f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b | Triage

Submit
Reports

Overview

overview

1

Static

static

f9a816e3a9...7b.dll

windows7-x64

1

f9a816e3a9...7b.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b.dll

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b
Size

56KB
MD5

79d738b014e1f08d7e1eaf070794d306
SHA1

c37265d2238a82a6e89e4b2a5fb7ef57a42eb02f
SHA256

f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b
SHA512

e582d5601d9803460cff6736870367c7be5928bedb2d58dd69b672d57369852603369c4c916dbdd3833ae9990aea013d269ded5e4cd7bca724ba47b87385cada
SSDEEP

1536:PIzl/tPwKb9/d+C34BGfU3O40slCCXiQy6:PcGc4YUe40sIUiQ

Score

N/A

Malware Config

Signatures

Files

f9a816e3a90f9a2c17213dd98da18deb7bc899bf9ea2ae4bf9fd7e204aff817b
.dll windows x86

e25c0c09ba6fae1bccb2c5a883dd66a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeUnstackDetachProcess
RtlEqualUnicodeString
ZwOpenProcess
RtlCompareString
RtlInitUnicodeString
IoQueueWorkItem
ExLocalTimeToSystemTime
_wcsupr
RtlxUnicodeStringToAnsiSize
MmUnmapIoSpace
DbgBreakPointWithStatus
IoGetCurrentProcess
ExRegisterCallback
RtlLengthSecurityDescriptor
ZwFreeVirtualMemory
IoCreateSymbolicLink
IoAllocateWorkItem
MmMapLockedPagesSpecifyCache
RtlInitString
RtlCompareMemory
RtlEqualString
RtlHashUnicodeString
RtlValidSid
FsRtlFastCheckLockForRead

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.file
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.type
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy