6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed | Triage

Submit
Reports

Overview

overview

1

Static

static

6bf679cec4...ed.dll

windows7-x64

1

6bf679cec4...ed.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed
Size

18KB
MD5

9326ce8dbf312fa27886de778e108e13
SHA1

ffec5cb757bc074778145853b2e9a876388d6cc8
SHA256

6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed
SHA512

e23dda1524e847cd52c8be6a31409e4e819e3e3f2ab3306d6087301f487808b1eea48b96529d899cb433a52db2fb127e63d96582757102772b3fc68690c1ab89
SSDEEP

384:1rDKFb+tnPWjtLf8zvo2FrdwBK6uPB6o0viOkR92/q5:JqatnPWjtLfl2Frqs6uZ6dv7kR98q5

Score

N/A

Malware Config

Signatures

Files

6bf679cec4e4d8ca017e85f62b54da51962b45d4fe1a8ae90e5dfabd6c4af8ed
.dll windows x86

5f5c98a0890f4f20c9ac41f93b418061

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateProcessA
WriteFile
GetTempPathA
GetLocalTime
GetCPInfoExA
GetACP
GetLastError
SetThreadPriority
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
CloseHandle
MultiByteToWideChar
GetSystemDirectoryA
DeleteFileA
Sleep
LoadLibraryA
TerminateThread
GetProcAddress

user32

GetDC

wininet

HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

gdi32

GetBkMode

advapi32

OpenSCManagerA
CloseServiceHandle
ControlService
OpenServiceA
DeleteService

shell32

ShellExecuteExA

msvcrt

memset
strcat
strcpy
sprintf
strrchr
strlen
_except_handler3
memcpy

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy