d3dapippm
Static task
static1
Behavioral task
behavioral1
Sample
9d2116dc3bf0da97be5d85081d1d1a3d6fb23d07b899a4f081f052711505133a.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9d2116dc3bf0da97be5d85081d1d1a3d6fb23d07b899a4f081f052711505133a.dll
Resource
win10v2004-20220901-en
General
-
Target
9d2116dc3bf0da97be5d85081d1d1a3d6fb23d07b899a4f081f052711505133a
-
Size
140KB
-
MD5
dd266d5a559b10bc684984d02dc581a2
-
SHA1
26061da17ebf582742bc658bfac9f8c2c5a74299
-
SHA256
9d2116dc3bf0da97be5d85081d1d1a3d6fb23d07b899a4f081f052711505133a
-
SHA512
20b81a217fac0ed68e170ce51746c8c5ce296b574ba66a41925d12da5d77679f9dc3a7ced853f7ff27479ca8ed16c284be7ed06b3f055569b73411dcf955679e
-
SSDEEP
3072:2tw1iDR+nbdbz5Ibp2kBzQnP2hByBg+kI113WHXbOXUG:2WiDkRebprAPowg+zWHSXx
Malware Config
Signatures
Files
-
9d2116dc3bf0da97be5d85081d1d1a3d6fb23d07b899a4f081f052711505133a.dll windows x86
94405c671f0b29d09c584049b1635c38
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenEventA
GlobalFree
TerminateProcess
CreateFileMappingA
InterlockedIncrement
GetLastError
GetModuleFileNameA
GetProcessHeap
ReadProcessMemory
WriteFile
CreateFileA
CreateProcessA
GetCommandLineA
CreateEventA
LeaveCriticalSection
CopyFileA
SetLastError
GetProcAddress
GetVolumeInformationA
EnterCriticalSection
HeapFree
WriteProcessMemory
OpenFileMappingA
CreateDirectoryA
GetCurrentProcess
HeapAlloc
InterlockedDecrement
MapViewOfFile
GetModuleHandleA
GetTickCount
LocalFree
UnmapViewOfFile
InterlockedCompareExchange
Sleep
GlobalAlloc
GetComputerNameA
CloseHandle
LoadLibraryA
CreateMutexW
WaitForSingleObject
ExitProcess
ole32
CoCreateGuid
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
OleCreate
CoInitialize
OleSetContainedObject
user32
SetWindowsHookExA
DefWindowProcA
SetWindowLongA
PostQuitMessage
TranslateMessage
DestroyWindow
UnhookWindowsHookEx
CreateWindowExA
GetWindowLongA
KillTimer
GetParent
FindWindowA
PeekMessageA
GetWindow
SetTimer
ScreenToClient
DispatchMessageA
ClientToScreen
GetClassNameA
GetCursorPos
GetMessageA
RegisterWindowMessageA
SendMessageA
GetWindowThreadProcessId
GetSystemMetrics
oleaut32
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
shlwapi
UrlUnescapeW
StrStrIW
advapi32
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
DuplicateTokenEx
RegQueryValueExA
OpenProcessToken
GetUserNameA
SetTokenInformation
shell32
SHGetFolderPathA
Exports
Exports
Sections
.text Size: 116KB - Virtual size: 113KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ