DComUtil
Static task
static1
Behavioral task
behavioral1
Sample
27856f563c6883fe56be149f6b2543965ec861cb4669f969c577fb100784c384.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
27856f563c6883fe56be149f6b2543965ec861cb4669f969c577fb100784c384.dll
Resource
win10v2004-20220812-en
General
-
Target
27856f563c6883fe56be149f6b2543965ec861cb4669f969c577fb100784c384
-
Size
85KB
-
MD5
1c16bdde7712a0f5944879b3d5fbc733
-
SHA1
5eb8e35d847828cbbf197df8546dcf0d87ed584c
-
SHA256
27856f563c6883fe56be149f6b2543965ec861cb4669f969c577fb100784c384
-
SHA512
9494f06bd6969b13c21aacd7d4c98bec489d9b3c1998d2fb2a6783617db836455553c2226b37e5020c661c04eff62de86f01ae15f88cf050457bdd28075225c4
-
SSDEEP
1536:fuRT+JHfZjRgAcA4QzzV50G0AWvXhO+eam6r2FA+wVq7LVT0A7vaEuqIQQfgDKgv:2sJZ+AKQzH0G0AWvXh5pm6r0mVqXt0Yx
Malware Config
Signatures
Files
-
27856f563c6883fe56be149f6b2543965ec861cb4669f969c577fb100784c384.dll windows x86
07e4d4086b60bbf2be2a01adc4c179c2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CloseHandle
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersion
GetTickCount
ReadFile
WriteFile
DeviceIoControl
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCommandLineA
GetFullPathNameA
GetCurrentDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
OpenMutexA
CreateMutexA
MultiByteToWideChar
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapFree
HeapAlloc
VirtualAlloc
GetProcAddress
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
GetLastError
GetStringTypeA
WaitForSingleObject
GetStringTypeW
advapi32
RegOpenKeyA
RegQueryValueA
RegCloseKey
Exports
Exports
Sections
.text Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 744B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ