f4040bd708f09dd09a8ecaa5b54ca072e4b2fa12ba1187a39984cc4d615850b7[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

f4040bd708f09dd09a8ecaa5b54ca072e4b2fa12ba1187a39984cc4d615850b7.dll
Size

25.9MB
MD5

e8f30b8ddf4e09ecb0b5df56a3922fa4
SHA1

530462f044be9db5dfdb0d4224cedbf429f6fa96
SHA256

f4040bd708f09dd09a8ecaa5b54ca072e4b2fa12ba1187a39984cc4d615850b7
SHA512

b7c59dc9aa9462386ec868333dd63a533be398a50bbd530f8370112b7827a86493faa10944ef8344ff055af10b13294147aa03b86c0ab6b30794b0d2b02877b7
SSDEEP

393216:PyXwSi02jZmFISS9J8cwpaI1eAN5cKyd+:ywSi02mhpa2D5Cg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4040bd708f09dd09a8ecaa5b54ca072e4b2fa12ba1187a39984cc4d615850b7.dll

Files

f4040bd708f09dd09a8ecaa5b54ca072e4b2fa12ba1187a39984cc4d615850b7.dll
.dll windows:5 windows x86 arch:x86

ee93a244a88e1d813de73a39466e183e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

InternetCloseHandle

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

SHGetSpecialFolderLocation

user32

DdeSetUserHandle

version

GetFileVersionInfoSizeW

oleaut32

GetErrorInfo

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW

shfolder

SHGetFolderPathW

wsock32

gethostbyaddr

ole32

OleRegEnumVerbs

gdi32

Pie

ntdll

RtlCompressBuffer

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
xa39cl75t0nbf3qs8p60o6pt

Sections

W,=#2oV8
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Z1js\)"
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

(>egE\W/
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7""_%[k
Size: - Virtual size: 39KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8(3>1>!
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6!4:="
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L3i\WrD)
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

HFl&[<#T
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

M2qr:h;J
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ieeh?2Xi
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_ZhpsKjE
Size: 10.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

:kA4lA+i
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

-i97=]b
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee93a244a88e1d813de73a39466e183e

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

wsock32

ole32

gdi32

ntdll

Exports

Exports

Sections

W,=#2oV8 Size: 4.8MB - Virtual size: 4.8MB

Z1js\)" Size: 15KB - Virtual size: 14KB

(>egE\W/ Size: 103KB - Virtual size: 103KB

7""_%[k Size: - Virtual size: 39KB

8(3>1>! Size: 17KB - Virtual size: 17KB

6!4:=" Size: 3KB - Virtual size: 3KB

L3i\WrD) Size: 512B - Virtual size: 194B

HFl&[<#T Size: 512B - Virtual size: 69B

M2qr:h;J Size: 10.4MB - Virtual size: 10.4MB

ieeh?2Xi Size: 512B - Virtual size: 172B

_ZhpsKjE Size: 10.0MB - Virtual size: 10.0MB

:kA4lA+i Size: 172KB - Virtual size: 171KB

-i97=]b Size: 408KB - Virtual size: 407KB

W,=#2oV8
Size: 4.8MB - Virtual size: 4.8MB

Z1js\)"
Size: 15KB - Virtual size: 14KB

(>egE\W/
Size: 103KB - Virtual size: 103KB

7""_%[k
Size: - Virtual size: 39KB

8(3>1>!
Size: 17KB - Virtual size: 17KB

6!4:="
Size: 3KB - Virtual size: 3KB

L3i\WrD)
Size: 512B - Virtual size: 194B

HFl&[<#T
Size: 512B - Virtual size: 69B

M2qr:h;J
Size: 10.4MB - Virtual size: 10.4MB

ieeh?2Xi
Size: 512B - Virtual size: 172B

_ZhpsKjE
Size: 10.0MB - Virtual size: 10.0MB

:kA4lA+i
Size: 172KB - Virtual size: 171KB

-i97=]b
Size: 408KB - Virtual size: 407KB