CZPgtmlLgThm[.]dll

Resubmissions

10-02-2025 19:26

250210-x5k2latmam 10

10-02-2025 19:19

250210-x1171stkew 10

10-02-2025 17:51

250210-wfk5ma1kgs 10

Sharing

Copy URL

Twitter E-mail

General

Target

CZPgtmlLgThm.dll
Size

3.2MB
MD5

e102f51b67a248436f9729e410100a13
SHA1

d34e81135fd45258982d56ce66fcb0661daff9de
SHA256

b2bd3a7284b4dddb7412a5a929836200d9ec742af0d1af79de3ad164aceadf1a
SHA512

4ce752d04bbdca4b9f6af961ee473d37b84d9a845dd01afb959a6bd03842858939b0dbb55db859a500362d61a0ac177846911cbcf5de534fadbecedaabc5910a
SSDEEP

49152:6vMLhOv7qLYgOQkv2ldCcCgPqIo9xlf8ZirVq42tmAMK7+slR0+RNW8d:6v+0Yj/7VniJDfQiQVtD68tRNhd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CZPgtmlLgThm.dll

Files

CZPgtmlLgThm.dll
.dll regsvr32 windows:6 windows x64 arch:x64

f1ee8a8cf7d51026e33ca29fe5a0406d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
WriteFile
CloseHandle
GetComputerNameA
TryEnterCriticalSection
DeleteCriticalSection
ConvertThreadToFiber
CreateFiber
DeleteFiber
SwitchToFiber
CreateThread
CreateNamedPipeA
PeekNamedPipe
VirtualAlloc
GetHandleInformation
GetSystemTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetACP
GetStringTypeW
GetCPInfo
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
LCMapStringW
IsValidCodePage
GetOEMCP
ExitProcess
GetModuleHandleExW
RaiseException
RtlUnwindEx

Exports

Exports

DllRegisterServer
Lfue87317
PbvDu553oo20
RommN50
YZc
ZGZ

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

f1ee8a8cf7d51026e33ca29fe5a0406d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 1.6MB - Virtual size: 1.6MB

.pdata Size: 2KB - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 1.6MB - Virtual size: 1.6MB

.pdata
Size: 2KB - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB