4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d | Triage

Submit
Reports

Overview

overview

1

Static

static

4e70655b16...0d.dll

windows7-x64

1

4e70655b16...0d.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d
Size

65KB
MD5

52baf7ea73d44b7d65727aeb05c1986a
SHA1

b27f11cc270ba89d04406b71f416ca8d287fc271
SHA256

4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d
SHA512

d5fc4e234c4b5d7bb6a118df9171b3d9612813b56b101b468c0243b0a0635442536a67b440a8338d6f6e592dd2f0b1a7a52152ab7fc4dce3bc4162bf85066113
SSDEEP

1536:wvelCv2SMvRVu2RF6RogMCfBADx9H48gYPzE52fYRiHvBr0Ed7/qj:LlS2bdR8RPzZOD48JPoUwRiPBr0Ed7/6

Score

N/A

Malware Config

Signatures

Files

4e70655b16a62dfac74273ab50f9e0d7e653fb48b405271c9559e562ba60660d
.dll windows x86

5428b0f673a7a54569999e0ecb8c9ccb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

FsRtlDeregisterUncProvider
ZwFlushKey
IoOpenDeviceRegistryKey
RtlCompareString
IoDeleteSymbolicLink
RtlInitString
RtlCharToInteger
RtlFindLongestRunClear
ZwAllocateVirtualMemory
IoDetachDevice
RtlIntegerToUnicodeString
KeSetImportanceDpc
RtlTimeToTimeFields
IoCheckEaBufferValidity
RtlInitUnicodeString
ObReleaseObjectSecurity
ExDeletePagedLookasideList
SeOpenObjectAuditAlarm
ExUnregisterCallback
KeInitializeSpinLock
KeInitializeSemaphore
MmIsAddressValid
KeReadStateMutex
RtlEqualString
IoStartTimer
RtlEqualUnicodeString
MmQuerySystemSize

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy