7a3242fc80c18e689be633eebc6f6c8616e4c0ff5ff6b78fca0811eb26fc18b2[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

7a3242fc80c18e689be633eebc6f6c8616e4c0ff5ff6b78fca0811eb26fc18b2.dll
Size

1.4MB
MD5

aa55d7bdb5d82f33345f78814a687a26
SHA1

3261b540c52e0f56b0dbda3c02dd237519bafa91
SHA256

7a3242fc80c18e689be633eebc6f6c8616e4c0ff5ff6b78fca0811eb26fc18b2
SHA512

be776cb69376f827cbe39fab3009cbdf951a71229ca4c7b754ba467be0f6ca6b688ee689d7f765adc15f5004487d6b210b2782416191f07f78c7b0d0bc70e180
SSDEEP

24576:+kThZU+CWB7H5y7W3jUHzeK7doyj3SqSYL/PqQIJ0ysa3WDn0khCpmZB:+pdxW3jUTPmyz1qQ+iD6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a3242fc80c18e689be633eebc6f6c8616e4c0ff5ff6b78fca0811eb26fc18b2.dll

Files

7a3242fc80c18e689be633eebc6f6c8616e4c0ff5ff6b78fca0811eb26fc18b2.dll
.dll windows:5 windows x86 arch:x86

b0ed9338c732d5b71fc3aefafa25ac57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\vmagent_new\bin\joblist\297406\out\Release\360Opt.pdb

Imports

kernel32

LoadLibraryExW
GetCurrentProcess
GetSystemWindowsDirectoryW
GetVersionExW
Sleep
InterlockedCompareExchange
WaitForSingleObject
GetPrivateProfileIntW
GetFileAttributesW
SetFileAttributesW
IsWow64Process
GetTickCount
GlobalMemoryStatusEx
GetNativeSystemInfo
GetWindowsDirectoryW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
GetDriveTypeW
QueryDosDeviceW
GetFileSizeEx
GetVolumeInformationW
GetDiskFreeSpaceW
GetFileAttributesExA
SetFileAttributesA
DeleteFileA
GetModuleFileNameA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
SetFilePointer
InterlockedExchange
GetFileTime
GetLocalTime
SystemTimeToTzSpecificLocalTime
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetFullPathNameW
SetLastError
GetFileAttributesExW
MoveFileExW
GetVolumeNameForVolumeMountPointW
GetSystemPowerStatus
LocalFree
GetCurrentThread
GetSystemInfo
OutputDebugStringW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW
WideCharToMultiByte
GetLongPathNameW
GetTempPathW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringW
GetSystemDirectoryW
WriteFile
ReadFile
GetVersion
ExpandEnvironmentStringsW
FreeResource
LockResource
EnterCriticalSection
CreateFileW
GetProcAddress
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
LoadResource
FreeLibrary
FindResourceW
FindResourceExW
GetCurrentProcessId
CloseHandle
GetACP
GetStringTypeW
DeviceIoControl
LocalAlloc
lstrlenA
SetEnvironmentVariableA
CompareStringA
FlushFileBuffers
LCMapStringW
GetDriveTypeA
LCMapStringA
GetCPInfo
RtlUnwind
GetCommandLineA
VirtualQuery
VirtualAlloc
VirtualProtect
CreateThread
ExitThread
CreateDirectoryW
IsDebuggerPresent
SetUnhandledExceptionFilter
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
CompareStringW
GetTimeZoneInformation
VirtualFree
HeapCreate
GetCurrentDirectoryA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetStdHandle
ExitProcess
IsValidCodePage
DeleteCriticalSection
GetFileSize
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetEndOfFile
SetFilePointerEx
FormatMessageW
GetCurrentThreadId
GetSystemTime
CreateMutexW
TlsGetValue
TlsSetValue
GetAtomNameW
OpenThread
AddAtomW
ReleaseMutex
TlsAlloc
FindAtomW
DeleteAtom
TlsFree
TerminateProcess
UnhandledExceptionFilter
GetOEMCP

advapi32

IsValidSid
RegQueryValueExA
GetUserNameW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
OpenThreadToken
OpenProcessToken
GetTokenInformation
GetAce
GetAclInformation
AddAce
InitializeAcl
EqualSid
GetLengthSid
CopySid
StartServiceW
ControlService
QueryServiceStatus
EnumServicesStatusExW
CloseServiceHandle
ChangeServiceConfigW
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
CloseEventLog
ReadEventLogW
OpenEventLogW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetFolderPathW

ole32

CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
CoInitializeEx

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SysFreeString
SysAllocString
VariantChangeType
VariantInit
VariantClear
VariantCopy

shlwapi

PathStripToRootW
PathUnquoteSpacesW
PathRemoveArgsW
StrToIntW
SHQueryValueExW
PathAppendA
PathRemoveFileSpecA
PathFileExistsA
StrStrIW
SHDeleteValueW
SHDeleteKeyW
StrCmpIW
PathIsDirectoryEmptyW
PathIsDirectoryW
PathAddBackslashW
PathRemoveBackslashW
SHSetValueW
SHGetValueW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathCombineW

Exports

Exports

CheckSSD
CreateDiskioEffect
CreateLudashiRestore
DiskoptInterface
GetLatestBoottime
D3D11CreateDevice
D3D11CreateDevice
QuerySpeedOptimizeInterface
SetCurrentBoottime
SetOptIniKey
SetUseNewName
UninstallSoftInterface

Sections

.text
Size: 641KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 655KB - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0ed9338c732d5b71fc3aefafa25ac57

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 641KB - Virtual size: 644KB

.rdata Size: 125KB - Virtual size: 128KB

.data Size: 10KB - Virtual size: 28KB

.rsrc Size: 655KB - Virtual size: 655KB

.text
Size: 641KB - Virtual size: 644KB

.rdata
Size: 125KB - Virtual size: 128KB

.data
Size: 10KB - Virtual size: 28KB

.rsrc
Size: 655KB - Virtual size: 655KB