81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5 | Triage

Submit
Reports

Overview

overview

3

Static

static

81547cef13...b5.dll

windows7-x64

3

81547cef13...b5.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5.dll

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5
Size

196KB
MD5

bf53912a595c3c6ee10592ac354a59b0
SHA1

4516cd6e04f329bd2af06fb453cf0af1042cf5d0
SHA256

81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5
SHA512

d9cdf5a251b5fce54b5205ca628c32a67159ffc8104157168341d1748e3d5315ce7f8d15e568799bd7fadfb38eb479e5ffed217f53824b2866d64e8e84ffd3cc
SSDEEP

6144:jwRW/PVjZNpTSS7ozoycZn6WXYvEJPAIwMphiaXoCk2m:mWHDNszmn6WXKEFAE+h2m

Score

N/A

Malware Config

Signatures

Files

81547cef1365ef1a691b7f0c2f3a34d7a9883f79b9b06bb1a39b1012df061cb5
.dll windows x86

40e9ae64d0f3070f3505c62e84ac0b60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
wcscat
wcscpy
malloc
_except_handler3
?terminate@@YAXXZ
__CxxFrameHandler
free
??3@YAXPAX@Z
wcsrchr
memmove
wcslen

ntdll

NtQueryInformationFile
RtlNtStatusToDosError
NtSetInformationFile

rpcrt4

RpcStringFreeW
UuidToStringW
UuidFromStringW

kernel32

ReadFile
VirtualAlloc
GetFileAttributesW
SetFileAttributesW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetDiskFreeSpaceW
InitializeCriticalSection
VirtualProtect
WriteFile
CreateFileW
DeviceIoControl
CloseHandle
GetLastError

Exports

Exports

ServiceMain
SisCreateBackupStructure
SisCreateRestoreStructure
SisFreeAllocatedMemory
SisFreeBackupStructure
SisFreeRestoreStructure
SisRestoredCommonStoreFile
SisRestoredLink

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy