32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad | Triage

Submit
Reports

Overview

overview

3

Static

static

32e1e706de...ad.dll

windows7-x64

3

32e1e706de...ad.dll

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad
Size

170KB
MD5

844bb3da1bbd49324e91a815c84302ec
SHA1

7746eaa21ac81d55123f753da7cf2781a8945415
SHA256

32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad
SHA512

57125e6c412d0615d51e400c4875c3b4d5bc577c61588d7342276202b2dedd44b580af1448b34368a5a1229eeee708a2bf390fff99569cd5cfe3b408637ba8f5
SSDEEP

3072:25jAaL17ZppHO5lV+EHfjvEnZumUPiwMMQVFfT3CFpt9P6oCub:ZVRHbvsSPiwMlvmFZcu

Score

N/A

Malware Config

Signatures

Files

32e1e706deb323e773f5081b3cf7391fc258604d50e512298903f02bc60625ad
.dll windows x86

2e207172a60f8e83773dd41cf9c25fad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW

kernel32

GetCurrentProcessId
GetModuleHandleA
GetProcAddress
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
lstrlenW
FindFirstFileW
FindNextFileW
ExitProcess

user32

IsWindow

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

msvcrt

__getmainargs
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf
_XcptFilter
__p__commode

gdi32

PolyDraw

Exports

Exports

ADeviceGetCaps
ASet
BeginTransaction
CreateQuery
DeleteTable
ExternalRestore
FInitializeRichEdit
GenerateUniqueFileName
PSTGetData
PVGetCertificateParam
PrepareUpdate
TruncateLog

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 397B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy