3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3 | Triage

Submit
Reports

Overview

overview

1

Static

static

3c638b13ea...a3.dll

windows7-x64

1

3c638b13ea...a3.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3.dll

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3
Size

72KB
MD5

d069f16b5e94f87f1f43bdaf5c563d00
SHA1

812bf844b50a0a021856c1af7d735fbd92783424
SHA256

3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3
SHA512

6bab5950ce91093de16350f0bb2b29c555125b43012866390b8f5c992fb51d9c23499b27a48622f2710a71a8957ac1bf3d0ac046cfb7ac52b41cc9ce56fc7b06
SSDEEP

1536:myUjoStapoGf0VRTCqiXjBdBD9XSW+4oo:mkStapoMWRTdiTBj9hjoo

Score

N/A

Malware Config

Signatures

Files

3c638b13eac8058ee2f49409aa6193f2a0ce9f7ad74c69027aeec54ada2ac4a3
.dll windows x86

fd3507c15582953cef3f1b548a3ad5a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryA
VirtualFree
HeapAlloc
ExitProcess
GetCurrentThreadId
lstrcmpiA
GetCurrentProcessId
TlsAlloc
GetSystemTimeAsFileTime
GetTickCount
GetComputerNameA
GetCommandLineA
GetVersion
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

ExToLiveInternatA
penWordDocumentA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy