1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146 | Triage

Submit
Reports

Overview

overview

8

Static

static

1686ca3b20...46.dll

windows7-x64

8

1686ca3b20...46.dll

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146.dll

Resource

win7-20221111-en

persistence upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146.dll

Resource

win10v2004-20220901-en

persistence upx

windows10-2004-x64

13 signatures

150 seconds

General

Target

1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146
Size

188KB
MD5

3e3bdeabb95595068d093b42007bc6db
SHA1

856db906589c8bd963484baf50689d91407d9ec7
SHA256

1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146
SHA512

26f151f3c32e7ac9842ff7acd51d5929905aee39d861826627f504f8eab67ce71f3ae9ab9436860d60450f5d137c05c54b9a99c574af467bb21fc3b1d893143a
SSDEEP

3072:UMTmeAbf/5bcyNHXy7Es80yLKBIfQumIP2FS4nujSUlbW5azt:UFf/ZNiXymYkS4nSSUl

Score

N/A

Malware Config

Signatures

Files

1686ca3b2058535343609a161e4da4c0eca6134d6c0db350eb33747b8d74a146
.dll windows x86

8562f1c80d068b637f795812bf1a6fd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetCurrentDirectoryA
GetStartupInfoW
HeapReAlloc
VirtualAlloc
HeapAlloc
VirtualFree
LCMapStringW
GetLastError
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
Sleep
HeapFree
VirtualQuery
InterlockedExchange
VirtualProtect
GetSystemInfo
GetLocaleInfoA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
DisableThreadLibraryCalls
LocalAlloc
LocalFree

msvcrt

memset
_vsnprintf

rpcrt4

I_RpcExceptionFilter
I_RpcMapWin32Status
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree

Exports

Exports

AnyIdentified
OfDeviceNotOfNeed

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy