381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f | Triage

Submit
Reports

Overview

overview

8

Static

static

381eda8399...7f.dll

windows7-x64

8

381eda8399...7f.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f.dll

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f
Size

15KB
MD5

29404dfad6bafcc8cf59b498ae587760
SHA1

e37d33f489021259b97e1f2c9eeeae540bb6a6a8
SHA256

381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f
SHA512

f89775dc0df45f33ddab9191b0c14e2311f641ec281351246fbd0db7240f6d00ff3bd951d509f9eda17b4462aca5213c419c5365476dd44a9de6e4bf49801428
SSDEEP

384:TO9VyGzk9yAyqxNzmsFZAsW4QMe5zLGgyiT1:TOr0hHfzmkAs5QZGgyi

Score

N/A

Malware Config

Signatures

Files

381eda839936542e63c1cb2d2e8a98ff7f268a18c2eda8b6116ef4a8eef9207f
.dll windows x86

7752803a0bcb12afcba7c2f1068b4f0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
Module32First
VirtualAllocEx
Process32Next
GetModuleHandleA
CreateToolhelp32Snapshot
GetSystemDirectoryA
GetVersionExA
WinExec
CloseHandle
WriteProcessMemory
CreateThread
lstrcpyA
Sleep
OpenProcess
CreateRemoteThread
WaitForSingleObject
Process32First
HeapAlloc
FreeLibrary
Module32Next
CreateFileA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

advapi32

ControlService
OpenSCManagerA
RegOpenKeyExA
StartServiceA
CreateServiceA
RegSetValueExA
DeleteService
CloseServiceHandle
OpenServiceA
RegCloseKey

Exports

Exports

Execute

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy