7b65[.]dll | Triage

Resubmissions

12/09/2022, 19:24

220912-x4n2vshgcr 1

12/09/2022, 19:22

220912-x3qjaseaa9 1

12/09/2022, 19:19

220912-x1yf5adhh7 1

Sharing

Copy URL Twitter E-mail

General

Target

7b65.dll
Size

177KB
MD5

2715de417b9a439285b44acaf9d2c824
SHA1

61645dc971fef6c9e32767019fa43ef8e5fc859a
SHA256

7b652f70a519ace8993c3ed29f7d4a655aeef3470c1c953865d655f651f55289
SHA512

00b822f509daa008ca3d77f75333bbd20d9c6f42fb3be41b72a0df7aeeaf48256b46f13e15b950649d6a17d5ea5f14309025315212edef80697d8749a7fc4f24
SSDEEP

3072:Rreiq3wO7TUX1O9NdJa7faGuRy5V3DJdU/os0UU/6eHCV1zcbWynMGLpb:RwAOf86Nd0GGuRyXDJaosxFeEyR1b

Score

N/A

Malware Config

Signatures

Files

7b65.dll
.dll windows x86

669ba938696c9c51f6e1250bb3988e3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CopyFileA
WTSGetActiveConsoleSessionId
FreeConsole
AttachConsole
GetConsoleProcessList
CreateFileA
GetFileSize
SetFilePointer
WriteFile
GetEnvironmentVariableA
GetFileAttributesA
ReadFile
SetFileAttributesA
GetCurrentThread
SetThreadPriority
TerminateThread
ResumeThread
CreateProcessA
SetPriorityClass
GetTickCount
VirtualAlloc
VirtualFree
LocalFree
GetShortPathNameA
GetCurrentThreadId
HeapAlloc
HeapFree
GetProcessHeap
VirtualProtect
CancelIo
lstrcatA
WriteConsoleW
HeapSize
CreateFileW
GetStringTypeW
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
lstrcpyA
lstrcmpiA
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetTickCount64
GetLocalTime
GetSystemInfo
GlobalMemoryStatusEx
OpenProcess
ProcessIdToSessionId
GetExitCodeProcess
TerminateProcess
ExitProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
CreateEventA
CreateMutexA
GetCommandLineA
WaitForSingleObject
ReleaseMutex
SetEvent
GetLastError
CloseHandle
OutputDebugStringA
FindFirstFileExW
FindClose
DecodePointer
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
GetConsoleMode
HeapReAlloc
GetFileType
GetStdHandle
CreateDirectoryA
ExpandEnvironmentStringsA
ResetEvent
LCMapStringW
GetModuleFileNameW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
VirtualQuery
EnterCriticalSection
LeaveCriticalSection

user32

OpenInputDesktop
GetWindow
CloseDesktop
FindWindowA
GetClassNameA
SetThreadDesktop
ExitWindowsEx
GetUserObjectInformationA
wsprintfA
GetMessageA
TranslateMessage
GetWindowTextA
GetThreadDesktop
DispatchMessageA
CreateWindowExA
RegisterClassExA
DefWindowProcA

advapi32

RegSetValueExA
CreateProcessAsUserA
DuplicateTokenEx
GetTokenInformation
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
DeleteService
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
ConvertSidToStringSidA
UnlockServiceDatabase
StartServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerExA
OpenServiceA
OpenSCManagerA
LockServiceDatabase
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
ChangeServiceConfigA
SetTokenInformation
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenProcessToken

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantInit

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSQuerySessionInformationA

iphlpapi

GetAdaptersInfo
GetIfTable

shlwapi

SHDeleteKeyA

ws2_32

WSACleanup
WSAStartup
WSAIoctl
closesocket
gethostbyname
getsockname
gethostname
socket
connect
htons
recv
select
send
setsockopt

Exports

Exports

Angela
Confulme

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

669ba938696c9c51f6e1250bb3988e3a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wtsapi32

iphlpapi

shlwapi

ws2_32

Exports

Exports

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 11KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 11KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 6KB - Virtual size: 6KB