DeleteServicePlugPlayRegKeys
PNP_GetDeviceList
PNP_GetDeviceListSize
PNP_GetDeviceRegProp
PNP_HwProfFlags
PNP_SetActiveService
RegisterScmCallback
RegisterServiceNotification
ServiceEntry
Static task
static1
Behavioral task
behavioral1
Sample
0b5def8fcc80f0db0c743856d3b450712505cbbecaa9ab3af023686a537beafe.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0b5def8fcc80f0db0c743856d3b450712505cbbecaa9ab3af023686a537beafe.dll
Resource
win10v2004-20221111-en
Target
0b5def8fcc80f0db0c743856d3b450712505cbbecaa9ab3af023686a537beafe
Size
176KB
MD5
99a245411e640780d892e6cc34b1ce7f
SHA1
fa1aba6a0da0b0e586b834d75bad96a8b9a504a8
SHA256
0b5def8fcc80f0db0c743856d3b450712505cbbecaa9ab3af023686a537beafe
SHA512
008fa3a097393da7e75efa956871a8c87f620a53da8c9a6c27051309493430431f45de750c88157e3e44ab12fca28bb7c89e96af34c5222e84d0342085f279ee
SSDEEP
3072:/7NEdeLPYBRBOHBm/tBYZfcic5cQXLNdGG5cYIZKxGnHc9cmcSBxhYQCq6PuLssh:z+GPYpoxJSBXLNZ5SYxGnHmNXBxhY46a
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
FreeSid
RegisterServiceCtrlHandlerExW
GetTokenInformation
LookupPrivilegeValueW
SetServiceStatus
RegEnumKeyW
RegOpenKeyW
PrivilegeCheck
OpenThreadToken
CheckTokenMembership
RegQueryInfoKeyW
SetEntriesInAclW
SetSecurityDescriptorControl
RegGetKeySecurity
GetSecurityDescriptorDacl
GetAclInformation
GetAce
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
DuplicateTokenEx
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
AddAccessAllowedAceEx
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
CreateProcessAsUserW
OpenProcessToken
RegEnumKeyExW
RegSetKeySecurity
AddAce
EqualSid
HeapReAlloc
CreateMutexW
SetConsoleCtrlHandler
LocalFree
CompareFileTime
GetCurrentThread
lstrcmpiW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapCreate
DisableThreadLibraryCalls
VerifyVersionInfoW
CompareStringW
lstrlenW
HeapFree
HeapAlloc
WaitForMultipleObjects
ReleaseMutex
GetVolumeNameForVolumeMountPointW
CloseHandle
FreeLibrary
GetProcAddress
LoadLibraryW
OpenProcess
LeaveCriticalSection
WaitNamedPipeW
GetLastError
SetEvent
WaitForSingleObject
DuplicateHandle
GetCurrentProcess
CreateEventW
SetLastError
WideCharToMultiByte
ResetEvent
WriteFile
CancelIo
GetOverlappedResult
ConnectNamedPipe
CreateNamedPipeW
FindClose
FindFirstFileW
GetSystemDirectoryW
GetCurrentThreadId
OpenEventW
CreateThread
CreateFileW
_adjust_fdiv
malloc
free
_wtoi
qsort
_except_handler3
wcschr
_vsnwprintf
_initterm
VerSetConditionMask
NtPlugPlayControl
NtClose
NtDuplicateToken
RtlInitUnicodeString
NtGetPlugPlayEvent
I_RpcBindingIsClientLocal
UuidFromStringW
RpcServerUnregisterIf
RpcServerRegisterIfEx
NdrServerCall2
RpcStringFreeW
UuidCreate
RpcImpersonateClient
RpcRevertToSelf
UuidEqual
UuidToStringW
I_RpcExceptionFilter
BroadcastSystemMessageExW
GetThreadDesktop
CloseDesktop
BroadcastSystemMessageW
DeviceEventWorker
GetWindowThreadProcessId
CharUpperW
SetThreadDesktop
CreateEnvironmentBlock
DestroyEnvironmentBlock
WinStationQueryInformationW
DeleteServicePlugPlayRegKeys
PNP_GetDeviceList
PNP_GetDeviceListSize
PNP_GetDeviceRegProp
PNP_HwProfFlags
PNP_SetActiveService
RegisterScmCallback
RegisterServiceNotification
ServiceEntry
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ