a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756 | Triage

Submit
Reports

Overview

overview

3

Static

static

a6d6489d6d...56.dll

windows7-x64

3

a6d6489d6d...56.dll

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756
Size

170KB
MD5

fd9864f151cb9e1cc527dec13b37a063
SHA1

6f0dd961fc23ff9d51e1dec352a7540ee0754ec0
SHA256

a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756
SHA512

338fabdc9f35cd85e8524ada8674d1c9a5c601645f6a99881fdd4c947d24ab71387544eb5118056af15efffaaa8bc185bffb08894c411f3a64be9193ba88279e
SSDEEP

3072:aGgVZ7fv2cbf16XUNshqcp1TkNGTZr5IpxntwLPLDxZvz:NgmcbRNshqcbT0TpxntwtZL

Score

N/A

Malware Config

Signatures

Files

a6d6489d6d58aad8fb08fff5d7fca0f0d380e0ad6533e8cdbe1c5896b3925756
.dll windows x86

6e1a1b024a09b4ee08e5a1d9b5bc6bf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
CommandLineToArgvW
SHGetSpecialFolderLocation

msvcrt

wprintf
wcsstr
printf
memset
free
exit
_wcslwr
_wcsdup
_ismbblead
_exit
_controlfp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_XcptFilter
_initterm

user32

IsWindow

gdi32

ArcTo
PolyDraw

kernel32

lstrlenW
VirtualProtect
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
ExitProcess
Sleep
SetUnhandledExceptionFilter
InterlockedExchange
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
FindNextFileW
FindFirstFileW
TerminateProcess

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Exports

Exports

AClose
CloseFile
GetRecordPosition
GotoBookmark
HrCopyLockBytesToStream
HrLPSZToBSTR
SetCurrentIndex

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 481B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy