1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127.dll
Size

655KB
MD5

7cbf2951f13cd54abd951b1d289e2655
SHA1

d345e1d251714508a28544dc00e5950b05116ce1
SHA256

1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127
SHA512

773cc4fdf347454181173305ac5df67ed829f918411d3234ad4be33a6f2cf6fd142ef9c64ab18ac2fba64acf29b667f17ba1d3b4fc8fad39c9c0f2c580e45652
SSDEEP

12288:5VM1TXEY93cdWFnQyS94SjU3u8nTef/TUKo9vy0lg3BJhRbignDYy+z:jMJ0Y6dWJQyS/jj8nTefLUKEyGK/PMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127.dll

Files

1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127.dll
.dll windows:0 windows x86 arch:x86

3dbe7c3c6b94817b85f07b4a45cf6597

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameW
ReplaceTextA
WantArrows

gdi32

CreateCompatibleBitmap
CreateFontA
EngMarkBandingSurface
GdiPlayJournal
GdiPlayScript
GdiStartDocEMF
GetBoundsRect
GetFontRealizationInfo
SetWindowExtEx

kernel32

ConvertFiberToThread
EnumSystemGeoID
FillConsoleOutputCharacterW
FindNextFileW
GetFinalPathNameByHandleA
GetLogicalDriveStringsA
GetNumberFormatA
GetProcAddress
GetShortPathNameW
LCMapStringW
LZOpenFileW
LoadLibraryA
LocalSize
QueryDepthSList
SetCommMask
SetConsoleCP
SetConsoleScreenBufferSize
SetConsoleTitleA
SetFilePointerEx
SetProcessPriorityBoost
SetThreadpoolStackInformation
SleepConditionVariableSRW
TerminateJobObject
VirtualFree
WriteConsoleOutputCharacterA

msvcrt

_itoa
_rmtmp
_sopen
_spawnvp
clock
free
getenv
malloc
memset
memcpy
wcsrchr
wcstoul

ole32

CoGetProcessIdentifier
HRGN_UserMarshal
OleCreateLink
OleCreateLinkEx
OleLoadFromStream
ReadStringStream
WdtpInterfacePointer_UserUnmarshal

user32

AdjustWindowRect
CloseWindowStation
CreateWindowExW
DialogBoxIndirectParamAorW
DrawIconEx
FindWindowA
GetAsyncKeyState
GetCursorInfo
GetMessagePos
GetTabbedTextExtentA
GetUserObjectSecurity
GetWindowCompositionAttribute
LoadCursorA
SetShellWindowEx
SetUserObjectSecurity
SetWindowPlacement
TileWindows

Exports

Exports

Antonia_contour_acquiescing
Di_dumber_pogroms
Purim_inkier_methinks
melodious_counteractions
pouching_frostiness_pus
savannah_chirped_affixing
speeches_enrolled

Sections

.text
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dbe7c3c6b94817b85f07b4a45cf6597

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

gdi32

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 372KB - Virtual size: 371KB

.data Size: 60KB - Virtual size: 59KB

.rdata Size: 198KB - Virtual size: 198KB

.edata Size: 512B - Virtual size: 284B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 372KB - Virtual size: 371KB

.data
Size: 60KB - Virtual size: 59KB

.rdata
Size: 198KB - Virtual size: 198KB

.edata
Size: 512B - Virtual size: 284B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 18KB - Virtual size: 18KB