c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff | Triage

Submit
Reports

Overview

overview

3

Static

static

c9190c7f61...ff.dll

windows7-x64

3

c9190c7f61...ff.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff.dll

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff
Size

22KB
MD5

fb936f65a15ac1cba727e3a22ee41f08
SHA1

ddcd688b78372e0f7971a3efb00a7368ebf688f5
SHA256

c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff
SHA512

101de405d4fb43760b64db7d15990b922db0c92c91a761c927b201ba5e881b35534bf912426fad4b634837c78cd5860ddd224dedbafa10b62325908d98af0d96
SSDEEP

384:2Vgs5ZQcZv/yNnSo7OpteXExya9dow0Vj:2VVzTyNS5pcExEw0Vj

Score

N/A

Malware Config

Signatures

Files

c9190c7f61faee0432865daa925aab16f738e3997669ebb520c9798ec66b59ff
.dll windows x86

23254e8f6e1ba552796fb5287a9b595d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
DeleteFileA
lstrcpynA
CreateThread
IsBadReadPtr
GetModuleHandleA
GetModuleFileNameA
VirtualProtect
CopyFileA
GetCurrentProcessId
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
GetTickCount
lstrcmpiA
lstrlenA
Sleep
lstrcmpA
lstrcpyA
ExitProcess
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA

user32

PostThreadMessageA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
MapVirtualKeyA
GetKeyboardState
ToAscii

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA

msvcrt

atoi
memmove
??2@YAPAXI@Z
sprintf
strstr

Exports

Exports

COMResModuleInstance
DeleteSelf
wwhkf
wwhko

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy