nsMapLite
Static task
static1
Behavioral task
behavioral1
Sample
61ee9b42992c6a5b3b24a221ba882fa60a2929b4375c31ed8900d316dad0166f.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
61ee9b42992c6a5b3b24a221ba882fa60a2929b4375c31ed8900d316dad0166f.dll
Resource
win10v2004-20221111-en
General
-
Target
61ee9b42992c6a5b3b24a221ba882fa60a2929b4375c31ed8900d316dad0166f
-
Size
84KB
-
MD5
580e6d894f58ce551e0dd1732dbf73ba
-
SHA1
93b85e281cdb1ddca425ff3b9fc86e4181449456
-
SHA256
61ee9b42992c6a5b3b24a221ba882fa60a2929b4375c31ed8900d316dad0166f
-
SHA512
aa28290883ee6ab8f98e822337bc63d04d7a936c18be63839e317dd4ae1f6dafedfda098970553d458e31e60385c627392cb567eacb322472a7ae6a89427e04c
-
SSDEEP
1536:JoMhHF+HxyjK3R7k2ndGTfZU+cnT5fU0dc7fJdM:rGRyj2dnUxncnT5f67
Malware Config
Signatures
Files
-
61ee9b42992c6a5b3b24a221ba882fa60a2929b4375c31ed8900d316dad0166f.dll windows x86
9fcf8814cc60003e23db938efa58adb2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RtlMoveMemory
GetProcessVersion
SetFileAttributesA
CreateEventW
ReadProcessMemory
SetProcessWorkingSetSize
LoadLibraryA
UnregisterWaitEx
GetProcAddress
advapi32
ObjectCloseAuditAlarmW
QueryServiceStatus
Exports
Exports
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 493B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ