12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a | Triage

Submit
Reports

Overview

overview

3

Static

static

12b2bc41bc...2a.dll

windows7-x64

1

12b2bc41bc...2a.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a
Size

12KB
MD5

846df2ad51c35ddaf273c8da3a3bb297
SHA1

d5618b8802518872249f703f0fb13aaf3bb4aa38
SHA256

12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a
SHA512

e866b7eb3fb5f22dad45c682007b6a6b69b9ed3fbf875973c325328f714eef0fbaf84bebfda97f255829c8567b08473ccaeecce01923cd3252f0923408fe26a4
SSDEEP

192:5ur2OLOm/qUTD6hli/Yh32oJ9Q0UDWQVdchA2nXSQlV3LpllhijQ:58JJeviwhmO1QghAGd3LCjQ

Score

N/A

Malware Config

Signatures

Files

12b2bc41bc1edd88b195b9d5d8fe649def00f922ab1f2f03324b9ae84213582a
.dll windows x86

a2af759fcf75beb487639e773141e53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memset
ObReferenceObjectByName
memcpy
IoDeleteSymbolicLink
_wcsnicmp
RtlInitUnicodeString
IoDeleteDevice
swprintf
RtlGetVersion
ZwClose
IofCompleteRequest
KeServiceDescriptorTable
IoCreateSymbolicLink
MmMapLockedPagesSpecifyCache
IoCreateDevice
ZwOpenKey
PsGetCurrentThreadId
strlen
wcslen
wcsrchr
ObReferenceObjectByHandle
ObfDereferenceObject
RtlMultiByteToUnicodeN
wcscpy
IoGetCurrentProcess
ObReferenceObjectByPointer
PsGetThreadProcessId
ExFreePoolWithTag
MmIsAddressValid
ExAllocatePoolWithTag
_except_handler3

hal

KfRaiseIrql
KfLowerIrql

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 560B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 864B - Virtual size: 850B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 752B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy