Doctor
Herevalue
Liemore
Morningthere
QuestionPoint
Ranexample
Tryconsonant
Weregentle
Static task
static1
Behavioral task
behavioral1
Sample
e9351a0fff4822696aee8aae560d01b10305dc4f150ec7fa8e0326d2e9eb8f4d.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e9351a0fff4822696aee8aae560d01b10305dc4f150ec7fa8e0326d2e9eb8f4d.dll
Resource
win10-en-20211208
Target
e9351a0fff4822696aee8aae560d01b10305dc4f150ec7fa8e0326d2e9eb8f4d
Size
261KB
MD5
12bd6cc3f403abbb3c44e59924e36711
SHA1
7c7c57c6bfd4d6f329c2609a82885234807d9a73
SHA256
e9351a0fff4822696aee8aae560d01b10305dc4f150ec7fa8e0326d2e9eb8f4d
SHA512
0cb812d13eace00947ed4c9c4f1a328204cd22dfcb941b0491bf945f36ef94544e5fbe516c32b76ffeda838722700f7a1aa61d4fd6c274e80c022ec906ee53d2
SSDEEP
3072:CmmeuJ6jkhHVFpvq69D6UkqGFpMdsiOXdaygQ6YToG+rt:BmRJAkbFJqVvBpMZOcQ3Gt
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetEnvironmentVariableW
GetFileSize
SetFilePointer
CreateProcessW
HeapAlloc
WaitForSingleObject
GetProcessHeap
WriteFile
LoadLibraryW
Sleep
CreateFileW
GetTempPathW
OpenMutexW
SetConsoleOutputCP
RemoveDirectoryW
DeviceIoControl
VirtualProtect
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
SetFileAttributesW
GetCommandLineA
HeapFree
GetVersionExA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
HeapSize
LoadLibraryA
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
Doctor
Herevalue
Liemore
Morningthere
QuestionPoint
Ranexample
Tryconsonant
Weregentle
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ