b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7 | Triage

Submit
Reports

Overview

overview

1

Static

static

b0c9dec5d7...e7.dll

windows7-x64

1

b0c9dec5d7...e7.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7.dll

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7
Size

76KB
MD5

913230d0c3d81fc607118a97dae02bdd
SHA1

42cdd589646214844171faf088f2427aca49acce
SHA256

b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7
SHA512

df4f7be5906b0ffdc3b4eb11700c58bcd5067322b260c14dcab0b06b893ea691eaaea0de50cb37cacb2c06a4296dee961576a23f19e368b99b5463761e797ada
SSDEEP

1536:xe2YY45JOfDAky7TnTA6N2M5sIEo4JPBL9rDoFWS2KjpxPEC9tgKK94Do99:Q2YRwAkGI6N2EXE53L9Y47KjptEyt64q

Score

N/A

Malware Config

Signatures

Files

b0c9dec5d7d1ebc13c97b79df3d922cee19e997c1e3c7b4345c5892ce1175fe7
.dll windows x86

25ee1f6b800ed6619fef1ef3a8f8a5d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsApiFree
DnsQueryConfigAllocEx
DnsNameCompare_W

kernel32

LocalAlloc
LocalFree
SetLastError
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

msvcrt

wcscat
_adjust_fdiv
malloc
_initterm
free
wcschr
wcscmp
wcsncpy
wcslen
wcscpy

wldap32

ord113
ord27
ord147
ord133
ord26
ord36
ord120
ord208
ord13
ord140
ord73
ord41
ord224
ord170
ord157
ord69
ord79
ord77
ord142

ws2_32

WSAStartup
WSCInstallNameSpace
WSCUnInstallNameSpace
WSACleanup

Exports

Exports

InstallNTDSProvider
NSPStartup
RemoveNTDSProvider

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy