CoGetComCatalog
GetRPCSSInfo
Install
ServiceMain
WhichService
Static task
static1
Behavioral task
behavioral1
Sample
eb88a57bacf027c7dd7a4921648350b2502daa4ec4672a93bf6d566d12ca1027.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
eb88a57bacf027c7dd7a4921648350b2502daa4ec4672a93bf6d566d12ca1027.dll
Resource
win10v2004-20221111-en
Target
eb88a57bacf027c7dd7a4921648350b2502daa4ec4672a93bf6d566d12ca1027
Size
592KB
MD5
aeebb22c6f9d3202422e3d9fe1c18caa
SHA1
795f99e96b4fb5cf5339c85b2aed2577223958fd
SHA256
eb88a57bacf027c7dd7a4921648350b2502daa4ec4672a93bf6d566d12ca1027
SHA512
5ab39e1f6a4af842a39b2edf49c583c6d402deefa69227aa758ab96c2735730bf33eb94b62c4a31afb35b0c9b05ac4de3cc09db31c779d7b4b8524f25922f63d
SSDEEP
768:gUr+Gc2DVppIFCft5HExQI200ZQMBMCZtoDPcttbWAMPd9xsxv:gSVppVbMQI20tsMCZGcvb/K+9
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
CreateFileA
LoadResource
SizeofResource
FindResourceA
WriteFile
MultiByteToWideChar
lstrlenA
LoadLibraryA
ReleaseMutex
GetLastError
VirtualFreeEx
WaitForSingleObject
VirtualAllocEx
FindClose
FindNextFileA
lstrcmpiA
lstrcatA
GetCurrentProcess
SetFileTime
GetFileTime
CreateMutexA
GetModuleHandleA
GetProcAddress
AllocConsole
MoveFileExA
CopyFileA
FreeConsole
DeleteFileA
GetModuleFileNameA
GetCurrentProcessId
CloseHandle
lstrcpyA
Sleep
wsprintfA
CreateDesktopA
SetThreadDesktop
OpenDesktopA
OpenWindowStationA
SwitchDesktop
RegOpenKeyA
OpenProcessToken
LookupPrivilegeValueA
RegSetValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
RegCloseKey
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
StrStrIA
MakeSureDirectoryPathExists
wcscmp
free
strlen
strcpy
__CxxFrameHandler
malloc
memset
_beginthreadex
sprintf
CoGetComCatalog
GetRPCSSInfo
Install
ServiceMain
WhichService
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ