209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69 | Triage

Submit
Reports

Overview

overview

1

Static

static

209194be9a...69.dll

windows7-x64

1

209194be9a...69.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69
Size

52KB
MD5

57ac77aad08d0eae33c235471d34d676
SHA1

d4bc3574b935a9215a0b5947e3878f5f790261ad
SHA256

209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69
SHA512

f1146b34abf9d35f4342c53d91998268a31ae24c6289dd41fa676627a98e8b949d7f86aad2eb2f6772199fde6db0bac8dfc5b76f8653cb3891adb1eb4f2aadd7
SSDEEP

1536:iVMYXc+GmTwWhRwjzsVKrjqwuCIhZzv7G4:iVMYXlIzYW24Ih5v77

Score

N/A

Malware Config

Signatures

Files

209194be9abeb7a5b6240ff4294936fa689cef91c332d903869507ec896f5a69
.dll windows x86

9dd3271dda225796eea64c9dabc5fff1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
KeInitializeDeviceQueue
KeReadStateTimer
IoIsWdmVersionAvailable
RtlInitUnicodeString
RtlInitString
RtlDeleteRegistryValue
RtlUnicodeToMultiByteN
KeRegisterBugCheckCallback
ZwFreeVirtualMemory
ExAllocatePoolWithTag
RtlUnicodeStringToInteger
KeDelayExecutionThread
RtlCompareString
KeSetEvent
RtlNtStatusToDosError
RtlGetNextRange
RtlCharToInteger
RtlEqualString
RtlEqualUnicodeString
PoUnregisterSystemState
RtlUpcaseUnicodeToOemN
MmUnmapIoSpace
RtlIntegerToUnicodeString
ExCreateCallback
IoReuseIrp
ZwQueryInformationFile
IoSetThreadHardErrorMode

hal

KeQueryPerformanceCounter
HalAcquireDisplayOwnership

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy