SCLiveOpen
Static task
static1
Behavioral task
behavioral1
Sample
dca8de9d57cf25697b69395b4856d918cedb80f3407be91b8fc180e3d67cc5ae.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
dca8de9d57cf25697b69395b4856d918cedb80f3407be91b8fc180e3d67cc5ae.dll
Resource
win10v2004-20221111-en
General
-
Target
dca8de9d57cf25697b69395b4856d918cedb80f3407be91b8fc180e3d67cc5ae
-
Size
28KB
-
MD5
99616d05426e4258e5ca35d8d8142cf5
-
SHA1
cc81610eaad6f304b6b2476f4183a53b24a4277c
-
SHA256
dca8de9d57cf25697b69395b4856d918cedb80f3407be91b8fc180e3d67cc5ae
-
SHA512
0ffb26cc9f89640348b36cc85340e28c3818203f535ae35826b5717d0e021917096885af0f64545e10e40ccee79e7372323fc5d6c845c52a8d29c0d902907982
-
SSDEEP
192:+b4+jVutdy9gttC7tId5f4/YHf4bqvVGBHmWuxGKs8xDN:+puDSRad5w4wOvVGBGWWGKs8xx
Malware Config
Signatures
Files
-
dca8de9d57cf25697b69395b4856d918cedb80f3407be91b8fc180e3d67cc5ae.dll windows x86
d1292a3adcc846688b4e27086a2e842d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord565
ord825
ord800
ord2726
ord4226
ord924
ord535
ord858
ord4129
ord5683
ord2818
ord1176
ord1575
ord540
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord1116
ord817
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5289
ord5307
ord4699
ord4079
ord5303
ord5300
ord3346
ord2396
ord1948
ord823
ord1106
ord2915
ord826
ord269
ord1168
ord860
msvcrt
_adjust_fdiv
_except_handler3
printf
__CxxFrameHandler
fclose
fprintf
fopen
sprintf
_onexit
__dllonexit
??1type_info@@UAE@XZ
malloc
_initterm
free
kernel32
GetThreadContext
LocalAlloc
LocalFree
CreateProcessA
GetLastError
CreateEventA
WaitForMultipleObjects
TerminateProcess
GetModuleFileNameA
GetVersionExA
CreateFileA
CreateFileMappingA
MapViewOfFile
VirtualProtect
CloseHandle
SetThreadContext
ResumeThread
Sleep
SuspendThread
lstrlenA
lstrlenW
VirtualAllocEx
WriteProcessMemory
GetModuleHandleA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
user32
MessageBoxA
wsprintfW
dbghelp
ImageDirectoryEntryToData
vsipc
IPCgetDllName
IPCgetCreateGameMode
livectrl
LCTRL12
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 984B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 944B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ