TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
nap0936u6sc4x73lx8l8h98cx
Static task
static1
Behavioral task
behavioral1
Sample
964c0163ba31f0c703efc7d449a6a51c569624f540bef6df11cf6d1215b828fa.dll
Resource
win7-20220414-en
Target
964c0163ba31f0c703efc7d449a6a51c569624f540bef6df11cf6d1215b828fa.dll
Size
14.8MB
MD5
3115421f75bd8bd9040584df66224088
SHA1
d8c766ff795a9debdc63a29a8b31374d97b5ab21
SHA256
964c0163ba31f0c703efc7d449a6a51c569624f540bef6df11cf6d1215b828fa
SHA512
65e14c372ac2158e94e808bc098f7195dbe1d6e8f0e7813708841d0999a2ca901448dc037f0779007efb6a153fb42065dd3a1151fa6afe573bbe91df188fb05a
SSDEEP
196608:yPuXnMaKKjaVzqwdXff4Jepu6GY/YPEciRKOlAIcx+RkF8W96:yPuXnMaqhxdXfgqutYAPGIOlI+Rk+3
Processes:
resource | yara_rule |
---|---|
sample | themida |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
nap0936u6sc4x73lx8l8h98cx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ