Sentinal[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Sentinal.dll
Size

3.9MB
MD5

cf5fda1890a753824da748c79eb3866d
SHA1

c12f394cb6ae7ca05574eadfd460ea2c73e5e11d
SHA256

a8731ebb223fee40d6629fcf09df88829853f916ca48a190fd9069294e263615
SHA512

4a18cc36ba6155cb1d0b95cec71ffa69fcdfe51311fee5cfd8a73034bb795b72a9808b4ac130cf13331b37e96150a7c850be3ee580fabdcb117cbcc2f459b89d
SSDEEP

98304:jDP6P4RHUeXVAQ1hhTKcoMk8aZjSpKx6GJ:jePROAKhhTKsk8aQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Sentinal.dll

Files

Sentinal.dll
.dll windows:6 windows x64 arch:x64

826ef16799ff27bb9b68f910d876b3b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

getaddrinfo

wldap32

ord41

crypt32

CertFreeCertificateContext

advapi32

ReportEventW
RegCloseKey

kernel32

WideCharToMultiByte
GetModuleHandleA

user32

MessageBoxA
DefWindowProcW

shell32

ShellExecuteA
SHGetDiskFreeSpaceA

shlwapi

PathFindFileNameA

userenv

UnloadUserProfile

rpcrt4

RpcStringFreeA

bcrypt

BCryptGenRandom

imagehlp

ImageNtHeader

wintrust

WinVerifyTrust

Exports

Exports

s_activate
s_filestream
s_get_expiry
s_get_level
s_get_response
s_get_username
s_init
s_log
s_login
s_registr
s_token
s_var

Sections

.rsrc
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

826ef16799ff27bb9b68f910d876b3b2

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

crypt32

advapi32

kernel32

user32

shell32

shlwapi

userenv

rpcrt4

bcrypt

imagehlp

wintrust

Exports

Exports

Sections

.rsrc Size: - Virtual size: 2.3MB

.rdata Size: - Virtual size: 772KB

.reloc Size: - Virtual size: 64KB

.reloc Size: - Virtual size: 104KB

.reloc Size: 30KB - Virtual size: 32KB

.pdata Size: - Virtual size: 6.4MB

.pdata Size: 114KB - Virtual size: 114KB

.rsrc
Size: - Virtual size: 2.3MB

.rdata
Size: - Virtual size: 772KB

.reloc
Size: - Virtual size: 64KB

.reloc
Size: - Virtual size: 104KB

.reloc
Size: 30KB - Virtual size: 32KB

.pdata
Size: - Virtual size: 6.4MB

.pdata
Size: 114KB - Virtual size: 114KB