SjVjlixjPb
Static task
static1
Behavioral task
behavioral1
Sample
oblot.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
oblot.dll
Resource
win10v2004-20220414-en
General
-
Target
oblot.dll
-
Size
1.3MB
-
MD5
38ea4397f1c9dfe79e9accaebe7487ec
-
SHA1
24614b49e47bbdc30263cc86cea8aceb2781f1ed
-
SHA256
281a1cfaebf968012e9596721d14b1bd6429744617e73f96558cb68bcc0db8f8
-
SHA512
3b8d8deb404a52cb43306c8b3275f61efd8092202cf5ac5d86c342664b1673080abb3689f77b5bcc94b88ca10f238eb2dba67161619588e443ca6e04e261399b
-
SSDEEP
24576:Qz868Rnacmr8Oojv03br/YXYugvutZooFS7i2xyyIRfbi8mskmWcJc3mm7tnAgHi:Y86twnv/Y
Malware Config
Signatures
Files
-
oblot.dll.dll windows x64
66356a654249c4824378b1a70e7cc1e5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
CreateFileA
DeleteFileA
LockFile
UnlockFile
WriteFile
CloseHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
CreateThread
GetCurrentThreadId
GetModuleFileNameA
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
CreateFileMappingA
GetCurrentActCtx
Exports
Exports
Sections
.text Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 895KB - Virtual size: 894KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 413KB - Virtual size: 413KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ