1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680 | Triage

Submit
Reports

Overview

overview

3

Static

static

1c854e874b...80.dll

windows7-x64

1

1c854e874b...80.dll

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680.dll

Resource

win7-20220901-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680
Size

294KB
MD5

3284288dbc795ca0cda1ba33e3f96d34
SHA1

a752297d8ed3a9aa0a0adf9d971bc0890ba4b129
SHA256

1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680
SHA512

19763e232c2e43ab3ff2d7ae522d2c4521d1881fd8291c7c563d2c844758471247b3585405b81094fbde2d6639ac7f518462592eb9924f2b4987e6afde83bc8d
SSDEEP

6144:mnbsM2IDp+kmUaj+V/8RFgYyFNX9Tp7hgrn6Q/Y0zKNP:y/2mlms/8InjXVy6Q/Yv

Score

N/A

Malware Config

Signatures

Files

1c854e874b0d7deda92bf870c7af0ddb7f7111c828c70bddfa2af0e47b031680
.dll windows x86

97e9ed6b4e701a30e74dea0a3c3b3898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen

advapi32

AdjustTokenPrivileges
InitializeSecurityDescriptor
OpenProcessToken
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
ControlService

ole32

WriteClassStg
StringFromGUID2
WriteFmtUserTypeStg
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
CoResumeClassObjects
CoRegisterMessageFilter
CoInitialize
WriteClassStm
CoCreateGuid
OleSaveToStream

kernel32

lstrcpyA
WriteFile
UnmapViewOfFile
TlsSetValue
SetEndOfFile
LeaveCriticalSection
GetStartupInfoA
GetCommandLineA
ExitProcess
EnumResourceTypesA
CompareStringA
CloseHandle
SleepEx

Exports

Exports

Coi
Gnk
Hbo
Pil
Rxb
Rxm
Tpv
Tqa
Xix

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 177KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy