9f79ed51c51057b765256f856cd3690737c98fce[.]dll | Triage

Sharing

General

Target

9f79ed51c51057b765256f856cd3690737c98fce.dll
Size

315KB
MD5

703dd9fac2280e224a1949db0cf545a3
SHA1

9f79ed51c51057b765256f856cd3690737c98fce
SHA256

5397c40c0f4bbe1b202069a612b03dac27a0c33eeec7ac97df264b9afbb84da4
SHA512

69e3b4cf81bf8c5e2a944f22bf145442415882712957c1a64c051ad3a89b5dd9cd1247f2331fc429295bfda244799263bcebb347bcdc09339f7875c19af493d0
SSDEEP

6144:YutK09bpsWYrPnP3UKLSr1TS8BbdrFucR+z+qagIK+bcgaI0C:BK0YWYrPP35LSrBS8LQ4+z+qagQYVIv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f79ed51c51057b765256f856cd3690737c98fce.dll

Files

9f79ed51c51057b765256f856cd3690737c98fce.dll
.dll windows:4 windows x86 arch:x86

1e14d607956b4cc2b9b7835c72bf0b77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

mfc42

ord690

msvcrt

_strcmpi

kernel32

CreateDirectoryA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetDesktopWindow

advapi32

RegDeleteValueA

ws2_32

htons

shlwapi

PathIsDirectoryA

ole32

CoUninitialize

oleaut32

SafeArrayGetVartype

msvcp60

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

netapi32

Netbios

Exports

Exports

DoAddToFavDlg
InputFile
PrintFile

Sections

.text
Size: 306KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE