defiant[.]db[.]dll | Triage

Submit
Reports

Overview

overview

Static

static

defiant.db.dll

windows7-x64

defiant.db.dll

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

defiant.db.dll

Resource

win7-20220812-en

qakbot obama206 1663660089 banker stealer trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

defiant.db.dll

Resource

win10v2004-20220812-en

qakbot obama206 1663660089 banker stealer trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

defiant.db.dll
Size

376KB
MD5

3fd6ff929bb62358cee961d45ff1471d
SHA1

0bc7646576d6c91e41670c87e9fdc404b27d6798
SHA256

1322398514f3a10bdf178bcebb73a261292ea16417161cda1b4d6130c8e88d7b
SHA512

a7f3d23ef5f9ef3ad483f4857c674f54c56cf1674cd69f29b54b08dc4f0d55e29f8f0e0de92627a9e097a45dd3e6c94e78bea6d26dea0ffbbe5cb89668c0226b
SSDEEP

6144:DT1WOGkH9+qJJHMl3yifLLi0epLihYRl/r82HV9kHpjFWBk3WScm2pQdfPnb4dRG:DsRw9DJpApXQRihGl/Zi8Qg1C

Score

N/A

Malware Config

Signatures

Files

defiant.db.dll
.dll regsvr32 windows x86

4105c8801ba046addd9a878f42383222

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetCurrentDirectoryA
CreateFileA
SetFilePointer
CloseHandle
GetLastError
PeekNamedPipe
HeapAlloc
HeapFree
GetProcessHeap
WaitForSingleObject
ExitProcess
CreateThread
GetCurrentThreadId
GetSystemDirectoryA
VirtualAlloc
GetProcAddress
LoadLibraryA
CreateNamedPipeA
GetCurrentActCtx

Exports

Exports

DllRegisterServer
KXI
MHx229
Tin22PP
Vaevy8305

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy