f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7 | Triage

Submit
Reports

Overview

overview

1

Static

static

f97b4d0992...b7.dll

windows7-x64

1

f97b4d0992...b7.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7.dll

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7
Size

119KB
MD5

bcc6a46defb2e488b29b33463040a399
SHA1

e3cf434426372a1f2d536aa0eab16b6182df65a4
SHA256

f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7
SHA512

423c39dea166bfdb2babb280c8fd79cd07482c29c331d9ce6bc3144d6b528f8fc37961de18d1a5b4b567f1c80c828387dd0837b206d2b1d77975c7f9bc0fe4cd
SSDEEP

3072:OdBFY/th46wsJUHlEArmR8yaX+WqqB88scvu:dn46wsJmKGiR

Score

N/A

Malware Config

Signatures

Files

f97b4d09921b22077c927b707fe38b902885519722eb8345d6219973614d51b7
.dll windows x86

6f993ac42c5de0232b17e9de0547c253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlCopyLuid
RtlHashUnicodeString
RtlInitString
ObReferenceObjectByPointer
RtlInitUnicodeString
KeRemoveDeviceQueue
FsRtlLookupLastLargeMcbEntry
IoCancelIrp
KeInsertDeviceQueue
RtlEqualUnicodeString
RtlEqualString
SeDeleteObjectAuditAlarm
RtlxUnicodeStringToAnsiSize
ExRegisterCallback
IoMakeAssociatedIrp
IoCheckEaBufferValidity
KeInitializeEvent

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy