BDncqpUxZl[.]dll[.]exe

General

Target

BDncqpUxZl.dll.exe
Size

2.1MB
MD5

40ee908eff9418d1cbcb36ea516ca34e
SHA1

e13e947f3ce59a2a58ce09c2d8888053d685fa44
SHA256

7df703625ee06db2786650b48ffefb13fa1f0dae41e521b861a16772e800c115
SHA512

eedae343bf53411aa9a64e0f6ae9ee1ac15b6cdc02d94894604974e5d0ffcafc56f9df9afa368cab38a017785e559d75bb9dea95bffc78088048cf3b1ec7d639
SSDEEP

49152:AgbA0SNOgGbH+/mrzAnO5oEshZHFTdgmH:v20gGjnrzAZEIZHzgmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BDncqpUxZl.dll.exe

Files

BDncqpUxZl.dll.exe
.dll regsvr32 windows:6 windows x64 arch:x64

379e1e30462ed6118b499ff7de80390e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetLastError
TryEnterCriticalSection
ConvertThreadToFiber
CreateFiber
DeleteFiber
SwitchToFiber
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GetFileSize
VirtualAlloc
MultiByteToWideChar
WideCharToMultiByte
GetDiskFreeSpaceA
DeviceIoControl
GetHandleInformation

Exports

Exports

DllRegisterServer
ELd1
TWdQNH5561Uq
XLom127V

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

379e1e30462ed6118b499ff7de80390e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.rotext Size: 31KB - Virtual size: 30KB

.rdata Size: 603KB - Virtual size: 602KB

.data Size: 1.4MB - Virtual size: 1.4MB

.pdata Size: 512B - Virtual size: 300B

.rodata Size: 512B - Virtual size: 144B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 19KB - Virtual size: 19KB

.rotext
Size: 31KB - Virtual size: 30KB

.rdata
Size: 603KB - Virtual size: 602KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.pdata
Size: 512B - Virtual size: 300B

.rodata
Size: 512B - Virtual size: 144B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B