Overview

overview

7

Static

static

3

CPFilters.dll

windows10-2004-x64

7

CSystemEve...nt.dll

windows10-2004-x64

1

CXHProvisi...er.dll

windows10-2004-x64

1

CoreShellAPI.dll

windows10-2004-x64

1

CoreShellE...rk.dll

windows10-2004-x64

1

CoreUIComponents.dll

windows7-x64

1

CoreUIComponents.dll

windows10-2004-x64

1

CourtesyEngine.dll

windows10-2004-x64

1

CredDialogBroker.dll

windows10-2004-x64

1

CredProv2faHelper.dll

windows10-2004-x64

1

CredProvCo...re.dll

windows10-2004-x64

1

CredProvDataModel.dll

windows10-2004-x64

1

CredProvHelper.dll

windows10-2004-x64

1

Credential...er.dll

windows10-2004-x64

1

CryptoWinRT.dll

windows10-2004-x64

1

CspCellula...gs.dll

windows10-2004-x64

1

CspProxy.dll

windows10-2004-x64

1

D3D12.dll

windows10-2004-x64

1

D3D12Core.dll

windows10-2004-x64

1

D3DCompiler_43.dll

windows7-x64

1

D3DCompiler_43.dll

windows10-2004-x64

1

D3DCompiler_47.dll

windows10-2004-x64

1

D3DSCache.dll

windows10-2004-x64

1

D3DX9_43.dll

windows7-x64

1

D3DX9_43.dll

windows10-2004-x64

1

DAConn.dll

windows10-2004-x64

1

DAFESCL.dll

windows10-2004-x64

1

DAFIPP.dll

windows10-2004-x64

1

DAFIoT.dll

windows10-2004-x64

1

DAFMCP.dll

windows10-2004-x64

1

DAFWSD.dll

windows10-2004-x64

1

DAFWiProv.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    System32Problems11.zip

  • Size

    25.8MB

  • MD5

    bb7af1b873b5c8917b2946a76c48ff03

  • SHA1

    deaef3959d6d3c61835adf509cdcd552838309e2

  • SHA256

    6718742ddeda6b283d7e9a835b4a5e1a8ebcf8e397295dc2b72ddfecafff13e4

  • SHA512

    42f39c40f39fb0b38ec562df7e0e1bc20f43fb66a0b4c384830f62d96c67467ea79df2cdb3b6839684723df502880dd07cd140b659ed5fe94ca9129dbbdb5085

  • SSDEEP

    786432:6ilrpOMpPs+YLmjDqFoecvpPoo0xibEpN07P:lcMl/DmuhPjeib

Score
3/10

Malware Config

Signatures

  • Unsigned PE 74 IoCs

    Checks for missing Authenticode signature.

Files

  • System32Problems11.zip
    .zip
  • CPFilters.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    0a3157d06b203ba404cc9b542aa2996e


    Headers

    Imports

    Exports

    Sections

  • CSystemEventsBrokerClient.dll
    .dll windows:10 windows x64 arch:x64

    893f455394acd5d19a9bfe705ff02380


    Headers

    Imports

    Exports

    Sections

  • CXHProvisioningServer.dll
    .dll windows:10 windows x64 arch:x64

    a0bf8a14120ac54132078e0d39122f20


    Headers

    Imports

    Exports

    Sections

  • CoreShellAPI.dll
    .dll windows:10 windows x64 arch:x64

    adef394cb69dab6e354f8b16690fb1b7


    Headers

    Imports

    Exports

    Sections

  • CoreShellExtFramework.dll
    .dll windows:10 windows x64 arch:x64

    1274c0aa3c68ab74e90b111ab3ba0771


    Headers

    Imports

    Exports

    Sections

  • CoreUIComponents.dll
    .dll windows:6 windows x64 arch:x64

    46ce4b0542e1d4f78f9b8ab0685116c3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CourtesyEngine.dll
    .dll windows:10 windows x64 arch:x64

    a7497e5510af9f91e745969c9fc896e5


    Headers

    Imports

    Exports

    Sections

  • CredDialogBroker.dll
    .dll windows:10 windows x64 arch:x64

    b26c8804d7fcf01baab5834619091aa6


    Headers

    Imports

    Exports

    Sections

  • CredProv2faHelper.dll
    .dll windows:10 windows x64 arch:x64

    fc30e9a6930d3d59660784a493a01e1a


    Headers

    Imports

    Exports

    Sections

  • CredProvCommonCore.dll
    .dll windows:10 windows x64 arch:x64

    e5186800b2b25a2204bb7c2eabc9c995


    Headers

    Imports

    Sections

  • CredProvDataModel.dll
    .dll windows:10 windows x64 arch:x64

    563860a00991a56472cedb3b5f7ed3a2


    Headers

    Imports

    Exports

    Sections

  • CredProvHelper.dll
    .dll windows:10 windows x64 arch:x64

    a7e715d1cc583efc80d0d41e4a608242


    Headers

    Imports

    Exports

    Sections

  • CredentialEnrollmentManagerForUser.dll
    .dll windows:10 windows x64 arch:x64

    71e990656e570de487f30d23e9143ac0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CryptoWinRT.dll
    .dll windows:10 windows x64 arch:x64

    8e66f3d1e5c9750ce2dc1b9ed888a132


    Headers

    Imports

    Exports

    Sections

  • CspCellularSettings.dll
    .dll windows:10 windows x64 arch:x64

    25de396f5b9f04fb8fa38ad21e29ba53


    Headers

    Imports

    Exports

    Sections

  • CspProxy.dll
    .dll windows:10 windows x64 arch:x64

    b056ce05143d67740b72905862573f76


    Headers

    Imports

    Exports

    Sections

  • D3D12.dll
    .dll windows:10 windows x64 arch:x64

    300872bc428adb53cbe60b2e6179bd92


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • D3D12Core.dll
    .dll windows:10 windows x64 arch:x64

    68a4ffbf5bfecdfcc57beac0c2a121bb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • D3DCompiler_43.dll
    .dll windows:6 windows x64 arch:x64

    87e48ad40a89f4f6e1404989a85ca976


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • D3DCompiler_47.dll
    .dll windows:10 windows x64 arch:x64

    0ddd2d0105be2a7473032e30f6c6e2f2


    Headers

    Imports

    Exports

    Sections

  • D3DSCache.dll
    .dll windows:10 windows x64 arch:x64

    f063696353519ac445d5283409de1a70


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • D3DX9_43.dll
    .dll windows:6 windows x64 arch:x64

    336d8057d1db03e5a3ac3b62e8902f4b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DAConn.dll
    .dll windows:10 windows x64 arch:x64

    f2b3d12405996cf2e1797de54ebc2b4f


    Headers

    Imports

    Exports

    Sections

  • DAFESCL.dll
    .dll windows:10 windows x64 arch:x64

    615874f567db90d4636e842d1196d2c9


    Headers

    Imports

    Exports

    Sections

  • DAFIPP.dll
    .dll windows:10 windows x64 arch:x64

    61e7d8ce48c64dfd4e8ebe8653e1c692


    Headers

    Imports

    Exports

    Sections

  • DAFIoT.dll
    .dll windows:10 windows x64 arch:x64

    3f136b8d55a36b6eeb8eb09bb774b131


    Headers

    Imports

    Exports

    Sections

  • DAFMCP.dll
    .dll windows:10 windows x64 arch:x64

    0990c045050df4b5b6b0621a05b8ad80


    Headers

    Imports

    Exports

    Sections

  • DAFWSD.dll
    .dll windows:10 windows x64 arch:x64

    19eb8e0bb4ee28b1556498df1213924c


    Headers

    Imports

    Exports

    Sections

  • DAFWiProv.dll
    .dll windows:10 windows x64 arch:x64

    41221e156745975773a651153acdde2a


    Headers

    Imports

    Exports

    Sections

  • DAMM.dll
    .dll windows:10 windows x64 arch:x64

    b76c77cfa1bbfa7cfc44b9df6c700776


    Headers

    Imports

    Exports

    Sections

  • DAMediaManager.dll
    .dll windows:10 windows x64 arch:x64

    ec4a66720ecf2dd8a6d2c7bba17d94aa


    Headers

    Imports

    Exports

    Sections

  • DaOtpCredentialProvider.dll
    .dll windows:10 windows x64 arch:x64

    b7fdce60c9dcea501fc16336a5d55b21


    Headers

    Imports

    Exports

    Sections

  • DafDnsSd.dll
    .dll windows:10 windows x64 arch:x64

    bdc331d42e0dccbb3d599a48c0b61c17


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DafGip.dll
    .dll windows:10 windows x64 arch:x64

    bd8a9b70423af704cfdee5796962435a


    Headers

    Imports

    Exports

    Sections

  • DafPrintProvider.dll
    .dll windows:10 windows x64 arch:x64

    f18e4a144078e208e8988592a1a21f8c


    Headers

    Imports

    Exports

    Sections

  • DataExchange.dll
    .dll windows:10 windows x64 arch:x64

    bd0e804eea5502b742d2c0d6278ebaa0


    Headers

    Imports

    Exports

    Sections

  • DavSyncProvider.dll
    .dll windows:10 windows x64 arch:x64

    838b45d00c0380674234c049a9943362


    Headers

    Imports

    Exports

    Sections

  • DbgModel.dll
    .dll windows:10 windows x64 arch:x64

    093e3d128c82ee8fee1baebf78419bf4


    Headers

    Imports

    Exports

    Sections

  • correngine.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    e7122d8e77ad6badf2eec12b3a403251


    Headers

    Imports

    Exports

    Sections

  • credprovhost.dll
    .dll windows:10 windows x64 arch:x64

    531352c994a3087566c9eba8c4d2e429


    Headers

    Imports

    Exports

    Sections

  • credprovs.dll
    .dll windows:10 windows x64 arch:x64

    2b74bfe53a2d020a4493b9d2b8067152


    Headers

    Imports

    Exports

    Sections

  • credprovslegacy.dll
    .dll windows:10 windows x64 arch:x64

    5a43c42d1f11b6f786ae6c3bbe813095


    Headers

    Imports

    Exports

    Sections

  • credssp.dll
    .dll windows:10 windows x64 arch:x64

    a6427f1c016b552451fa1d617f1f57f0


    Headers

    Imports

    Exports

    Sections

  • credui.dll
    .dll windows:10 windows x64 arch:x64

    d2a4d86703398911a74225a653c51164


    Headers

    Imports

    Exports

    Sections

  • crypt32.dll
    .dll windows:10 windows x64 arch:x64

    81443d72a7777fce48106ea30ba4f1f5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cryptbase.dll
    .dll windows:10 windows x64 arch:x64

    a5e5fe83f5f03cf67f32fa1d74122b59


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cryptcatsvc.dll
    .dll windows:10 windows x64 arch:x64

    aec2439b27b5b3a09bb18f1101045c2f


    Headers

    Imports

    Exports

    Sections

  • cryptdlg.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    b6d97e463262455321cd457dac297690


    Headers

    Imports

    Exports

    Sections

  • cryptdll.dll
    .dll windows:10 windows x64 arch:x64

    33ea0212d436f5ba4b911bfa69ca1800


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cryptext.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    628dd70b135b8836366b82b584a15c63


    Headers

    Imports

    Exports

    Sections

  • cryptnet.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    b64a28c8ae152dba68d6a38b57fd2db1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cryptngc.dll
    .dll windows:10 windows x64 arch:x64

    8b61c469da798ec89b311212bdd48078


    Headers

    Imports

    Exports

    Sections

  • cryptsp.dll
    .dll windows:10 windows x64 arch:x64

    258951b1a95b51f7466bc90a77f44d42


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cryptsvc.dll
    .dll windows:10 windows x64 arch:x64

    f91eb609c29941edc07ddb5253479df2


    Headers

    Imports

    Exports

    Sections

  • crypttpmeksvc.dll
    .dll windows:10 windows x64 arch:x64

    55b58a301b801071d7b64d28589cc91b


    Headers

    Imports

    Exports

    Sections

  • cryptui.dll
    .dll regsvr32 windows:10 windows x64 arch:x64

    1bdd64d2515db2a8a76d4a05d4b78da9


    Headers

    Imports

    Exports

    Sections

  • cryptuiwizard.dll
    .dll windows:10 windows x64 arch:x64

    002d04fadf540721fe84618e5b2a0a7d


    Headers

    Imports

    Exports

    Sections

  • cryptxml.dll
    .dll windows:10 windows x64 arch:x64

    0aa5195102294a4d95f64e7de7329b7b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • cscapi.dll
    .dll windows:10 windows x64 arch:x64

    4eeb69a56e58c88d7abf287df28871a4


    Headers

    Imports

    Exports

    Sections

  • cscdll.dll
    .dll windows:10 windows x64 arch:x64

    cf38b7b52ec1aa9305e6dda1739ff626


    Headers

    Imports

    Exports

    Sections

  • csplte.dll
    .dll windows:10 windows x64 arch:x64

    645fc7d1739deaa1b8a6a21b030e65a0


    Headers

    Imports

    Exports

    Sections

  • csrsrv.dll
    .dll windows:10 windows x64 arch:x64

    e969ba43d40752671f6cd4ff029e1563


    Headers

    Imports

    Exports

    Sections

  • cxcredprov.dll
    .dll windows:10 windows x64 arch:x64

    eee85771dacdc6486fac5f58de53abe0


    Headers

    Imports

    Exports

    Sections

  • d2d1.dll
    .dll windows:10 windows x64 arch:x64

    5c91366fe3e1f80c2a8b03164d77a809


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d10.dll
    .dll windows:10 windows x64 arch:x64

    3731ab1cf34f87e128ae3d00c5b6f7bc


    Headers

    Imports

    Exports

    Sections

  • d3d10_1.dll
    .dll windows:10 windows x64 arch:x64

    fed3bde439e40ffae523ca2ac7d85ef9


    Headers

    Imports

    Exports

    Sections

  • d3d10_1core.dll
    .dll windows:10 windows x64 arch:x64

    7fc1ba7915820d0d875b6a41072949b0


    Headers

    Imports

    Exports

    Sections

  • d3d10core.dll
    .dll windows:10 windows x64 arch:x64

    7fc1ba7915820d0d875b6a41072949b0


    Headers

    Imports

    Exports

    Sections

  • d3d10level9.dll
    .dll windows:10 windows x64 arch:x64

    4c0d47b07067f5a3c1266373f4e01ae1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d10warp.dll
    .dll windows:10 windows x64 arch:x64

    c06af4cef57fb0fe5de8f3b81fd921f1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d11.dll
    .dll windows:10 windows x64 arch:x64

    b56f8d0bab90e1c5ab99f29cbbbcc5b9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d11on12.dll
    .dll windows:10 windows x64 arch:x64

    d5fb58391cd2013e158f4fefdccd196b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d8thk.dll
    .dll windows:10 windows x64 arch:x64

    9bd2c4a670d3d653677969dfd15e09d3


    Headers

    Imports

    Exports

    Sections

  • d3d9.dll
    .dll windows:10 windows x64 arch:x64

    a4e86fe27facd15cc1f1dd87b36f9afc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3d9on12.dll
    .dll windows:10 windows x64 arch:x64

    23f4600a11eb723098c1f6571479ff23


    Headers

    Imports

    Exports

    Sections

  • d3dcsx_43.dll
    .dll windows:6 windows x64 arch:x64

    912fead51a1e45667966ee9791b24410


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3dx10_43.dll
    .dll windows:6 windows x64 arch:x64

    6f5981b2b8cdc7af020c15c84f8c0fee


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d3dx11_43.dll
    .dll windows:6 windows x64 arch:x64

    81904c72645caa23fce37aa3b4a853e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Sections

  • dab.dll
    .dll windows:10 windows x64 arch:x64

    7db27acb6fb2a8eea52600a0ba0a4bdb


    Headers

    Imports

    Exports

    Sections

  • dabapi.dll
    .dll windows:10 windows x64 arch:x64

    c29b79c5b9a8b3ce67d00605be45f5c0


    Headers

    Imports

    Exports

    Sections

  • dafAspInfraProvider.dll
    .dll windows:10 windows x64 arch:x64

    b9a683fbbf22cb41f5356445c44b67ae


    Headers

    Imports

    Exports

    Sections

  • dafBth.dll
    .dll windows:10 windows x64 arch:x64

    40ca83e672a408d21200cd8da604d2f2


    Headers

    Imports

    Exports

    Sections

  • dafDockingProvider.dll
    .dll windows:10 windows x64 arch:x64

    295716f6a796b41c1ed44133859ab363


    Headers

    Imports

    Exports

    Sections

  • dafWCN.dll
    .dll windows:10 windows x64 arch:x64

    c7b3319d11dfc57276b94f4e70aea623


    Headers

    Imports

    Exports

    Sections

  • dafWfdProvider.dll
    .dll windows:10 windows x64 arch:x64

    ef76516e7b636fe02d2f369bacd2c6fe


    Headers

    Imports

    Exports

    Sections

  • dafpos.dll
    .dll windows:10 windows x64 arch:x64

    486996a2d640da9a8d0ce9388da1ef41


    Headers

    Imports

    Exports

    Sections

  • dafupnp.dll
    .dll windows:10 windows x64 arch:x64

    02cd8dba92bccda215c0fc80dc894c34


    Headers

    Imports

    Exports

    Sections

  • das.dll
    .dll windows:10 windows x64 arch:x64

    0429ccfb35dc4d0bc3c2cae7de16edf0


    Headers

    Imports

    Exports

    Sections

  • dataclen.dll
    .dll windows:10 windows x64 arch:x64

    a99888f0780c323916bad689b88cc444


    Headers

    Imports

    Exports

    Sections

  • datusage.dll
    .dll windows:10 windows x64 arch:x64

    1b05a0bd85eff46ff4579c3fa4e7a25c


    Headers

    Imports

    Exports

    Sections

  • davclnt.dll
    .dll windows:10 windows x64 arch:x64

    45208008e3f384e0df5ad459677336a2


    Headers

    Imports

    Exports

    Sections

  • davhlpr.dll
    .dll windows:10 windows x64 arch:x64

    c19514d3678f4d2b717677998cbe1fed


    Headers

    Imports

    Exports

    Sections

  • daxexec.dll
    .dll windows:10 windows x64 arch:x64

    db5ca6fc007ad3d584db2e8901c0c89c


    Headers

    Imports

    Exports

    Sections

  • dbgcore.dll
    .dll windows:10 windows x64 arch:x64

    141264be5b69bec3e77e358998da3ea1


    Headers

    Imports

    Exports

    Sections

  • dbgeng.dll
    .dll windows:10 windows x64 arch:x64

    5c92556b79713321c90b60886c220a62


    Headers

    Imports

    Exports

    Sections

  • dbghelp.dll
    .dll windows:10 windows x64 arch:x64

    96c4c0b0370349f45a01359e7301fd2b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • dbnetlib.dll
    .dll windows:10 windows x64 arch:x64

    dc02e5f5ded2e54e82fdc16978152aab


    Headers

    Imports

    Exports

    Sections

  • dbnmpntw.dll
    .dll windows:10 windows x64 arch:x64

    89f391af12e4710c657ca63d914e6bcf


    Headers

    Imports

    Exports

    Sections