StringFromCLSID
CLSIDFromString
CoGetClassObject
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleLockRunning

user32

GetWindowTextW
GetWindowTextLengthW
GetClassNameW
DrawTextExW
DialogBoxIndirectParamW
DefWindowProcW
CreateDialogIndirectParamW
CallWindowProcW
IsDialogMessageA
IsDialogMessageW
IsWindowUnicode
CreateWindowExW
SendMessageW
CreateCaret
ShowCaret
EnumChildWindows
RegisterClipboardFormatA
ScrollWindow
SetScrollInfo
KillTimer
FrameRect
DrawFrameControl
InvertRect
GetQueueStatus
GetDlgCtrlID
GetKeyState
GetIconInfo
GetCursorPos
IntersectRect
PtInRect
MonitorFromPoint
MonitorFromRect
SystemParametersInfoA
CallNextHookEx
GetForegroundWindow
UnhookWindowsHookEx
PostThreadMessageA
GetTopWindow
UnregisterClassA
CopyRect
SetRect
SendDlgItemMessageA
GetScrollPos
GetActiveWindow
GetAncestor
CharNextW
MapDialogRect
SetWindowContextHelpId
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
BeginPaint
EndPaint
IsChild
GetFocus
GetClassNameA
CharNextA
SetWindowLongA
RedrawWindow
GetClassInfoExA
RegisterClassExA
CreateWindowExA
CreateAcceleratorTableA
ClientToScreen
SetCapture
FillRect
InvalidateRgn
GetDC
GetDesktopWindow
DestroyAcceleratorTable
DestroyWindow
CallWindowProcA
EndDialog
GetNextDlgTabItem
WindowFromPoint
ReleaseDC
GetDCEx
MessageBeep
GetWindow
GetWindowLongA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
SetTimer
UpdateWindow
EnableWindow
InvalidateRect
IsWindowVisible
EnableMenuItem
GetSystemMenu
MoveWindow
ReleaseCapture
GetCapture
DestroyIcon
LoadImageA
GetSysColor
ShowScrollBar
SetWindowPos
ShowWindow
ScreenToClient
GetWindowRect
GetParent
PostMessageA
GetClientRect
IsWindow
GetSystemMetrics
SetFocus
SendMessageA
GetDlgItem
GetCursor
SetCursor
LoadCursorA
LoadIconA
IsIconic
DefWindowProcA
MessageBoxW
RegisterWindowMessageW
SetWindowTextW
SetWindowsHookExW
GetPropW
SetPropW
RemovePropW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DeleteMenu
UnionRect
BeginDeferWindowPos
EqualRect
DeferWindowPos
EndDeferWindowPos
ChildWindowFromPoint
IsWindowEnabled
DrawFocusRect
LoadBitmapA
InflateRect
GetScrollInfo

shell32

SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Create
ImageList_GetIcon
ImageList_Destroy
ImageList_LoadImageA
ImageList_SetBkColor
ImageList_ReplaceIcon

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

RollbackTransac
RollbackTransacti
CommitTransaction
CreateTransaction
RollbackTransaction
CreateTransaction

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0566bf4ce656c9433015abeb3ee79fc7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

oleaut32

ole32

user32

shell32

comctl32

version

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 9KB - Virtual size: 32KB

.shared Size: 512B - Virtual size: 4KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 9KB - Virtual size: 32KB

.shared
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB