AssignToBeing
AuthenticatedServerOrBeOr
CALsThe
DeviceYour
InstancesCALs
Static task
static1
Behavioral task
behavioral1
Sample
2777e9214bfdb51047846214e56d70f5bdd8c3f80544b4a74857984ce80c3eba.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2777e9214bfdb51047846214e56d70f5bdd8c3f80544b4a74857984ce80c3eba.dll
Resource
win10v2004-20220812-en
Target
2777e9214bfdb51047846214e56d70f5bdd8c3f80544b4a74857984ce80c3eba
Size
180KB
MD5
692962261a2869eb08b53a0753be2270
SHA1
3cf25590319add728beae750ed4a7a9ec939a538
SHA256
2777e9214bfdb51047846214e56d70f5bdd8c3f80544b4a74857984ce80c3eba
SHA512
8dde2b6855a0f1265f21ea2a5eca16ac7b45dfdb6e2f8dd8d93c6ce3f9b30df54dbb234980161ad28da109934f4f2b927be405dfb748342ba8c79c7883da5cf4
SSDEEP
1536:t88Vhc+htU5SPBBgrxQnViuQM1q+p55y8sBN9v6R7iqzZNgoM4CGIl0FI8H/7BS3:tXOY3B2Qn8uQM1YN9CpVCGc0Wizigc
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetModuleHandleW
SetCriticalSectionSpinCount
VirtualAlloc
MapViewOfFileEx
PostQueuedCompletionStatus
SetLastError
WaitForSingleObject
SetThreadPriorityBoost
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnmapViewOfFile
LoadLibraryA
LocalAlloc
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
CancelIo
GetOverlappedResult
GlobalFree
WaitForSingleObjectEx
lstrcatA
FileTimeToSystemTime
GetComputerNameA
TransactNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
FlushFileBuffers
lstrcmpiA
ConnectNamedPipe
CreateNamedPipeW
GetQueuedCompletionStatus
CreateIoCompletionPort
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetSystemDirectoryW
lstrlenW
VirtualProtect
GetSystemInfo
TlsSetValue
TlsAlloc
TlsGetValue
VirtualFree
IsBadWritePtr
WideCharToMultiByte
GetModuleFileNameA
GetComputerNameExW
GetSystemTimeAsFileTime
lstrcpyA
lstrcmpW
InterlockedExchangeAdd
LocalFree
GlobalMemoryStatusEx
QueueUserAPC
DuplicateHandle
CreateThread
SetUnhandledExceptionFilter
RaiseException
CreateEventW
HeapAlloc
HeapFree
GetCommandLineW
CreateFileW
WriteFile
GetCurrentProcessId
ResetEvent
CompareStringW
InterlockedExchange
GetCurrentThreadId
Sleep
lstrlenA
InterlockedCompareExchange
SetEvent
InterlockedDecrement
InterlockedIncrement
FormatMessageW
FormatMessageA
GetCurrentThread
GetCurrentProcess
CloseHandle
GetTickCount
GetComputerNameW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
GetProcessHeap
DisconnectNamedPipe
HeapReAlloc
GetStartupInfoA
GetCurrentDirectoryA
SetHandleInformation
ExitThread
OpenProcessToken
RevertToSelf
OpenThreadToken
LookupAccountSidW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegQueryInfoKeyA
RegEnumValueA
RegEnumValueW
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
IsValidSecurityDescriptor
CredIsMarshaledCredentialW
CredUnmarshalCredentialW
CopySid
GetLengthSid
LookupAccountNameW
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
EqualSid
IsValidSid
CloseServiceHandle
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyW
ImpersonateNamedPipeClient
GetTokenInformation
SetThreadToken
toupper
GetUserNameExW
AssignToBeing
AuthenticatedServerOrBeOr
CALsThe
DeviceYour
InstancesCALs
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ