Doctor
Herevalue
Liemore
Morningthere
QuestionPoint
Ranexample
Tryconsonant
Weregentle
Static task
static1
Behavioral task
behavioral1
Sample
309252610b617ea7a4ae736381f6364c6bb154ce81ce0883c69ca98a284943bd.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
309252610b617ea7a4ae736381f6364c6bb154ce81ce0883c69ca98a284943bd.dll
Resource
win10-en-20211208
Target
309252610b617ea7a4ae736381f6364c6bb154ce81ce0883c69ca98a284943bd
Size
235KB
MD5
7d00207e3d8c2c562ab3d3bfd8a71fe2
SHA1
1529d54632c0289440154c6f11e2730e609a0663
SHA256
309252610b617ea7a4ae736381f6364c6bb154ce81ce0883c69ca98a284943bd
SHA512
06d9632cd00e3f2ec168a3b0c6327d6ec70f40b75607234e71bd09b7b7bec30995ee8d1733e5cd13ead2f343b33e21ac673dea06773b043c32361468212ee979
SSDEEP
3072:CmmeuJ6jkhHVFpvq69D6UkqGFpMdsiOXdaygQ6YToG+rt4:BmRJAkbFJqVvBpMZOcQ3Gt4
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetEnvironmentVariableW
GetFileSize
SetFilePointer
CreateProcessW
HeapAlloc
WaitForSingleObject
GetProcessHeap
WriteFile
LoadLibraryW
Sleep
CreateFileW
GetTempPathW
OpenMutexW
SetConsoleOutputCP
RemoveDirectoryW
DeviceIoControl
VirtualProtect
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
SetFileAttributesW
GetCommandLineA
HeapFree
GetVersionExA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
HeapSize
LoadLibraryA
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
Doctor
Herevalue
Liemore
Morningthere
QuestionPoint
Ranexample
Tryconsonant
Weregentle
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ