Solstice_7DB05119E2[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Solstice_7DB05119E2.dll
Size

9.8MB
MD5

672b0c1aed9eec8c0e77f143cd95d72a
SHA1

4688c28ab7fe516194297318f523ee8ede90c6c1
SHA256

364d8593b9b171d53fe3c37559c66dae84e094eac443020030bc352c163754a5
SHA512

80f98b2924af25ec29c62fa9e04972313ea4ec86e6bcd78f364182a72dd0d6a0a02a3538843c77d13293cc3601354792962f8f7f0847b87b78d2387fc43e6f13
SSDEEP

196608:PnTJyQoyIEtb6xdgjguFzC4J+UZw9RWwiaW:H+QFF+CIviaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Solstice_7DB05119E2.dll

Files

Solstice_7DB05119E2.dll
.dll windows:6 windows x64 arch:x64

8213c03953df793401faf97ab7186c86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

dbghelp

SymSetOptions
SymInitialize
SymGetOptions
SymLoadModuleEx
SymUnloadModule64
SymGetModuleBase64
SymCleanup
StackWalk64
SymGetLineFromAddr64
SymFromAddr
SymFunctionTableAccess64

winmm

timeBeginPeriod
timeEndPeriod
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInReset
waveInStart
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader

d3d11

D3D11On12CreateDevice

d2d1

ord1

ws2_32

getaddrinfo
inet_ntoa

user32

GetRawInputDeviceInfoA
GetDesktopWindow
SystemParametersInfoA
DrawTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
SetWindowRgn
MonitorFromRect
CreateIconFromResource
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
IntersectRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
SetPropW
SetForegroundWindow
SetActiveWindow
GetFocus
SetFocus
FlashWindowEx
SetLayeredWindowAttributes
ShowWindow
CreateWindowExW
RegisterClassW
AttachThreadInput
SendMessageW
RegisterRawInputDevices
SystemParametersInfoW
CreateIconIndirect
CopyImage
LoadCursorW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
MapVirtualKeyW
ToUnicode
IsClipboardFormatAvailable
GetClipboardSequenceNumber
DestroyWindow
GetRawInputDeviceList
RegisterClassExA
UnregisterClassA
GetMessageW
RegisterDeviceNotificationW
GetDoubleClickTime
RegisterWindowMessageA
GetRawInputData
DestroyIcon
LoadIconW
CallNextHookEx
PostThreadMessageW
GetWindowLongW
FillRect
ClipCursor
GetClipCursor
GetCursorPos
AdjustWindowRectEx
GetClientRect
GetPropW
ValidateRect
InvalidateRect
GetUpdateRect
GetMenu
GetSystemMetrics
KillTimer
SetTimer
MsgWaitForMultipleObjects
GetAsyncKeyState
IsIconic
SetWindowPos
GetClassInfoExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
MonitorFromWindow
ReleaseDC
GetDC
ReleaseCapture
SetCapture
ScreenToClient
TrackMouseEvent
GetMessageExtraInfo
SetCursorPos
ClientToScreen
GetForegroundWindow
GetKeyState
LoadCursorA
SetCursor
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
EnumWindows
GetWindowTextA
GetWindowRect
GetDpiForWindow
SetWindowLongPtrA
ToAscii
GetKeyboardState
MapVirtualKeyA
GetKeyboardLayout
MessageBoxA
DefWindowProcA
UnregisterDeviceNotification
CreateWindowExA

gdi32

GetDeviceCaps
CreateRectRgn
DeleteObject
CreateSolidBrush
CreateCompatibleDC
DeleteDC
BitBlt
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
CombineRgn
SetDeviceGammaRamp
GetDeviceGammaRamp
GetICMProfileW
CreateBitmap
GetDIBits
CreateDCW
CreateCompatibleBitmap
CreateDIBSection
SelectObject

imm32

ImmGetContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext
ImmGetIMEFileNameA
ImmAssociateContext
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetCandidateListW
ImmNotifyIME

ole32

CoCreateFreeThreadedMarshaler
CoInitializeEx
CoUninitialize
CLSIDFromString
PropVariantClear
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
GetErrorInfo
SysStringLen
SetErrorInfo
SysFreeString

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW

setupapi

CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Device_IDA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

shell32

DragFinish
ShellExecuteW
DragAcceptFiles
SHGetFolderPathW
DragQueryFileW

kernel32

GetLocaleInfoEx
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
TryAcquireSRWLockExclusive
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
FormatMessageA
GetExitCodeThread
EncodePointer
DecodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetStringTypeW
OpenThread
SetThreadContext
FlushInstructionCache
GetThreadContext
HeapDestroy
GetNativeSystemInfo
HeapReAlloc
ResumeThread
SuspendThread
Thread32First
HeapFree
HeapCreate
GetLocaleInfoA
GetSystemPowerStatus
GetFileTime
GetModuleHandleExW
CompareStringA
LoadLibraryExW
TlsSetValue
TlsGetValue
TlsAlloc
VerifyVersionInfoW
FormatMessageW
LocalFree
CreateEventW
ResetEvent
CancelIo
GetOverlappedResult
DeviceIoControl
CreateFileA
SetThreadPriority
RaiseException
IsDebuggerPresent
SetEnvironmentVariableA
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
CreateSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetModuleFileNameW
CreateDirectoryW
GetSystemInfo
GlobalMemoryStatusEx
TerminateProcess
ExitProcess
SetThreadExecutionState
MulDiv
EnumResourceNamesW
GetModuleHandleW
GetTickCount
SetErrorMode
SetFilePointerEx
SetFilePointer
ReadFile
GetFileSizeEx
CreateFileW
AttachConsole
OutputDebugStringW
SetConsoleTextAttribute
RtlPcToFileHeader
IsProcessorFeaturePresent
InitOnceBeginInitialize
InitOnceComplete
InterlockedFlushSList
SetLastError
TlsFree
ExitThread
SetStdHandle
GetFileType
GetTimeZoneInformation
FlushFileBuffers
GetConsoleOutputCP
ReadConsoleW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
SetEndOfFile
RtlUnwind
FreeLibraryWhenCallbackReturns
HeapAlloc
InitializeCriticalSectionEx
InterlockedPushEntrySList
RtlUnwindEx
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
GetConsoleScreenBufferInfo
WriteConsoleA
Thread32Next
DeleteFileA
WriteFile
WriteConsoleW
GetDynamicTimeZoneInformation
GetCurrentThreadId
VerSetConditionMask
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
LoadLibraryA
WaitForSingleObject
GlobalFree
GlobalAlloc
WideCharToMultiByte
VirtualProtect
Sleep
FreeLibraryAndExitThread
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
AllocConsole
SetConsoleTitleA
GetStdHandle
GetConsoleMode
SetConsoleMode
FreeConsole
VirtualQuery
GetModuleFileNameA
K32GetModuleFileNameExA
GetCurrentProcess
K32GetModuleInformation
GetModuleHandleA
CreateToolhelp32Snapshot
GetCurrentProcessId
Module32First
CloseHandle
Module32Next
GetLastError
GlobalLock
GlobalUnlock
GetCurrentThread
SetUnhandledExceptionFilter
RtlCaptureContext
DisableThreadLibraryCalls
CreateThread
GetSystemTimeAsFileTime

wininet

InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA

d3dcompiler_47

D3DCompile

vcomp140

_vcomp_for_static_simple_init
_vcomp_fork
_vcomp_for_static_end

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 859KB - Virtual size: 859KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8213c03953df793401faf97ab7186c86

Headers

DLL Characteristics

File Characteristics

Imports

version

dbghelp

winmm

d3d11

d2d1

ws2_32

user32

gdi32

imm32

ole32

oleaut32

advapi32

setupapi

shell32

kernel32

wininet

d3dcompiler_47

vcomp140

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 859KB - Virtual size: 859KB

.data Size: 5.2MB - Virtual size: 5.2MB

.pdata Size: 157KB - Virtual size: 157KB

_RDATA Size: 9KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 859KB - Virtual size: 859KB

.data
Size: 5.2MB - Virtual size: 5.2MB

.pdata
Size: 157KB - Virtual size: 157KB

_RDATA
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 20KB - Virtual size: 19KB