JKOGBreMnomvmS[.]dll | Triage

Submit
Reports

Overview

overview

Static

static

JKOGBreMnomvmS.dll

windows7-x64

JKOGBreMnomvmS.dll

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

JKOGBreMnomvmS.dll

Resource

win7-20220715-en

cobaltstrike 1580103814 backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

JKOGBreMnomvmS.dll

Resource

win10v2004-20220721-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

General

Target

JKOGBreMnomvmS.dll
Size

293KB
MD5

05decc372f58871c8dfe738777934cbe
SHA1

0652b1bbda1343df3db7675ee71ef1ac6f43a331
SHA256

c569c168de91839e0c4eef3d0a1064f19d28d98387d2f92bd21c4271dddfee72
SHA512

2b965b8fb228dea16261988503c51e69e82381581a1677543297ca9c7cfd7bee723e5c044dea4e37d0aceed8929b38c5c07a6e6e649e25496a6f4e13ed29166f
SSDEEP

6144:jue4ZYNpGqOV8fJ+KOuRxyoL9AnZcv4r12xX9+oHcquv1:jue4zVIOuRMjsa2N9/PS1

Score

N/A

Malware Config

Signatures

Files

JKOGBreMnomvmS.dll
.dll regsvr32 windows x64

de4594c1609b48f2ff3f3f806c1c85a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

AddFontResourceW
Arc
CreateDIBitmap
CreateICA
ExtEscape
GetBkColor
GetDCPenColor
GetCharABCWidthsW
GetOutlineTextMetricsW
GetFontLanguageInfo
AbortPath
GdiGetBatchLimit
ColorCorrectPalette

usp10

ScriptPlace
ScriptString_pLogAttr
ScriptGetFontScriptTags
ScriptGetFontAlternateGlyphs
ScriptSubstituteSingleGlyph
ScriptLayout

Exports

Exports

DllRegisterServer
FIivvTZnof0Nc
IKEXQkmH
Khnb831
SKg7W5Vz
dvg6kO6sgg2TZXF
kJXQ2pRRebakyrg
owaSY8nOF8p
qWOe86KNKS5neAtc
t6GsC5kh
v02tLiXvaB
wXAKqsG8wi

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OOec
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy