a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c | Triage

Submit
Reports

Overview

overview

3

Static

static

a5009082f2...0c.dll

windows7-x64

3

a5009082f2...0c.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c
Size

29KB
MD5

6992d5c4ca27d22dde5cd5018ba78187
SHA1

df146e1290aec8862bf7338370063836c69e14e3
SHA256

a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c
SHA512

36c2fd747e8f18de82577292780b080dfc41da488c1f72cb8a37bbba466ffaaf56c3a9297181f8ae61fabac15b7b2290da0978b3350e4004f3a85a55ac5a4a5d
SSDEEP

384:hZPvV3Qi/b1wQMRQuBBQARQkwJraiOiBRJkplvj7yr5EYMxRQYIs01OpO7IQ:hNbspBBQARQkjABfkplvKrX+QfsDpWf

Score

N/A

Malware Config

Signatures

Files

a5009082f2313738152fa2247afddd377dab66a296a783fa2511af6d9a3f6e0c
.dll windows x86

9b29f44f13ff25083e23c25aabdbb27b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strstr
strlen
memcpy
memcmp
RtlZeroMemory

ws2_32

closesocket
gethostname

kernel32

LoadLibraryA
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateThread
IsBadReadPtr
GetPrivateProfileStringA
lstrcpyA
lstrcmpiA
lstrcmpA
WaitForSingleObject
TerminateThread
Sleep
CloseHandle
CreateFileA
GetExitCodeThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
lstrlenA
ReadFile
VirtualProtectEx
lstrcatA
LeaveCriticalSection

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA

Exports

Exports

ServiceRouteEx
StartServiceEx
StopServiceEx

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy