ZSAHRTUH
Static task
static1
Behavioral task
behavioral1
Sample
a8a194571bf39862d2ba7d72ccba235b05a3aab4d83570e527d0c34acda2bf74.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a8a194571bf39862d2ba7d72ccba235b05a3aab4d83570e527d0c34acda2bf74.dll
Resource
win10v2004-20220812-en
General
-
Target
a8a194571bf39862d2ba7d72ccba235b05a3aab4d83570e527d0c34acda2bf74
-
Size
126KB
-
MD5
9aee8f927a6402d1b50c75cb4463eb40
-
SHA1
76e538ffe4de64fab2cd23c848149f5dbbe903d6
-
SHA256
a8a194571bf39862d2ba7d72ccba235b05a3aab4d83570e527d0c34acda2bf74
-
SHA512
bbdd1ed0230a50a34d02f418f313af68edfaef40535db5dc87590bce3c200d55e00fe99c84273275689c31c94703ea16ef1d285ed7c67895253296a12ea4c9ee
-
SSDEEP
1536:GXWt3oWbAK/NFk7NTMRT+F/um7n9720ucCjtRXtJPyDP9IJ8WDF8X6n2h:GTWUshp+cm7n97HucotRXe5S8UOKS
Malware Config
Signatures
Files
-
a8a194571bf39862d2ba7d72ccba235b05a3aab4d83570e527d0c34acda2bf74.dll windows x86
2f2cd36df40b55f971ea2fd63d6ee782
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
CreatePenIndirect
EngCreateDeviceBitmap
FONTOBJ_vGetInfo
GetTextColor
GetTextFaceA
MoveToEx
CLIPOBJ_bEnum
kernel32
GetProcAddress
GetTimeZoneInformation
GlobalWire
LoadLibraryW
LocalAlloc
LocalFree
LocalReAlloc
OutputDebugStringW
SetConsoleTitleW
SetFilePointerEx
WideCharToMultiByte
CloseHandle
CompareStringA
CompareStringW
CreateEventW
CreateThread
FindResourceW
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
GetCurrentProcess
GetCurrentThread
GetPrivateProfileIntW
GetStartupInfoA
GetSystemDirectoryW
Heap32ListNext
InterlockedDecrement
InterlockedIncrement
LoadResource
LockResource
QueryDosDeviceA
SetThreadPriority
TlsGetValue
TlsSetValue
TransmitCommChar
VirtualUnlock
WaitForSingleObject
lstrcpyW
lstrcpynW
lstrlenW
VirtualAlloc
DeleteAtom
DisableThreadLibraryCalls
IsBadWritePtr
LocalHandle
SearchPathW
GetCurrentThreadId
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
EncodePointer
TlsAlloc
TlsFree
GetModuleHandleW
SetLastError
GetLastError
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
ole32
ReleaseStgMedium
HWND_UserSize
CoInstall
CoGetApartmentID
CLSIDFromString
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
oleaut32
VarR8Pow
OleCreatePropertyFrameIndirect
VarUI4FromDisp
VarDecFromR4
VarCmp
SafeArrayCopyData
BstrFromVector
VarI1FromDisp
shell32
SHAddToRecentDocs
user32
GetForegroundWindow
LoadCursorW
LoadStringW
GetDlgItem
SetCursor
ShowWindowAsync
wsprintfW
RegisterClipboardFormatW
GetClassWord
CharLowerA
DialogBoxParamW
DlgDirListW
Exports
Exports
Sections
.text Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ