e0af73a0efbedf9112f02d898a393f6cc27817d1d7fa3b4e7b4041e9b9761bbf[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

e0af73a0efbedf9112f02d898a393f6cc27817d1d7fa3b4e7b4041e9b9761bbf.dll
Size

35.2MB
MD5

70ddc0b1d2e04545d4f8ea67e12919d7
SHA1

cb1445d1ae1599cbaa94c38ec6c84bc56ed1f797
SHA256

e0af73a0efbedf9112f02d898a393f6cc27817d1d7fa3b4e7b4041e9b9761bbf
SHA512

e99f836991d6665392dce55cbfb8bca590fca8981bdad493e589c93d623e6e62b66d9521aa6d45e4aa849f93960524137fb18ecef48c70fbdc676286239fc8cd
SSDEEP

786432:axaUJjkneASghu3B4RRJLk/kNzGvZNFbYFtYPrRINGO4uKUEBkH:aYsjkeZwu3B4RHLquzWZvbYF8WNLKUb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0af73a0efbedf9112f02d898a393f6cc27817d1d7fa3b4e7b4041e9b9761bbf.dll

Files

e0af73a0efbedf9112f02d898a393f6cc27817d1d7fa3b4e7b4041e9b9761bbf.dll
.dll windows:5 windows x86 arch:x86

9e2cbd6d5f1b3c169491a4250a8cd622

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\rc_v12_per_plu_241025\Build\Release\WPSOffice\office6\addons\kpdf2wordv3\kspdf.pdb

Imports

kernel32

GetModuleHandleW
LoadLibraryW
CloseHandle
GetLastError
CreateMutexW
GetTempFileNameW
GetModuleFileNameW
GetProcAddress
LocalFree
GetCurrentProcess
GlobalMemoryStatusEx
GetWindowsDirectoryW
IsWow64Process
FreeLibrary
CopyFileW
Sleep
GetLocaleInfoA
GetThreadLocale
GetSystemTime
CreateSemaphoreA
ResumeThread
SuspendThread
ReleaseSemaphore
GetTimeZoneInformation
QueryPerformanceFrequency
TlsFree
FindFirstFileA
GetTempFileNameA
GetTempPathA
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
InitOnceComplete
InitOnceBeginInitialize
GetCurrentThread
RemoveDirectoryW
ExitProcess
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
IsDBCSLeadByte
InitializeCriticalSection
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventA
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
GetSystemDirectoryA
VerifyVersionInfoA
LoadLibraryA
VerifyVersionInfoW
VerSetConditionMask
GetACP
SetLastError
FileTimeToSystemTime
WriteFile
SetFilePointerEx
SetEndOfFile
ReadFile
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateFileW
CreateFileA
FindNextFileW
FindNextFileA
FindFirstFileExW
FindClose
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetWindowsDirectoryA
GetLocalTime
GetTempPathW
GetCurrentThreadId
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
LoadLibraryExW

Exports

Exports

AlphaBlend
??4XmlFxSetGlobalMapperRecoverHelper@@QAEAAV0@ABV0@@Z
EntryPoint
GenerateTextWatermarkThumbnail
KSPdfFunction
PDFModuleDestroy
PDFModuleInit

Sections

.text
Size: 15.9MB - Virtual size: 15.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16.9MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 398KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 136KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e2cbd6d5f1b3c169491a4250a8cd622

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 15.9MB - Virtual size: 15.9MB

.rdata Size: 16.9MB - Virtual size: 16.9MB

.data Size: 398KB - Virtual size: 820KB

_RDATA Size: 136KB - Virtual size: 140KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.text
Size: 15.9MB - Virtual size: 15.9MB

.rdata
Size: 16.9MB - Virtual size: 16.9MB

.data
Size: 398KB - Virtual size: 820KB

_RDATA
Size: 136KB - Virtual size: 140KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB