autorun[.]dll | Triage

Resubmissions

15-09-2022 12:33

220915-pre97adaf5 10

12-04-2022 16:13

220412-tn3crsgfd6 9

Sharing

Copy URL

Twitter E-mail

General

Target

autorun.dll
Size

2.8MB
MD5

8dbc3035b9bb7ba4e7cac241038d239a
SHA1

dd803a0e41bdaa2c2d6ee86bb0dfa288da788bce
SHA256

5be0c2df3f2dbca7bfbe77a8eb96abc472bfc6a566aa26cccd8e9937f446dad3
SHA512

db800f2af108c627fe165c96b42c9efc2bbdd13c67c28aa6c7dd8df79df9ca7e4e4a8cd8587fabdeba7c97c85d7a243191409191035ccfe5683d0ca161f3bf54
SSDEEP

49152:Uahx4O5E8i+IPSliaD9N0Hq5R+jJaRzj4t8MzSRMpENkyk/priDTnJK:fxy8i9snaq5R+jJaRz

Score

N/A

Malware Config

Signatures

Files

autorun.dll
.dll windows x64

708e5362b020437910496bc30e1d0517

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
GetCurrentThreadId
GetConsoleOriginalTitleA
GetModuleFileNameA
GetModuleHandleExA
GetProcAddress
LoadLibraryA
LoadLibraryW
GetActiveProcessorGroupCount
CreateDirectoryTransactedW
FlushFileBuffers
MoveFileTransactedW
VirtualProtect
DecodePointer

user32

WinHelpA
DispatchMessageA
GetClientRect
SetProcessDefaultLayout
RegisterTouchWindow
AllowSetForegroundWindow
CharUpperA

gdi32

GdiComment
SetDIBits
EnumEnhMetaFile
D3DKMTCreateSynchronizationObject2
GetRasterizerCaps

shell32

ord4
SHGetPathFromIDList
ExtractIconExA
SHGetPathFromIDListW
ord682
SHCreateDefaultContextMenu

ole32

ComPs_NdrDllCanUnloadNow
NdrProxyForwardingFunction32
WdtpInterfacePointer_UserSize
HACCEL_UserFree
CoGetCurrentProcess
HWND_UserFree

Exports

Exports

IternalJob
SetPath

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

708e5362b020437910496bc30e1d0517

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 1.6MB - Virtual size: 1.6MB

.pdata Size: 512B - Virtual size: 396B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 1.6MB - Virtual size: 1.6MB

.pdata
Size: 512B - Virtual size: 396B

.rsrc
Size: 7KB - Virtual size: 7KB