327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f | Triage

Submit
Reports

Overview

overview

1

Static

static

327131e4e6...6f.dll

windows7-x64

1

327131e4e6...6f.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f.dll

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f
Size

18KB
MD5

62d9bc0e97bc02209bf0c92907d2cdd0
SHA1

3a7d215ec71170ffe814bb8859bfe427b2152f54
SHA256

327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f
SHA512

46bac958ea3e313d473579862f93ac37f9470d4638f438f996b6fc2ab5b956cad910d2b3b5a3cacd0eee52404ca57a075b3f602fc128c971faa496d16fafe90f
SSDEEP

384:sldqH2iV3OVxQFYYIji1y/v8Y3v5WMo/bwW0:sjidOvQFYPjay/v8Y3v+q

Score

N/A

Malware Config

Signatures

Files

327131e4e690164fec7e94b1e98fdb5dac402885471188350e90bf22ffbb1b6f
.dll windows x86

139e1e31cca8baaea01e4ed4c1377519

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
ExitProcess
lstrcmpiA
CreateThread
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
GetModuleFileNameA
CloseHandle

user32

OpenWindowStationA
GetProcessWindowStation
SetProcessWindowStation
CloseWindowStation

msvcrt

_initterm
strncpy
strrchr
strcat
memcpy
strlen
free
malloc
_adjust_fdiv

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerExA

Exports

Exports

DriverProc
ServiceMain
widMessage
wodMessage

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy