Static task
static1
Behavioral task
behavioral1
Sample
809bfeb0ff96e22ea120b1e0217acaa487e91032c405ac4e1cd282ecb9f2e643.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
809bfeb0ff96e22ea120b1e0217acaa487e91032c405ac4e1cd282ecb9f2e643.dll
Resource
win10v2004-20220812-en
General
-
Target
809bfeb0ff96e22ea120b1e0217acaa487e91032c405ac4e1cd282ecb9f2e643
-
Size
386KB
-
MD5
9d29d1a986e9e818e32bcf0abaaa4ac8
-
SHA1
a9f2ba7990c64d82d6c169299f35a3bc4fe6a529
-
SHA256
809bfeb0ff96e22ea120b1e0217acaa487e91032c405ac4e1cd282ecb9f2e643
-
SHA512
c43ea7835c4096b715311be2e07439a32b87dcff4fffc8cfba9d0a11b87ed53beb920f791d50896eac3bf05d097758d86da26631316b5e35a78530237a06cf0a
-
SSDEEP
6144:WHD1l8Xa69djcLq0u4j6QcWOKjti20Ahwj35Q1q8t+CX8GTX8Vqtba3B1qFmA:ZLdjc+UOKjo2hho0n5MGTX8bB1XA
Malware Config
Signatures
Files
-
809bfeb0ff96e22ea120b1e0217acaa487e91032c405ac4e1cd282ecb9f2e643.dll windows x86
252deea0c6a926a68859c84453bd60cf
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
SHOpenRegStream2W
SHOpenRegStream2A
SHIsLowMemoryMachine
SHGetValueW
SHGetValueA
SHGetThreadRef
SHGetInverseCMAP
SHEnumValueW
SHEnumValueA
SHEnumKeyExW
SHEnumKeyExA
SHDeleteValueW
SHDeleteValueA
SHDeleteKeyW
SHDeleteKeyA
SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
ord16
SHCreateStreamOnFileW
SHCreateStreamOnFileA
SHCreateShellPalette
SHCopyKeyW
SHCopyKeyA
SHAutoComplete
PathUnquoteSpacesW
PathUnquoteSpacesA
PathUnmakeSystemFolderW
PathUnmakeSystemFolderA
PathUndecorateW
PathUndecorateA
PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathStripToRootW
PathStripToRootA
PathStripPathW
PathStripPathA
PathSkipRootW
PathSkipRootA
PathSetDlgItemPathW
PathSetDlgItemPathA
PathSearchAndQualifyW
PathSearchAndQualifyA
PathRenameExtensionW
PathRenameExtensionA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathRemoveExtensionW
PathRemoveExtensionA
PathRemoveBlanksW
PathRemoveBlanksA
PathRemoveBackslashW
PathRemoveBackslashA
PathRemoveArgsW
PathRemoveArgsA
PathRelativePathToW
PathRelativePathToA
PathQuoteSpacesW
PathQuoteSpacesA
PathParseIconLocationW
PathParseIconLocationA
PathMatchSpecW
PathMatchSpecA
PathMakeSystemFolderW
PathMakeSystemFolderA
PathMakePrettyW
PathMakePrettyA
PathIsURLW
PathIsURLA
PathIsUNCW
PathIsUNCServerW
PathIsUNCServerShareW
SHOpenRegStreamA
PathIsUNCServerA
PathIsUNCA
PathIsSystemFolderW
PathIsSystemFolderA
PathIsSameRootW
PathIsSameRootA
PathIsRootW
PathIsRootA
PathIsRelativeW
PathIsRelativeA
PathIsPrefixW
PathIsPrefixA
PathIsNetworkPathW
PathIsNetworkPathA
PathIsLFNFileSpecW
PathIsLFNFileSpecA
PathIsFileSpecW
PathIsFileSpecA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathIsContentTypeW
PathIsContentTypeA
PathGetDriveNumberW
PathGetDriveNumberA
PathGetCharTypeW
PathGetCharTypeA
PathGetArgsW
PathGetArgsA
PathFindSuffixArrayW
PathFindSuffixArrayA
PathFindOnPathW
PathFindOnPathA
PathFindNextComponentW
PathFindNextComponentA
PathFindFileNameW
PathFindFileNameA
PathFindExtensionW
PathFindExtensionA
PathFileExistsW
PathFileExistsA
PathCreateFromUrlW
PathCreateFromUrlA
PathCompactPathW
PathCompactPathExW
PathCompactPathExA
PathCompactPathA
PathCommonPrefixW
PathCommonPrefixA
PathCombineW
PathCombineA
PathCanonicalizeW
PathCanonicalizeA
PathBuildRootW
PathBuildRootA
PathAppendW
PathAppendA
PathAddExtensionW
PathAddExtensionA
PathAddBackslashW
PathAddBackslashA
IntlStrEqWorkerW
IntlStrEqWorkerA
HashData
GetMenuPosFromID
ColorRGBToHLS
ColorHLSToRGB
ColorAdjustLuma
ChrCmpIW
ChrCmpIA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegCloseUSKey
SHRegCreateUSKeyA
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyA
SHRegDeleteEmptyUSKeyW
SHRegDeleteUSValueA
SHRegDeleteUSValueW
SHRegDuplicateHKey
SHRegEnumUSKeyA
SHRegEnumUSKeyW
SHRegEnumUSValueA
SHRegEnumUSValueW
SHRegGetBoolUSValueA
SHRegGetBoolUSValueW
SHRegGetPathA
SHRegGetPathW
SHRegGetUSValueA
SHRegGetUSValueW
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
SHRegSetUSValueW
SHRegWriteUSValueA
SHRegWriteUSValueW
SHSetThreadRef
SHSetValueA
SHSetValueW
SHStrDupA
SHSkipJunction
PathIsUNCServerShareA
SHStrDupW
kernel32
LocalSize
FindResourceW
FindResourceExA
HeapFree
GetProcessHeap
HeapAlloc
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateMailslotA
CreateMailslotW
CommConfigDialogW
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileA
CopyFileExA
CopyFileExW
CopyFileW
GetFileTime
ole32
OleRun
user32
ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharUpperA
CharToOemW
CharToOemBuffW
CharToOemBuffA
CharToOemA
CharPrevW
CharPrevExA
CharPrevA
CharNextW
CharNextExA
CharNextA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
ChangeClipboardChain
ReleaseDC
advapi32
RegLoadKeyA
msvcrt
malloc
memset
free
winmm
mmioOpenA
Sections
.text Size: 374KB - Virtual size: 464KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 824B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ