13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8 | Triage

Submit
Reports

Overview

overview

3

Static

static

13045b776e...f8.dll

windows7-x64

1

13045b776e...f8.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8
Size

153KB
MD5

b38405e5288240dfae49f856e5a36c61
SHA1

de23d3abd9a7fd925c965c6d60375fdff1a81176
SHA256

13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8
SHA512

d116de380990ad1ba14476c01c98663e213e4fb31a9eaa7e12022fb588d8e44be265632fbace047d0e5c331024c7be4b4102044256108763dc4ed50d200ebeef
SSDEEP

3072:qTLsLsGHC1cc0JW458ql25l1EN4u8v3nEJ3kCWcLke:qP1GHSc/JWw8qI6NInEiCWcL

Score

N/A

Malware Config

Signatures

Files

13045b776e2adce4a4aab2889afb6789356731fcc685a9f9d2f0574860eb29f8
.dll windows x86

9c5ca12329b005291e625e972353440c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

user32

wvsprintfA

kernel32

GetCurrentDirectoryW
GetSystemTimeAsFileTime
GetProcessHeap
CreateConsoleScreenBuffer
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess

oleaut32

LHashValOfNameSys
DispGetIDsOfNames
VarUI4FromDec
SysFreeString

Sections

.text
Size: 60KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy