b84bad0674108e09eb3c974e8ffbaf901e69ca2939dfe70527fb369fe2df831e[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

b84bad0674108e09eb3c974e8ffbaf901e69ca2939dfe70527fb369fe2df831e.dll
Size

25.3MB
MD5

a1d3922228fcfb9b734d3d92213cf525
SHA1

21834950d507117c0c9d9e4c42c76c1e5f41b61c
SHA256

b84bad0674108e09eb3c974e8ffbaf901e69ca2939dfe70527fb369fe2df831e
SHA512

d6d783f269831120902c718b1696865df89e649dbcc51bc93ff86feaf4a4944d2c8593cc3c8d5f4a6983379b4e961b453101406ab70ea150379aa3cc63d15b43
SSDEEP

393216:TS1wSi0DGQ6h03sRIPNjIILppBc284JEIFi3rEf8LVuqL9Ha5Ate:YwSi08hE0qTfBcH4HFs0IVuqLFaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b84bad0674108e09eb3c974e8ffbaf901e69ca2939dfe70527fb369fe2df831e.dll

Files

b84bad0674108e09eb3c974e8ffbaf901e69ca2939dfe70527fb369fe2df831e.dll
.dll windows:5 windows x86 arch:x86

ee93a244a88e1d813de73a39466e183e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

InternetCloseHandle

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

SHGetSpecialFolderLocation

user32

DdeSetUserHandle

version

GetFileVersionInfoSizeW

oleaut32

GetErrorInfo

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW

shfolder

SHGetFolderPathW

wsock32

gethostbyaddr

ole32

OleRegEnumVerbs

gdi32

Pie

ntdll

RtlCompressBuffer

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
azo06olt3gs7uifwf18b8
dbkFCallWrapperAddr

Sections

.IiZ_A$8
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bO\=]JeA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

>9P5ZP$
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

\(SnMqUq
Size: - Virtual size: 39KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cKc<oclJ
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L2(#1D;
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1eWe9Dpo
Size: 512B - Virtual size: 191B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PC2X@$2+
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

]8;-`=q(
Size: 10.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Rjm*8iMX
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pCck@0(<
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

M;H3Mr
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

U(#)2R<D
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee93a244a88e1d813de73a39466e183e

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

wsock32

ole32

gdi32

ntdll

Exports

Exports

Sections

.IiZ_A$8 Size: 4.8MB - Virtual size: 4.8MB

bO\=]JeA Size: 15KB - Virtual size: 14KB

>9P5ZP$ Size: 103KB - Virtual size: 103KB

\(SnMqUq Size: - Virtual size: 39KB

cKc<oclJ Size: 17KB - Virtual size: 17KB

L2(#1D; Size: 3KB - Virtual size: 3KB

1eWe9Dpo Size: 512B - Virtual size: 191B

PC2X@$2+ Size: 512B - Virtual size: 69B

]8;-`=q( Size: 10.1MB - Virtual size: 10.1MB

Rjm*8iMX Size: 512B - Virtual size: 172B

pCck@0(< Size: 9.7MB - Virtual size: 9.7MB

M;H3Mr Size: 172KB - Virtual size: 171KB

U(#)2R<D Size: 408KB - Virtual size: 407KB

.IiZ_A$8
Size: 4.8MB - Virtual size: 4.8MB

bO\=]JeA
Size: 15KB - Virtual size: 14KB

>9P5ZP$
Size: 103KB - Virtual size: 103KB

\(SnMqUq
Size: - Virtual size: 39KB

cKc<oclJ
Size: 17KB - Virtual size: 17KB

L2(#1D;
Size: 3KB - Virtual size: 3KB

1eWe9Dpo
Size: 512B - Virtual size: 191B

PC2X@$2+
Size: 512B - Virtual size: 69B

]8;-`=q(
Size: 10.1MB - Virtual size: 10.1MB

Rjm*8iMX
Size: 512B - Virtual size: 172B

pCck@0(<
Size: 9.7MB - Virtual size: 9.7MB

M;H3Mr
Size: 172KB - Virtual size: 171KB

U(#)2R<D
Size: 408KB - Virtual size: 407KB