65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53 | Triage

Submit
Reports

Overview

overview

3

Static

static

65db05c563...53.dll

windows7-x64

1

65db05c563...53.dll

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53
Size

11KB
MD5

ff0946b216f4114b6849c6e14bfe99d5
SHA1

07332464a93f3b4de332df8cb24196c5abd1a95c
SHA256

65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53
SHA512

83f00714b32da2102667f23865ef5c0bbb81cd28293901739aa150b9c1c5d8ad0562b41bd8f4de8af40fbcbb1997dfbabb2db776bae2c0942a1b293036b6d35b
SSDEEP

192:oSztUDNfWkrgP3mwiNq73auO7yBt9k0UMKgLBk6IiS:oSztAHwiNmauOe4LgLBk6h

Score

N/A

Malware Config

Signatures

Files

65db05c5637628362a919f7ebfda658208812073e1dde1b4be486b6f31331d53
.dll windows x86

7fa2d7796fb7807a82cf344ed56146f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenProcessToken
memset
RtlAdjustPrivilege
ZwClose
ZwDuplicateToken
RtlImageNtHeader
ZwSetInformationToken
strlen
memcpy
_snprintf

ws2_32

WSAStartup

kernel32

Process32Next
LoadLibraryA
InterlockedExchange
FreeLibrary
LocalAlloc
GetProcAddress
CreateThread
CreateMutexA
GetModuleFileNameA
CopyFileA
Sleep
MoveFileExA
ExitProcess
GetModuleFileNameW
CreateFileA
GetFileSize
MapViewOfFile
UnmapViewOfFile
VirtualQuery
SystemTimeToFileTime
GetCurrentProcess
Process32First
VirtualFree
SetFileTime
OpenProcess
GetLastError
lstrcmpiA
VirtualAlloc
RaiseException
CreateFileMappingA
CreateToolhelp32Snapshot
GetVersionExA
CloseHandle
GetTempPathA
SetFilePointer
WriteFile

winspool.drv

GetPrintProcessorDirectoryA
AddPrintProvidorA
DeletePrintProvidorA

shell32

ShellExecuteExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy