?g_dwOperation@@3KA
?g_dwTargetPID@@3KA
FlushBuffer
Init
SM
WLEvtLock
WLEvtLogoff
WLEvtLogon
WLEvtShutdown
WLEvtStartScreenSaver
WLEvtStartup
WLEvtStopScreenSaver
WLEvtUnlock
Static task
static1
Behavioral task
behavioral1
Sample
fa50edf767100d20e362479d1c3a2ff0fd7e0e96cb813ac45c60f86f71164211.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
fa50edf767100d20e362479d1c3a2ff0fd7e0e96cb813ac45c60f86f71164211.dll
Resource
win10v2004-20220812-en
Target
fa50edf767100d20e362479d1c3a2ff0fd7e0e96cb813ac45c60f86f71164211
Size
62KB
MD5
298b947608ada2a335af19973767e960
SHA1
09910191efaef38e28093bc18de7a98a92eedf9e
SHA256
fa50edf767100d20e362479d1c3a2ff0fd7e0e96cb813ac45c60f86f71164211
SHA512
ad6ab08e10608c9ac9357f4a2d4a307224acad36e3de1ca1043c9ae8a1678268fc1b5cd821625432f723750922a9091d1df67cf19d1ae4f4701397c5ade2ef90
SSDEEP
1536:dsWWLN/fcBLjD0IIR05LGBD1hvVL3bBKmo3STS:Dy/fQwIhLGBDrvdbBVo33
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
GlobalLock
WaitForSingleObject
GetFileAttributesA
OpenFileMappingA
ExitProcess
GetCurrentProcessId
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushViewOfFile
GetTickCount
GetTempPathA
ResetEvent
WaitForMultipleObjects
SetEvent
OpenEventA
CreateEventA
HeapFree
GetProcessHeap
HeapAlloc
VirtualFreeEx
GetExitCodeThread
CreateRemoteThread
GetProcAddress
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
GlobalUnlock
ResumeThread
CreateProcessA
ExpandEnvironmentStringsA
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
FreeLibrary
ReadFile
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileInformationByHandle
SystemTimeToFileTime
GetLocalTime
RaiseException
InterlockedExchange
LocalAlloc
CreateThread
GetSystemDirectoryA
GetComputerNameA
CreateFileA
GetLastError
Sleep
GetFileSize
WriteFile
SetFilePointer
SetEndOfFile
CloseHandle
GetModuleFileNameA
OpenProcess
WideCharToMultiByte
connect
socket
inet_addr
gethostbyname
htons
send
recv
inet_ntoa
WSAIoctl
WSASocketA
gethostname
WSAStartup
WSAGetLastError
WSACleanup
closesocket
SetWindowLongA
CallWindowProcA
GetDesktopWindow
GetSystemMetrics
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
SetClipboardViewer
SetWindowsHookExA
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
LoadIconA
LoadCursorA
RegisterClassA
DefWindowProcA
SendMessageA
OpenClipboard
GetWindowLongA
CloseClipboard
GetClassNameA
GetParent
GetWindowTextA
GetKeyNameTextA
GetKeyboardState
ToAscii
GetKeyState
CallNextHookEx
FindWindowA
EnumChildWindows
GetClipboardData
SetSecurityDescriptorDacl
GetUserNameA
CreateProcessAsUserA
FreeSid
InitializeAcl
AllocateAndInitializeSid
GetLengthSid
IsValidSid
AddAccessAllowedAce
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
InitializeSecurityDescriptor
atoi
isalpha
_CxxThrowException
_mbsstr
strftime
free
localtime
difftime
_ftol
srand
rand
time
strstr
_mbsnbcmp
sprintf
realloc
malloc
ftell
fseek
wcstombs
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_mbsicmp
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
memcpy
strlen
_mbsrchr
strcpy
__CxxFrameHandler
fwrite
_mbscmp
fclose
fopen
_mbsrev
strcat
fread
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?g_dwOperation@@3KA
?g_dwTargetPID@@3KA
FlushBuffer
Init
SM
WLEvtLock
WLEvtLogoff
WLEvtLogon
WLEvtShutdown
WLEvtStartScreenSaver
WLEvtStartup
WLEvtStopScreenSaver
WLEvtUnlock
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ