21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb | Triage

Submit
Reports

Overview

overview

1

Static

static

21b3048979...fb.dll

windows7-x64

1

21b3048979...fb.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb.dll

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb
Size

32KB
MD5

ca7063a9bb32b508df2b445b37098600
SHA1

9efd954eca7360a9bf24cef2bc0373c0eaee4eac
SHA256

21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb
SHA512

46b955db54ba08d5ff111f0fb23282f246d2ee2aa200ab7cb51883f754eef313fbbac1ec8126e45135e64855caf10368e3fff97b47af7237e53023e44d424862
SSDEEP

384:c/A6yRw1QOOZ4zCDj2iR1vHZNHGVY2mJj5O:rVRwuHZ4eDj2iRlHZNHGVY2mJA

Score

N/A

Malware Config

Signatures

Files

21b3048979470b1bd4171cd07f9a1f51c8720a0ec20c0fc44f888ae881b76efb
.dll regsvr32 windows x86

209ecd8758f990c795fdb564906f7d9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
LoadLibraryA
GetWindowsDirectoryA
DeleteFileA
GetProcAddress
CreateThread
CloseHandle
InterlockedIncrement
GetLocalTime
GetModuleFileNameA
GetSystemDirectoryA

user32

UnhookWindowsHookEx
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
KillTimer
SetWindowsHookExA
FindWindowExA
PostMessageA
DefWindowProcA
CallNextHookEx
RegisterClassExA
CreateWindowExA
ShowWindow

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

msvcrt

_initterm
free
strchr
fopen
fwrite
fclose
_access
strstr
_strlwr
malloc
_adjust_fdiv
_stricmp
strrchr
??2@YAPAXI@Z
sprintf
__CxxFrameHandler
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy