taxonomy[.]dll[.]exe

Resubmissions

30-11-2022 14:23

221130-rqendabf91 10

29-11-2022 07:29

221129-ja8yaaca8y 1

Sharing

Copy URL

Twitter E-mail

General

Target

taxonomy.dll.exe
Size

1.1MB
MD5

f8a6948b927d6a0408679fc623994571
SHA1

2246524678f02ca6e76d861f29a6a3642309fafe
SHA256

95a37ee707f673e561f3a8dbb27927f7140b8541c12eb805bf47613adc36b584
SHA512

35bbc85f172b4edbdc13aade1db745c6f991533a9c2754ad2223a0358e078df2ab373c4846cb9e0262f749b7bd6de8d1fdd0eeda670b19acc50408b54cb8fb77
SSDEEP

24576:DYDUU4/rSJXCy6hPKfGjQIr0or/yMSjJfMKAXEek9oHpPF:DYQUE+J0jQc9riYXzn

Score

N/A

Malware Config

Signatures

Files

taxonomy.dll.exe
.dll windows x64

4cb33fa9d5d1cc5bb89d87fee502f920

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetCurrentDirectoryA
GetLastError
ConnectNamedPipe
DisconnectNamedPipe
HeapCreate
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
CreateThread
SuspendThread
VirtualAlloc
CreateNamedPipeA
CreateActCtxA
ActivateActCtx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapReAlloc
HeapSize
SetStdHandle
RaiseException
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CloseHandle
WriteConsoleW
CreateFileW

Exports

Exports

LoOZz46Px
TfLXv12k
VRIZS6p
cmfgutil

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 438KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

4cb33fa9d5d1cc5bb89d87fee502f920

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 560KB - Virtual size: 560KB

.data Size: 438KB - Virtual size: 444KB

.pdata Size: 6KB - Virtual size: 6KB

.gfids Size: 512B - Virtual size: 152B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 560KB - Virtual size: 560KB

.data
Size: 438KB - Virtual size: 444KB

.pdata
Size: 6KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 152B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB