Luno_cracked[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Luno_cracked.dll
Size

1.2MB
MD5

b91cb4ced51c8d3740ad40695769d9f4
SHA1

1a10f5214f6baa562df3832c404da4a68c2d3398
SHA256

8839c5f1616682e223ec05653bd5f9d69700ca525298aadf8a4aba2378a6cb18
SHA512

98ebc1234c73b966ecb77845d838f5c3bd37423309ab85241ca434dada07e70dc932ffc37b03a3e3a9f2ce9a3b2f210d4ecc953a9d93011b0b15de7a91c0139c
SSDEEP

24576:73F6WhTxNUduQf1qgrvO5SBY7hJlnva5HlBPqn43:73N8bprTBY7hLnva9zqn4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Luno_cracked.dll

Files

Luno_cracked.dll
.dll windows:6 windows x64 arch:x64

64df7d88a182dc47fd8ec4df9aa707ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Крмп\Desktop\Luno\x64\Release\CS2.pdb

Imports

kernel32

GlobalLock
WideCharToMultiByte
GlobalUnlock
Sleep
GetCurrentProcess
DisableThreadLibraryCalls
K32GetModuleInformation
CreateThread
GetTickCount
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
GlobalFree
ReleaseSRWLockExclusive
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
FlushInstructionCache
GetCurrentProcessId
GetThreadContext
HeapDestroy
HeapAlloc
CloseHandle
HeapReAlloc
GlobalAlloc
MultiByteToWideChar
QueryPerformanceCounter
FreeLibrary
GetLastError
CreateToolhelp32Snapshot
GetProcAddress
ResumeThread
SuspendThread
GetCurrentThreadId
Thread32First
QueryPerformanceFrequency
LoadLibraryA
AcquireSRWLockExclusive
GetModuleHandleA
Thread32Next
HeapFree
VirtualProtect
HeapCreate
InitializeSListHead
LocalFree
FormatMessageA
GetLocaleInfoEx
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetFileInformationByHandleEx
GetSystemTimeAsFileTime

user32

SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
GetCursorPos
CallWindowProcW
SetCapture
SetWindowLongPtrW
LoadCursorW
GetForegroundWindow
TrackMouseEvent
ClientToScreen
GetCapture
ScreenToClient
GetKeyState
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
IsChild

d3dcompiler_47

D3DCompile

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

msvcp140

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?uncaught_exceptions@std@@YAHXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Random_device@std@@YAIXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr
memcmp
memmove
__std_terminate
strstr
__std_exception_destroy
__std_exception_copy
memcpy
__std_type_info_destroy_list
memset
strchr
_CxxThrowException
__C_specific_handler
_purecall
__current_exception_context
__current_exception
__std_type_info_compare

api-ms-win-crt-stdio-l1-1-0

fflush
__acrt_iob_func
__stdio_common_vfprintf
fclose
_get_stream_buffer_pointers
_fseeki64
fsetpos
ungetc
setvbuf
fgetpos
ftell
fgetc
fputc
fseek
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite

api-ms-win-crt-string-l1-1-0

strncpy_s
strncmp
strcmp
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free
realloc

api-ms-win-crt-math-l1-1-0

atanf
ceilf
roundf
acosf
ldexp
cosf
floorf
fmodf
round
sqrtf
sqrt
sinf
powf
pow
atan2f
tanf
_dsign

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_errno
_invalid_parameter_noinfo
_seh_filter_dll
abort
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate

api-ms-win-crt-convert-l1-1-0

atof
strtol
strtoll
strtoull
strtoul
strtod

api-ms-win-crt-filesystem-l1-1-0

_lock_file
remove
rename
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

Sections

.text
Size: 711KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 391KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64df7d88a182dc47fd8ec4df9aa707ee

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

d3dcompiler_47

imm32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 711KB - Virtual size: 710KB

.rdata Size: 147KB - Virtual size: 147KB

.data Size: 391KB - Virtual size: 401KB

.pdata Size: 28KB - Virtual size: 27KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 956B

.text
Size: 711KB - Virtual size: 710KB

.rdata
Size: 147KB - Virtual size: 147KB

.data
Size: 391KB - Virtual size: 401KB

.pdata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 956B