Static task
static1
General
-
Target
v1.1.dll
-
Size
3.5MB
-
MD5
f12e170a3182037aec17b8645ef2f899
-
SHA1
5007a1e0566777c72128a19b4f620260864b8045
-
SHA256
d8e7029b9bf9c688653103fa35519fcbd8e6b127b5bdcae7afe009a872151a04
-
SHA512
7fd64234a08c8aa087ba398663ac37261b300c6607ae3acc42e5cafe35fbd883c6b6464e5f3414fc9b0efbab22ececce91e2c537ee40df9ac856220ecabd9424
-
SSDEEP
49152:0/chofJZWLiT8JHg3Ysf+4zg9RgLAy4p3FFpTFcXbUkp3JJTHI4:0/cSaLiT8sY340RgMVp35Jw1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource v1.1.dll
Files
-
v1.1.dll.dll windows:6 windows x86 arch:x86
91c97cbd61d4c481bef3869af049db1e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
shell32
SHGetKnownFolderPath
ole32
CoTaskMemFree
ws2_32
WSACleanup
WSAStartup
user32
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
LoadCursorA
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
CallWindowProcW
ShowWindow
FindWindowW
FlashWindowEx
SetWindowLongW
MessageBoxA
GetKeyState
kernel32
InterlockedFlushSList
GetCommandLineA
TlsGetValue
InitializeSListHead
CreateEventW
ResetEvent
SetEvent
CompareStringEx
LCMapStringEx
GetFileInformationByHandleEx
AreFileApisANSI
SetFileInformationByHandle
GetCurrentProcess
TerminateProcess
GetModuleHandleA
HeapAlloc
VirtualQuery
VirtualProtect
Sleep
CloseHandle
CreateThread
GetProcAddress
K32GetModuleInformation
GetModuleHandleW
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryW
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
VirtualAlloc
HeapReAlloc
GetThreadContext
SetThreadContext
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
Thread32Next
OpenThread
SuspendThread
ResumeThread
HeapFree
FlushInstructionCache
HeapCreate
HeapDestroy
GetLastError
RaiseException
FreeLibrary
GetModuleFileNameA
GetModuleHandleExA
LoadLibraryExA
FormatMessageA
SetLastError
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleExW
ExitProcess
ReadFile
GetSystemTimeAsFileTime
GetTempPathW
DuplicateHandle
CreateProcessW
GetStdHandle
GetFileType
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
TlsAlloc
GetCommandLineW
TlsSetValue
TlsFree
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
DeleteFileW
MoveFileExW
GetFileAttributesExW
CreateFileW
GetExitCodeProcess
EncodePointer
DecodePointer
CreatePipe
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetProcessHeap
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetEndOfFile
HeapSize
GetModuleFileNameW
WriteConsoleW
WaitForSingleObjectEx
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
LocalFree
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
imm32
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 920KB - Virtual size: 919KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 94KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ