e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d | Triage

Submit
Reports

Overview

overview

1

Static

static

e1b2f81bb7...7d.dll

windows7-x64

1

e1b2f81bb7...7d.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d.dll

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d
Size

32KB
MD5

5c5ee23ff56cb78880e7cff58c3f4c1c
SHA1

3a595dd5eb9109a3434b03bc5f2ae548dc087a7d
SHA256

e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d
SHA512

1d6b824c8565859557a9b1b8e23c6a4c39ca4e67e50c245e6fa6f0160f6b4d780e3477c8d88089a2dd2093a23ff94ec5435b16237706c14d42b8ecc464e5a9f2
SSDEEP

384:HZqI8r0o6JkdjqFgbCuStXANRDOXkaihgL+VDrJj:HZZ8g5+dQgbQSDWmhFV

Score

N/A

Malware Config

Signatures

Files

e1b2f81bb776a5144d16d3610eb4568b26d574e3b5a295eb138c74591dbfc47d
.dll windows x86

d837dcabe39748fcbf5fe33698d5d7b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
CreateEventA
OpenEventA
GetModuleFileNameA
GlobalFree
GlobalLock
GlobalAlloc
GetCommandLineA
Sleep
VirtualAlloc
VirtualFree
WriteProcessMemory
VirtualProtectEx
ReadProcessMemory
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
ReadFile
CreateFileA
IsBadReadPtr
GetModuleHandleA
GetPrivateProfileStringA

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowTextA
FindWindowA
wsprintfA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

gethostbyname
gethostname
WSAStartup
WSACleanup

Exports

Exports

ZtGame_IN
ZtGame_OUT

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy