Static task
static1
Behavioral task
behavioral1
Sample
370850cbd310671e3ebc2a90a10ce591f3847de724a8a13887ec07422ab99de0.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
370850cbd310671e3ebc2a90a10ce591f3847de724a8a13887ec07422ab99de0.dll
Resource
win10v2004-20220812-en
General
-
Target
370850cbd310671e3ebc2a90a10ce591f3847de724a8a13887ec07422ab99de0
-
Size
56KB
-
MD5
12420bb11e8b9350ceb66745331f4c50
-
SHA1
3b2136ad091dcd2c84ab06c0c9902e245439b1c1
-
SHA256
370850cbd310671e3ebc2a90a10ce591f3847de724a8a13887ec07422ab99de0
-
SHA512
243b63171ffd20a91ca5615346f9a0ac60556ac9268637db3b932c56775cc22988f3049274c217a351d2bcd509524ee0b097b4aedf98589a87efb4200046e665
-
SSDEEP
1536:cQousBRhFncLIQW0HSRhpiOxzHaMmmuKv/j1pv5t:LCRhpSSj/z6M/BHt
Malware Config
Signatures
Files
-
370850cbd310671e3ebc2a90a10ce591f3847de724a8a13887ec07422ab99de0.dll windows x86
aa46cd4272dd16315a821c96c69e527f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReadFile
WriteFile
WriteProcessMemory
GetCurrentProcess
VirtualProtect
CreateFileA
WaitNamedPipeA
GetProcAddress
GetModuleHandleA
msvcrt
wcscmp
_ftol
free
_initterm
malloc
_adjust_fdiv
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 464B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.www0 Size: 4KB - Virtual size: 280B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.www1 Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ