296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292 | Triage

Submit
Reports

Overview

overview

8

Static

static

296e13d917...92.dll

windows7-x64

8

296e13d917...92.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292
Size

648KB
MD5

aa24ef8056f5f1193b91205698efbde8
SHA1

6d3118e3ba42f8d8453313b44e509a1a637f56df
SHA256

296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292
SHA512

cf3ef1341f5e34c2ec6dba85813a647d4078fd76692855ac6f93328b02e0aad91232662e125137d718c62858a1cfc1038b2111dbc8bed8df3d7a47bffd2adc69
SSDEEP

12288:eBTuA+wrx881XEnBXbHV8H9KIPoouAkEwrxg:eBTu2xbqB2Hv7u3x

Score

N/A

Malware Config

Signatures

Files

296e13d917d7920bc6fdc79224ea1c53109bb3952468b845b3eb1cb70e44c292
.dll windows x86

5c4e8b0d769567cd51513926edd1164b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
CloseHandle
WriteFile
Wow64RevertWow64FsRedirection
GetModuleFileNameA
GetEnvironmentVariableA
WaitForSingleObject
CreateProcessA
GetStartupInfoA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
Wow64DisableWow64FsRedirection
IsWow64Process
CreateFileA
GetVersionExA

msvcrt

atoi
??3@YAXPAX@Z
strchr
strrchr
??2@YAPAXI@Z

user32

MessageBoxA
wsprintfA

shlwapi

PathFileExistsA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Exports

Exports

__bn_rfregdrv@0
__bn_urfregdrv@0

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy