Vmcoqkxldefhrsw
Static task
static1
Behavioral task
behavioral1
Sample
ado7ptnc.dll
Resource
win7-20220414-en
General
-
Target
ado7ptnc.jpg
-
Size
476KB
-
MD5
c286403d239ce8885a9774ac140cc1d0
-
SHA1
b4e32fb2ae4870ba77d0026c06d8430ac61c6cc9
-
SHA256
6a66ea28b464bc274149c4a1f07987eb7f8ff22f8e05e92679661474d98a3253
-
SHA512
5f93a756fe95a2ce8dbf9bd9d1f7e51b0af0387be7b7b18d4fcafcf9864d674c6f50a2d463b6b4da65685c0766c93d78e1eff715b2c4b7de094d8fcde05c61de
-
SSDEEP
12288:LQG80io88EmEkECG2EGoyEW+DBY49h4oJIH7lK:cG80io88EmEkECG2EGoyEW++HKylK
Malware Config
Signatures
Files
-
ado7ptnc.jpg.dll windows x86
5293be9dcc3fe4423188dd90c7dd2d89
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ImageList_ReplaceIcon
setupapi
SetupDiOpenDeviceInterfaceW
shlwapi
AssocGetPerceivedType
pdh
PdhAddCounterW
ntdsapi
DsGetDomainControllerInfoW
esent
JetInit
user32
BlockInput
DefMDIChildProcW
GetWindowTextA
CreateWindowExA
IsWinEventHookInstalled
GetClassNameA
GetWindowContextHelpId
FillRect
TranslateMessage
iphlpapi
GetIpAddrTable
ws2_32
WSACleanup
inet_addr
gdi32
SetWindowOrgEx
GetViewportOrgEx
Polyline
oleaut32
VarCyFromR4
imm32
ImmGetCandidateListW
ole32
CoCreateInstanceEx
StringFromGUID2
CoGetObjectContext
wintrust
WintrustSetRegPolicyFlags
lz32
LZCopy
advapi32
CryptContextAddRef
CryptAcquireContextW
RegCloseKey
CryptGenKey
CreateRestrictedToken
rpcrt4
NdrGetUserMarshalInfo
RpcMgmtSetCancelTimeout
opengl32
glBegin
crypt32
CryptUnregisterOIDFunction
CertCreateContext
winmm
waveOutGetPitch
kernel32
CreateFileW
GetModuleFileNameW
CloseHandle
InitAtomTable
VirtualAllocEx
GetProcessVersion
DeleteTimerQueue
wininet
InternetReadFile
msvcrt
wcscoll
memset
Exports
Exports
Sections
.text Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 404KB - Virtual size: 402KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 752B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ