e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

e62889be5b...5a.dll

windows7_x64

e62889be5b...5a.dll

windows10-2004_x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a.dll

Resource

win7-en-20211208

zloader main 19.04.2020 botnet persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a.dll

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

General

Target

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
Size

860KB
MD5

bba9ace9dc7cce4cac9439a43fa4c9a0
SHA1

8a66109684bfb149ae5f59adaceb380b040f1afc
SHA256

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
SHA512

49ab85bd8272bb8e54b93cb899af72cfaf169b0db39ac334d60e2e13daa1c393e6e7e563d308d002b9e9724a51740f6a860176885afcc1473fa9a04587134d82
SSDEEP

6144:VfPhJtuLbdL0BjgwdJNhO1yd2l+nqCmv6iQtiS9Vzzz2axdqhNuy9x:VMaBku2GTmii8XGZNu2x

Score

N/A

Malware Config

Signatures

Files

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
.dll windows x86

49eb4fe5a2af1aaf1471b4fc9086c943

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
lstrcmpA
lstrlenA
lstrcatA
GetLastError
GetCurrentProcess

user32

CheckDlgButton
GetWindowThreadProcessId
GetCursorInfo
GetWindowDC
CheckMenuRadioItem
GetCaretBlinkTime

comctl32

InitCommonControls

gdi32

EnumFontFamiliesExA

oleacc

GetStateTextA

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wwvi
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yrhm
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.