44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1 | Triage

Submit
Reports

Overview

overview

1

Static

static

44306fe8c0...d1.dll

windows7-x64

1

44306fe8c0...d1.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1
Size

16KB
MD5

0e37cb34559a7df1decfe0ff6287c2da
SHA1

2f11b9de33e74baf8951a21a6aa863579033f92b
SHA256

44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1
SHA512

4aa8ad5be52c51db646c4e309b1c911700839b5d537741b8b797d344d1b1fad3fe01cae2c969e7f9c9b7cc88d9f45acee2881bf0288bdd1b040c2a58c150f4fd
SSDEEP

384:ISDYEK63sE8RLzx7XrzBTRDWrrkbkJyhx0hx6hxThxMWCVW:ImK6cHLt7XBUrIYycCrU

Score

N/A

Malware Config

Signatures

Files

44306fe8c0cb213f94f63b5f1720ac70f79ca3e7de9148a662750c07d514ebd1
.dll windows x86

538e0db4adf52b812d69472aa7377703

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
DisableThreadLibraryCalls
lstrcmpiW
CreateThread
WideCharToMultiByte
VirtualFreeEx
MultiByteToWideChar
lstrcmpiA
GetProcAddress
VirtualAllocEx
GetModuleHandleA
GetCurrentProcessId
lstrcmpA
VirtualFree
VirtualAlloc
GetModuleHandleW
GetModuleFileNameA
VirtualProtect
IsBadReadPtr
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

user32

UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW

ntdll

RtlFreeAnsiString
NtQueryInformationThread
NtClose
RtlUnicodeStringToAnsiString
NtOpenProcess
strstr
memset
memcpy

Exports

Exports

getActiveDesktop
getWnd

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy