d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d | Triage

Submit
Reports

Overview

overview

Static

static

d972bd1817...8d.dll

windows7-x64

d972bd1817...8d.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d.dll

Resource

win7-20220901-en

ramnit banker spyware stealer trojan upx worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d
Size

121KB
MD5

924da67433ee244252b06e2c880ca3d9
SHA1

fe0439a298b42a976ece940ec877d394cdbc66f9
SHA256

d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d
SHA512

e34e746fdd0c92dc312d8495e9d642002dee81c3f2f2c5d6fd9dee5d2ab6fcdb07fccd40ec6514d7298476340a13858ab56661b5d4343cd2ceff4b123b39c930
SSDEEP

3072:YSU/oXvtWmYiLW7pKRC32JjcqQPvM9diOzupSasCpmiwoWfSjY:gwfkgWEwm9RCM9di/L5p1wN6jY

Score

N/A

Malware Config

Signatures

Files

d972bd18177cc80ad879dd06b0b5cda164bc2395abfe0c5f5338a85a4c76ab8d
.dll windows x86

c8ac85ff127117894119fdeb02fe5ccf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter

ntdll

NtQueryObject
RtlUnwind

kernel32

InterlockedCompareExchange
VirtualQuery
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
Sleep
InterlockedExchange
LoadLibraryExW
GetModuleHandleA
GetProcAddress
WaitForSingleObject
GetModuleHandleExW
VirtualProtect

user32

GetWindowThreadProcessId
FindWindowExA

shlwapi

ord157
ord156

Exports

Exports

IEShims_Initialize
IEShims_Uninitialize

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy