AAPCZZYL
Static task
static1
Behavioral task
behavioral1
Sample
84040ef7043bf6c69a06e7a76283195d0360e66b6f4246b325a97350c6a0ffce.dll
Resource
win7-20220812-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
84040ef7043bf6c69a06e7a76283195d0360e66b6f4246b325a97350c6a0ffce.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
84040ef7043bf6c69a06e7a76283195d0360e66b6f4246b325a97350c6a0ffce
-
Size
128KB
-
MD5
b603cc0d0cf67ca925a01e152fe1a121
-
SHA1
2e01736d7bc63aed063be4e916afa6b832e53e9e
-
SHA256
84040ef7043bf6c69a06e7a76283195d0360e66b6f4246b325a97350c6a0ffce
-
SHA512
dce1c9248e808d6c4dc8ade940333e7817a2b2bd8de7c74418ba01c6ac920fccca688c1b11d6bc880210dc9eaf5d0e5c646dc9eb6a1a8c1f42d0c237a74abfb9
-
SSDEEP
3072:lFVixcb5WH52Jn/3S5ODWJ8nmFFZA4Muo:f5WHCiAnu
Score
N/A
Malware Config
Signatures
Files
-
84040ef7043bf6c69a06e7a76283195d0360e66b6f4246b325a97350c6a0ffce.dll windows x86
5bab86a90e586e7be7f5bd2cca9bbc02
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
SetNamedSecurityInfoExA
LsaSetDomainInformationPolicy
AddAccessAllowedObjectAce
LookupAccountNameW
InitializeSid
GetNamedSecurityInfoW
SystemFunction009
ElfRegisterEventSourceW
LsaRemoveAccountRights
LookupSecurityDescriptorPartsA
RegGetKeySecurity
CryptSetProviderW
QueryServiceObjectSecurity
ElfReadEventLogW
RegEnumValueA
BuildImpersonateTrusteeW
RegEnumKeyA
IsValidSecurityDescriptor
LsaGetUserName
AllocateAndInitializeSid
RegOpenKeyExW
TrusteeAccessToObjectW
LsaCreateTrustedDomainEx
LsaEnumerateAccountRights
CryptHashData
CryptImportKey
OpenServiceW
LsaClearAuditLog
ObjectDeleteAuditAlarmW
LookupPrivilegeValueA
ChangeServiceConfig2W
ElfOpenEventLogW
CryptEnumProviderTypesA
I_ScSetServiceBitsW
GetSecurityDescriptorOwner
GetSecurityInfoExW
BuildExplicitAccessWithNameA
SetPrivateObjectSecurity
CheckTokenMembership
ChangeServiceConfigW
GetNumberOfEventLogRecords
LsaCreateTrustedDomain
LsaSetSecurityObject
CreatePrivateObjectSecurity
RegQueryValueExA
RegSetValueExW
PrivilegedServiceAuditAlarmA
ObjectOpenAuditAlarmW
ControlService
AccessCheckByType
CryptDuplicateHash
LsaSetInformationTrustedDomain
LsaSetTrustedDomainInformation
SetNamedSecurityInfoExW
ConvertToAutoInheritPrivateObjectSecurity
AccessCheck
ConvertSidToStringSidW
SystemFunction005
GetFileSecurityW
GetMultipleTrusteeW
MapGenericMask
CryptSetProviderA
LsaSetSystemAccessAccount
SystemFunction002
RegRestoreKeyW
ConvertAccessToSecurityDescriptorA
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegLoadKeyA
LsaEnumerateAccountsWithUserRight
LsaDelete
GetKernelObjectSecurity
ConvertSidToStringSidA
LsaSetQuotasForAccount
CryptEnumProvidersW
TrusteeAccessToObjectA
GetTrusteeFormA
CloseEventLog
AddAccessDeniedObjectAce
LsaLookupNames
BuildExplicitAccessWithNameW
LookupPrivilegeDisplayNameA
CryptVerifySignatureW
GetAccessPermissionsForObjectW
AddUsersToEncryptedFile
SetUserFileEncryptionKey
StartServiceA
SystemFunction016
SetTokenInformation
ElfReportEventA
RegisterServiceCtrlHandlerA
LogonUserA
AddAuditAccessObjectAce
GetSidLengthRequired
QueryServiceConfig2A
QueryServiceConfig2W
LsaEnumerateAccounts
LsaQueryInfoTrustedDomain
SystemFunction011
SetSecurityInfoExW
CreateServiceW
GetMultipleTrusteeOperationA
FileEncryptionStatusA
ElfOldestRecord
RegSetValueW
ConvertSecurityDescriptorToAccessNamedW
AbortSystemShutdownA
SystemFunction022
comctl32
ImageList_DrawIndirect
ImageList_Remove
ord3
FlatSB_EnableScrollBar
FlatSB_SetScrollInfo
FlatSB_GetScrollProp
ImageList_EndDrag
FlatSB_SetScrollRange
ord7
ImageList_DragMove
ImageList_GetImageCount
ImageList_SetImageCount
PropertySheetA
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Copy
ord17
ord15
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_DragLeave
_TrackMouseEvent
ImageList_Destroy
ord16
ImageList_SetFilter
ImageList_GetDragImage
ord6
ImageList_Write
CreateStatusWindowW
FlatSB_GetScrollRange
ImageList_Duplicate
InitCommonControlsEx
ImageList_DragEnter
ord14
ImageList_Add
ord5
FlatSB_SetScrollProp
ImageList_Replace
ImageList_BeginDrag
ImageList_Read
ord4
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_AddIcon
ord8
ImageList_GetIconSize
ImageList_Draw
CreateToolbarEx
FlatSB_ShowScrollBar
UninitializeFlatSB
CreatePropertySheetPageW
ImageList_Create
DrawStatusTextW
ord2
PropertySheetW
DestroyPropertySheetPage
ImageList_GetImageRect
CreatePropertySheetPageA
ImageList_SetIconSize
FlatSB_GetScrollInfo
ImageList_GetBkColor
ImageList_Merge
ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_DrawEx
FlatSB_GetScrollPos
ImageList_GetIcon
ord13
ImageList_ReplaceIcon
gdi32
SetTextCharacterExtra
ExtTextOutW
CreateDiscardableBitmap
ResetDCA
GdiGetPageCount
SelectClipPath
DeleteObject
SetBitmapBits
EnumICMProfilesA
CreateBitmap
AddFontResourceW
GetObjectW
EnumEnhMetaFile
SetPaletteEntries
SaveDC
GetTextMetricsA
CreateFontIndirectExA
GetDIBits
ArcTo
GetPath
DeleteMetaFile
CreateRectRgnIndirect
GetTextExtentPoint32A
SetMetaFileBitsEx
CreatePatternBrush
CreateDIBSection
StretchDIBits
TextOutA
SetGraphicsMode
RectInRegion
GetLayout
FlattenPath
GetObjectType
DeleteEnhMetaFile
Arc
AddFontResourceExW
CreateICW
SelectPalette
AbortDoc
DeleteColorSpace
CreatePolygonRgn
Pie
ResetDCW
SetPixelFormat
GetBitmapBits
GetTextExtentPoint32W
GetEnhMetaFileDescriptionW
SetArcDirection
GetCharWidthFloatA
GetDeviceGammaRamp
SetLayout
ExtEscape
PolyPatBlt
GdiArtificialDecrementDriver
GdiFlush
EudcUnloadLinkW
ExtFloodFill
EnableEUDC
GetArcDirection
CreateFontIndirectW
EndFormPage
RemoveFontResourceW
RemoveFontResourceExA
UpdateICMRegKeyA
EnumFontsA
SetBoundsRect
RemoveFontMemResourceEx
MoveToEx
MaskBlt
DeviceCapabilitiesExW
GetWorldTransform
CreatePenIndirect
ExtCreateRegion
Polyline
SetWindowOrgEx
GdiSetBatchLimit
CreateEnhMetaFileW
GetMetaFileW
GetDeviceCaps
GdiStartPageEMF
UpdateColors
CreateRoundRectRgn
CreateFontIndirectA
GetTextFaceW
PolyTextOutW
CopyEnhMetaFileW
DescribePixelFormat
GetRelAbs
GetPixelFormat
GetTextExtentExPointA
GetTextColor
GetColorSpace
CombineTransform
CreateColorSpaceW
GetCharWidth32A
StrokeAndFillPath
PlgBlt
SetMapMode
EndPage
GetCharABCWidthsW
GetCharacterPlacementA
EnumFontFamiliesExA
PolyTextOutA
kernel32
GetVersion
VirtualAlloc
GetHandleInformation
PrepareTape
FileTimeToLocalFileTime
GlobalFindAtomW
GetPrivateProfileStructA
CreateProcessA
GetStringTypeExW
SetLastError
FindClose
SetLocalTime
OpenProcess
Module32NextW
GetConsoleAliasExesA
AssignProcessToJobObject
GetPrivateProfileStringA
GetCurrencyFormatA
FindAtomA
LoadResource
EnumCalendarInfoW
FatalExit
DeleteFileW
IsValidLocale
GetDefaultCommConfigA
WritePrivateProfileStringA
GetCurrencyFormatW
GetProcAddress
GetTempPathA
GetSystemTime
LoadLibraryA
CommConfigDialogA
EraseTape
GetLongPathNameA
QueryInformationJobObject
WriteConsoleInputW
GlobalHandle
InterlockedExchange
ExitThread
_llseek
VerLanguageNameW
GetProcessHeaps
GetFileSize
EnumSystemCodePagesW
FindNextVolumeMountPointA
SizeofResource
UpdateResourceW
ReplaceFile
CreateSemaphoreA
GetTapePosition
GetModuleHandleA
GetPrivateProfileIntW
GetCurrentProcess
ConnectNamedPipe
GetConsoleInputWaitHandle
VirtualFreeEx
FormatMessageA
GetProcessHeap
GetLargestConsoleWindowSize
GetPrivateProfileSectionA
RemoveDirectoryA
BuildCommDCBA
TransactNamedPipe
SetCalendarInfoW
FindFirstFileExA
SetConsoleMenuClose
LoadModule
FileTimeToDosDateTime
OpenEventA
Process32First
HeapValidate
GetDriveTypeA
GetCompressedFileSizeA
CreateProcessW
GlobalGetAtomNameA
GetConsoleCommandHistoryLengthA
SetErrorMode
EnumDateFormatsExA
FindVolumeMountPointClose
HeapAlloc
SetConsoleActiveScreenBuffer
VerLanguageNameA
GetVolumePathNameW
GetCPInfo
GetComputerNameA
opengl32
glRectfv
glRotatef
glPixelMapfv
wglGetCurrentContext
glTexGeniv
glCopyTexSubImage2D
glColor3iv
glColor4uiv
glColor3uiv
glGetTexLevelParameteriv
glColor4bv
GlmfEndPlayback
glCullFace
glRasterPos4iv
glDepthFunc
glGetMaterialiv
glTexParameterf
glGetMaterialfv
glTexCoord2iv
glHint
glTexCoord4s
glStencilMask
glCopyPixels
glEvalCoord1f
glTexCoord1i
glRasterPos3d
glTexCoord2f
glPushName
glColor4d
glColor3bv
glEvalPoint1
glTexCoord1dv
glDrawPixels
glPopName
glColor4ubv
glAreTexturesResident
glPushMatrix
glColor4usv
glBegin
glClearAccum
glIndexfv
glEnable
glLightfv
wglUseFontBitmapsA
wglSwapBuffers
glIndexdv
wglCreateContext
glMaterialfv
glGetTexImage
glDepthRange
glColor3f
glTexEnvi
glRasterPos3dv
glRenderMode
glVertex4dv
glGetError
glDebugEntry
glMaterialf
glLightf
wglGetCurrentDC
glColor3sv
glRecti
glNormal3d
glIndexPointer
glTexCoord4sv
glTexCoord4i
wglGetDefaultProcAddress
glVertex3i
wglShareLists
glRasterPos2iv
glNormalPointer
wglSetPixelFormat
glTexCoord4fv
glVertex2sv
wglGetProcAddress
glDeleteTextures
glVertex4d
glBitmap
wglGetLayerPaletteEntries
glGetTexEnviv
glEvalCoord2d
glLineWidth
glRasterPos2f
glColor4i
glMateriali
glPixelStoref
glCopyTexImage1D
glTexCoord2dv
glEnd
glTexCoord4dv
glAccum
shell32
DragFinish
Shell_NotifyIconW
StrNCmpA
SHQueryRecycleBinA
StrRChrIW
StrNCmpIA
StrRStrIA
SHGetDiskFreeSpaceA
StrRStrIW
SheGetDirA
ShellExecuteExA
SHChangeNotify
DragAcceptFiles
ShellExecuteExW
ExtractIconW
SHGetSpecialFolderPathW
SHGetPathFromIDListA
DragQueryFileA
SheChangeDirA
ExtractAssociatedIconExW
InternalExtractIconListW
ExtractAssociatedIconW
RealShellExecuteW
SHQueryRecycleBinW
SHGetDataFromIDListW
SHGetSpecialFolderPathA
ExtractAssociatedIconExA
ShellExecuteA
StrNCmpIW
StrNCmpW
FindExecutableA
StrCmpNIW
SHGetMalloc
CommandLineToArgvW
ShellAboutW
RealShellExecuteExA
StrRChrA
SheChangeDirExW
StrRChrW
Shell_NotifyIconA
StrCmpNA
SHEmptyRecycleBinW
InternalExtractIconListA
WOWShellExecute
SHEmptyRecycleBinA
StrStrW
SHInvokePrinterCommandW
FindExecutableW
FreeIconList
StrChrIA
SHFreeNameMappings
DoEnvironmentSubstA
StrChrW
DragQueryPoint
SHGetSettings
ord179
DuplicateIcon
CheckEscapesW
DragQueryFileW
SHGetInstanceExplorer
SheSetCurDrive
SHInvokePrinterCommandA
DragQueryFileAorW
SHAddToRecentDocs
StrRStrW
SHLoadInProc
SHGetDesktopFolder
ExtractAssociatedIconA
SHGetFileInfoA
SHBrowseForFolderA
SHBrowseForFolderW
SHGetSpecialFolderLocation
StrStrIW
user32
GetClassInfoExA
DrawTextA
GetQueueStatus
FindWindowExA
SetWinEventHook
DlgDirSelectComboBoxExW
SetWindowContextHelpId
DdeInitializeW
PackDDElParam
GetClassNameW
WindowFromDC
RegisterDeviceNotificationA
InSendMessageEx
ArrangeIconicWindows
SetDebugErrorLevel
ClipCursor
CreateCursor
IsCharUpperW
DlgDirListComboBoxW
SwapMouseButton
CreateDialogParamA
GetAncestor
TranslateAcceleratorW
LoadCursorA
GetKeyboardLayoutList
CallWindowProcA
GetUpdateRect
GetAsyncKeyState
MapDialogRect
GetKBCodePage
CreateMDIWindowW
TrackPopupMenuEx
GetMenu
SetTimer
ShowWindowAsync
WindowFromPoint
SendInput
OemKeyScan
GetNextDlgTabItem
EnumWindowStationsW
CopyAcceleratorTableW
LoadCursorW
GetScrollRange
GetDC
MonitorFromPoint
EnumDisplaySettingsW
PostThreadMessageA
ValidateRect
InSendMessage
DestroyCaret
LookupIconIdFromDirectoryEx
SetClipboardViewer
CreateIconIndirect
MapVirtualKeyA
GetWindowLongW
LoadCursorFromFileW
SetUserObjectInformationW
GetLastActivePopup
SendIMEMessageExA
SendIMEMessageExW
GetMessageA
DlgDirSelectComboBoxExA
ChildWindowFromPointEx
FrameRect
OffsetRect
GetPropA
UpdateLayeredWindow
wvsprintfW
CreateWindowExA
GetSystemMenu
IsMenu
DdeUninitialize
LoadMenuW
SetKeyboardState
DefFrameProcA
GetAltTabInfoW
WinHelpA
ChangeMenuW
DdeGetData
BroadcastSystemMessageW
EqualRect
InsertMenuItemW
GetMenuContextHelpId
CreateIconFromResource
UserHandleGrantAccess
version
VerQueryValueA
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileA
VerFindFileW
VerQueryValueW
GetFileVersionInfoSizeA
VerInstallFileW
GetFileVersionInfoW
winmm
mciSetYieldProc
midiOutSetVolume
midiStreamOut
waveInGetErrorTextA
mmioOpenW
joyGetThreshold
waveInStop
waveInAddBuffer
joy32Message
waveOutGetVolume
mmioSeek
mixerMessage
auxGetDevCapsA
midiStreamRestart
waveInOpen
mmTaskCreate
mmioGetInfo
waveOutPrepareHeader
mciGetErrorStringA
timeGetDevCaps
midiOutCachePatches
midiOutGetErrorTextW
mixerGetDevCapsW
midiOutLongMsg
mmioFlush
sndPlaySoundW
waveOutSetPlaybackRate
WOW32ResolveMultiMediaHandle
mmioAdvance
auxOutMessage
joyGetPosEx
waveOutWrite
midiInGetErrorTextW
midiInGetID
timeGetTime
timeSetEvent
PlaySoundW
waveOutSetVolume
midiOutUnprepareHeader
mmioClose
midiInGetNumDevs
timeEndPeriod
waveInMessage
mciFreeCommandResource
GetDriverModuleHandle
DriverCallback
mmioAscend
waveOutSetPitch
mciGetDeviceIDFromElementIDA
mixerClose
waveInGetDevCapsA
waveOutGetErrorTextW
waveInGetNumDevs
auxGetVolume
mmTaskSignal
midiOutMessage
mmioSetBuffer
midiOutClose
waveOutGetID
midiOutOpen
CloseDriver
waveOutPause
mciDriverNotify
mciGetDeviceIDA
waveOutBreakLoop
waveOutClose
NotifyCallbackData
midiInClose
joyGetNumDevs
mixerGetID
waveOutGetPosition
PlaySoundA
auxGetNumDevs
DefDriverProc
midiInAddBuffer
mmioStringToFOURCCW
mixerGetLineControlsA
mmGetCurrentTask
mciGetCreatorTask
mmioStringToFOURCCA
auxSetVolume
midiStreamStop
waveOutReset
mixerGetControlDetailsA
mixerGetControlDetailsW
midiOutGetDevCapsW
joyGetPos
joyGetDevCapsW
mmioRead
midiOutGetDevCapsA
waveInReset
waveInGetID
winspool.drv
DeletePrinterIC
SetPrinterW
GetPrinterDataExW
GetPrinterDriverDirectoryW
StartDocPrinterA
ord202
DeletePrinterKeyW
EnumPrintProcessorDatatypesA
ReadPrinter
DeletePrinterKeyA
AddPrintProcessorW
ord209
AddPortExW
DeleteFormA
SetPrinterDataW
FindFirstPrinterChangeNotification
EnumPrintProcessorsW
DeletePrinter
ScheduleJob
GetPrinterDataW
FindNextPrinterChangeNotification
XcvDataW
DeletePrinterDriverA
ord214
EndPagePrinter
DevQueryPrintEx
ord102
CreatePrinterIC
SeekPrinter
EnumPortsW
ord256
DeletePrinterDriverW
FreePrinterNotifyInfo
AddPortW
SetFormW
DeletePrinterDataExW
EnumPrinterKeyW
DeletePrinterDriverExA
ord211
AddPrinterDriverExW
EnumJobsW
AddPortA
QueryColorProfile
EnumPrinterDriversA
EnumJobsA
EnumPrinterKeyA
AdvancedSetupDialog
AddJobA
SetPrinterDataExW
DeletePrinterDriverExW
DeletePrinterConnectionA
AddPrinterConnectionA
ord201
PrinterMessageBoxW
AddPrinterDriverW
OpenPrinterW
SetPrinterA
StartDocPrinterW
EnumPrintersW
DocumentPropertySheets
GetPrintProcessorDirectoryA
ConfigurePortA
DeleteFormW
AbortPrinter
DevicePropertySheets
msvcrt
_mbsicmp
_mbsncat
_mbsncpy
_mbccpy
_mbstok
_mbsnbset
_setmode
_snprintf
iscntrl
islower
feof
_snwprintf
_strrev
_stati64
fread
_mbscat
_seh_longjmp_unwind
_wenviron
perror
strncpy
fputs
raise
_lsearch
ferror
fputc
fprintf
_ismbcprint
asctime
_fpreset
_unlink
_getws
memset
_getdllprocaddr
_ui64toa
_safe_fprem
fwprintf
vwprintf
_fsopen
fclose
_mbsnbicmp
_mbsnbcoll
is_wctype
ftell
_ultow
_wpgmptr
sprintf
__wgetmainargs
__p__wcmdln
atol
_set_error_mode
__p__wpgmptr
isalnum
_stricmp
_Strftime
_fileinfo
_setjmp3
_tempnam
_cputs
__CxxFrameHandler
_chsize
__p__daylight
_c_exit
fseek
_outp
wcstombs
strcoll
cosh
_mbschr
_wperror
printf
__p__acmdln
__setusermatherr
rename
fwrite
sqrt
fopen
vfwprintf
_gcvt
fsetpos
iswlower
setlocale
_ismbbkalnum
wcstol
strchr
_pgmptr
floor
_tzset
Exports
Exports
Sections
.text Size: 36KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ