Static task
static1
Behavioral task
behavioral1
Sample
3e8c7d76f37de0ee77c1e45561fdae9b296c528ef8a0c8ce20a8bd3e58e2eee4.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3e8c7d76f37de0ee77c1e45561fdae9b296c528ef8a0c8ce20a8bd3e58e2eee4.dll
Resource
win10v2004-20220901-en
General
-
Target
3e8c7d76f37de0ee77c1e45561fdae9b296c528ef8a0c8ce20a8bd3e58e2eee4
-
Size
180KB
-
MD5
580100b134c4465b9514f240e34c3ddd
-
SHA1
aaff8193a39c937c3790e0653bfbf0e4144bea09
-
SHA256
3e8c7d76f37de0ee77c1e45561fdae9b296c528ef8a0c8ce20a8bd3e58e2eee4
-
SHA512
60036c9a65142ed44d9dd681d0c505dfe64feaf02a0a92f48b3bc67c619ad0c6b9d752e5e27a83a45228fa29a168bb9093c32ba0d052f1d2ba1a850e08993554
-
SSDEEP
3072:p00V6Ov8uNC39u53cqFHqbrFSm1dteUBvbC8t1eC/AeTEOgZF6wIddQ4EPZ7p:14bpSmEqbJ1eC/AHOgH6widRER
Malware Config
Signatures
Files
-
3e8c7d76f37de0ee77c1e45561fdae9b296c528ef8a0c8ce20a8bd3e58e2eee4.dll windows x86
5d79f969b3ad967c58f1ffd35f4f1645
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
iphlpapi
GetInterfaceInfo
GetIfEntry
GetAdaptersInfo
CreateIpForwardEntry
DeleteIpForwardEntry
GetIfTable
GetIpForwardTable
SetIpForwardEntry
kernel32
GetProcessHeap
HeapFree
GetModuleHandleW
CreateEventW
CloseHandle
GetLastError
InterlockedDecrement
GetVersionExA
InterlockedIncrement
GetShortPathNameW
LoadLibraryW
SetProcessWorkingSetSize
WaitForSingleObject
MapViewOfFile
OpenFileMappingW
OpenSemaphoreW
ReleaseSemaphore
InterlockedExchange
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
UnmapViewOfFile
FreeLibrary
GetProcAddress
lstrcpynW
lstrcmpW
HeapAlloc
DeleteCriticalSection
InitializeCriticalSection
msvcr80
__CxxUnregisterExceptionObject
_wfindfirst64i32
wcscat_s
wcscpy_s
__CxxQueryExceptionSize
??2@YAPAXI@Z
_errno
??3@YAXPAX@Z
memset
__CxxDetectRethrow
_malloc_crt
free
_crt_debugger_hook
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
__CxxExceptionFilter
_findclose
_wfindnext64i32
_encode_pointer
_wcsicmp
__FrameUnwindFilter
_cexit
malloc
_unlock
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
__CxxRegisterExceptionObject
_encoded_null
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
rasapi32
RasDialW
RasEnumConnectionsW
RasEnumDevicesW
RasEnumEntriesW
RasGetConnectionStatistics
RasDeleteEntryW
RasConnectionNotificationW
RasValidateEntryNameW
RasSetEntryPropertiesW
RasHangUpW
RasGetEntryPropertiesW
RasSetCredentialsW
RasGetCountryInfoW
RasGetConnectStatusW
RasGetErrorStringW
RasGetCredentialsW
rasdlg
RasEntryDlgW
RasDialDlgW
setupapi
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
user32
RegisterWindowMessageW
OpenIcon
BroadcastSystemMessageW
EnableMenuItem
GetSystemMenu
MessageBeep
IsIconic
SetForegroundWindow
SendMessageW
wininet
InternetGetConnectedStateExW
ole32
GetRunningObjectTable
CreateClassMoniker
CoUninitialize
CoInitializeEx
msvcm80
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
mscoree
_CorDllMain
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ