b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5 | Triage

Submit
Reports

Overview

overview

8

Static

static

b1dffca842...c5.dll

windows7-x64

8

b1dffca842...c5.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5.dll

Resource

win7-20221111-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5
Size

240KB
MD5

f5d4b3b4352d1f8738d363d5dc98af03
SHA1

ef18c082b7da576b00dfe97df2d6bcd745fde9a0
SHA256

b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5
SHA512

558148f3d2e60e7653790ba829199c84ca759e96fe728e590d636a0b01f07f8be58bcced83ad7ccbef3d4b9faed51668a9048d7feea1588beca0a7b2e44a01df
SSDEEP

6144:FTgVkGqjdMOItBPLEBflcgBXo1EUZh1Ln:iV6xMNtNw9i

Score

N/A

Malware Config

Signatures

Files

b1dffca842a866a8c2ccc3198e5853958c21b34ce413435cb2a3768c77ace8c5
.dll windows x86

4fee747e0f5d4a3df3d5a8bd5ea48543

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateThread
ExitProcess
ExitThread
FatalAppExitA
FindClose
FindFirstFileA
GetACP
GetCommandLineA
GetConsoleCP
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetModuleHandleA
GetProcessHeap
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomA
GlobalUnlock
HeapAlloc
HeapCreate
InterlockedIncrement
LocalFree
SizeofResource
WriteConsoleA
lstrcpyA
lstrcpynA
lstrlenA

advapi32

GetTrusteeTypeA
LsaAddPrivilegesToAccount
SetServiceBits
CryptDuplicateHash

msvcrt

__getmainargs
wcslen
__set_app_type
isdigit
__p__commode
_cexit
exit

ole32

CoMarshalInterThreadInterfaceInStream
CoLoadLibrary
CoInstall
IsEqualGUID

ddraw

DirectDrawEnumerateW
DirectDrawEnumerateExW

crypt32

CryptStringToBinaryA
CryptSignMessageWithKey
CertFreeCertificateChain

Exports

Exports

GetObjectData

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy