5cde683048593333b3dee736f8b160675c981f497ed0d680d596e9b34c2a174b[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

5cde683048593333b3dee736f8b160675c981f497ed0d680d596e9b34c2a174b.dll
Size

882KB
MD5

5fb15984b6312b2de010679b77c2e3b4
SHA1

03559d863ad1e3ff9fb8d2f711fd5e0025d77366
SHA256

5cde683048593333b3dee736f8b160675c981f497ed0d680d596e9b34c2a174b
SHA512

293f405f70c380d502e9f981f0528c0a9ccbe0a50b8f03a7482d2d58f715c8f08807bbd6cebe29f53501408818e8f8bfb77de844634676102144c96bbea5e354
SSDEEP

24576:0yt4lxbRvESj873+qNIAh4xhlP0PFTvisj01z6CKCCYzuRdMY:0yt4nbRvESj873h2q4xhF0dTvisj012X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cde683048593333b3dee736f8b160675c981f497ed0d680d596e9b34c2a174b.dll

Files

5cde683048593333b3dee736f8b160675c981f497ed0d680d596e9b34c2a174b.dll
.dll windows:6 windows x86 arch:x86

ac7eca71889735031853fb6927703bcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

B:\LoadDll6\LoadDll\result\Release\libcurl.pdb

Imports

kernel32

RemoveDirectoryW
DebugActiveProcessStop
EncodePointer
CloseHandle
GetLastError
SetLastError
HeapAlloc
HeapReAlloc
GetProcessHeap
ExitProcess
GetCurrentThreadId
TerminateThread
CreateProcessA
CreateProcessW
GetCurrentProcessorNumber
GetTickCount
GetTickCount64
GetWindowsDirectoryW
VirtualFree
GetLargePageMinimum
GetModuleHandleA
lstrcmpA
lstrlenA
lstrlenW
MoveFileA
IsBadReadPtr
IsValidCodePage
GetACP
GetOEMCP
GetSystemDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultLCID
GetThreadUILanguage
GetCommandLineA
WriteConsoleW
CreateFileW
FileTimeToLocalFileTime
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
GetModuleFileNameW
GetModuleHandleExW
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
DecodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetEnvironmentVariableW
SetEnvironmentVariableW
GetEnvironmentStrings
GetCommandLineW
SetFilePointerEx
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
InterlockedFlushSList
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess

user32

GetShellWindow
EndMenu
DestroyMenu
IsWindowEnabled
ArrangeIconicWindows
GetTopWindow
GetParent
GetDesktopWindow
GetCaretPos
GetCaretBlinkTime
GetCursor
GetCursorPos
MessageBoxW
GetWindowTextLengthA
GetUpdateRect
EndPaint
BeginPaint
GetWindowDC
GetForegroundWindow
GetSubMenu
GetSystemMenu
GetMenu
IsWindowUnicode
GetCapture
GetFocus
GetActiveWindow
GetDialogBaseUnits
GetDlgCtrlID
EndDialog
IsZoomed
AnyPopup
IsIconic
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
OpenIcon
DestroyWindow
IsWindow
GetDoubleClickTime
IsWow64Message
GetMessageExtraInfo
GetMessageTime
GetMessagePos
wsprintfW
GetLastActivePopup

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

SHCreateDirectoryExW

shlwapi

StrCmpIW
PathAppendW

Exports

Exports

CheckLicense
DllInitialize
DllInstall
Export
GetDllVersion
Init
InitDll
RegisterDll
ThreadFunction
curl_easy_cleanup
curl_easy_init
curl_easy_perform
curl_easy_setopt

Sections

.text
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac7eca71889735031853fb6927703bcb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 659KB - Virtual size: 658KB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 3KB - Virtual size: 6.2MB

.reloc Size: 65KB - Virtual size: 64KB

.text
Size: 659KB - Virtual size: 658KB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 3KB - Virtual size: 6.2MB

.reloc
Size: 65KB - Virtual size: 64KB