DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
6fdf7c5a0de44f925dbfdd0a61a03204aac676c60aa58dc26caad07a35b05967.dll
Resource
win7-20221111-en
Target
6fdf7c5a0de44f925dbfdd0a61a03204aac676c60aa58dc26caad07a35b05967
Size
52KB
MD5
c916d466a315332f6823ee314b631fc0
SHA1
21014f90802cf7179083f198ee47bfd7c218664e
SHA256
6fdf7c5a0de44f925dbfdd0a61a03204aac676c60aa58dc26caad07a35b05967
SHA512
78fa39e73eb192cee96cabcc58d354340725245d550c2c4c2c786f2a5c98350207f08cfae1465d2fd11c98dcf66e84d5ebf570a9cb79d6a6a345c6bee1db50d1
SSDEEP
768:zNlT4LrZwyI5aWA8JXazN4ju9cw1dcqkV+piZlEdOWeOoGOCdO2JbShuIW:j0nBMNPw0TEWGrO2RyB
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
InterlockedDecrement
HeapDestroy
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
GetModuleHandleA
WideCharToMultiByte
MoveFileA
SetFileAttributesA
GetCurrentProcessId
EnterCriticalSection
GetCommandLineW
FreeLibrary
GetProcAddress
LoadLibraryA
Process32Next
Process32First
WritePrivateProfileStringA
CreateThread
CreateDirectoryA
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
CloseHandle
GetExitCodeProcess
Sleep
ExitProcess
FindFirstFileA
GetPrivateProfileStringA
FindNextFileA
DeleteFileA
LocalFree
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
ControlService
DeleteService
CloseServiceHandle
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
CommandLineToArgvW
SHGetSpecialFolderPathA
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoInitialize
CoUninitialize
VariantClear
SysAllocString
SysStringLen
LoadRegTypeLi
SysFreeString
fclose
_stricmp
_strlwr
_adjust_fdiv
malloc
_initterm
free
_access
_wcslwr
wcsstr
atoi
strncmp
strchr
strncpy
strcmp
strcpy
strstr
strrchr
sprintf
??3@YAXPAX@Z
memset
memcpy
_purecall
??2@YAPAXI@Z
memcmp
_strupr
fread
ftell
fseek
fopen
strcat
strlen
SHDeleteKeyA
SHSetValueA
DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.