UKah6x65xQ[.]dll | Triage

Submit
Reports

Overview

overview

Static

static

UKah6x65xQ.dll

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

UKah6x65xQ.dll

Resource

win10v2004-20220414-en

icedid 2576683783 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

UKah6x65xQ.dll
Size

714KB
MD5

e83718709032469c8db41c8e7a7bec66
SHA1

074ee45eb9799eae90c4fe0b77f4fbc3020b13f3
SHA256

9abc520e828d8aaba25bd5ebf4b8aef2b11ca46841552339ae511f393d5c76f4
SHA512

a59bdd55301b0013469e5c0bc6d81151918a9512a0a893343d45ce3ccd79a2da546a728e863cf4f0755712396d46c4015ceffdb16fb4eb0607a319b8f679cf7b
SSDEEP

12288:UlkGKdWGBEJyBngIjCDBV0NfxkQsv/CyZJlQ1fS3ECcY8Z9r5QFZtgDzQhE7nANb:IxAEJyBPjCDBVqkQsiyZwbCcTB+eYhk8

Score

N/A

Malware Config

Signatures

Files

UKah6x65xQ.dll
.dll windows x64

07b54129bc2d5c8d5867c9a46df04307

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

CreatePen
DeleteObject
EnumFontFamiliesExW
GetCharABCWidthsFloatA
GetCurrentObject
GetFontLanguageInfo
GetColorAdjustment
GdiFlush
GetICMProfileW

uxtheme

GetCurrentThemeName
DrawThemeParentBackground
SetWindowThemeAttribute
GetThemeTransitionDuration
GetThemeMetric
GetThemeSysColorBrush
GetThemePropertyOrigin
GetThemeBackgroundContentRect

msvfw32

ICRemove
ICImageCompress
GetOpenFileNamePreviewW

Exports

Exports

CLrBvYfwHX
JjnQucTdbOV
JkHYIdDssG
JoAJsZh
JqVuLGZ
KjNuuu
MlMbUOtIp
PfIilARAa
PluginInit
XFVruuT
fUsEIghML
mAnMFqYDISJ
rTjUFdxUAfu
rynavGL

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 685KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy