f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8 | Triage

Submit
Reports

Overview

overview

3

Static

static

f1d93161a5...f8.dll

windows7-x64

3

f1d93161a5...f8.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8
Size

31KB
MD5

89c5f56a15a42e5530375860c05d79ad
SHA1

caea3ea3cfac24db72b2f75e8ec03084515ac055
SHA256

f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8
SHA512

a4d0619fb226189b9206190c25dabcb28b6a972b4b7a2287bc43ae2b0c7ca6c3fa8aae9d41dfbc8e3a645d877d9d60e2788f64ad4b31ae45027f07c9b78cffdb
SSDEEP

384:q+gCEx3laYyc3xxvgp+hPrsab+fc/9VgO+kQmcEuXzzJlY1g/Z+AK:wCg3laYPvgmVhIOo5EWnJlYoh

Score

N/A

Malware Config

Signatures

Files

f1d93161a5836e3c9db5aff3732cc0240bf84f39401a64fed0e2f680afc32bf8
.dll windows x86

a10acb8a36b5bd8c517735b7cd7db48e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetTempPathA
HeapAlloc
GetProcessHeap
Sleep
HeapFree
FreeLibrary
GetModuleFileNameA
CloseHandle
OpenEventA
CreateThread
FreeConsole
Process32Next
Process32First
CreateToolhelp32Snapshot
LoadLibraryA
CreateEventA
GetProcAddress
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCPInfo
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
GetStdHandle
WriteFile
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerW

Exports

Exports

DllCanUnloadNowW
DllRegisterServerW
ServiceMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy