b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608 | Triage

Submit
Reports

Overview

overview

1

Static

static

b2c15239cb...08.dll

windows7-x64

1

b2c15239cb...08.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608.dll

Resource

win7-20221111-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608
Size

32KB
MD5

01a97d74d8acc3bc03fbb3d94dfbc2b9
SHA1

384cf0beb8857ccdb614db252e21e5e14ce09a4a
SHA256

b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608
SHA512

c814b7d669da35149724a377196c0868e9061a1e3d6883b90ee9e0714c5c4af6cdcbda82b17ec1595245d7f172f3f00bf0ac4f3ff03fc336e2817047f7f3caa0
SSDEEP

768:cy+kFVdVQD/KSy2ysJ4vFDNsoElh0JKxWv6N:B+wp+oNnH

Score

N/A

Malware Config

Signatures

Files

b2c15239cba4ab321b6df2d710fc3441365d0e672fa2b839d412ec6fd7880608
.dll regsvr32 windows x86

80977fa3a4f60d37dcfcbb6a3f79c624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
InterlockedIncrement
CloseHandle
CreateThread
GetLocalTime
GetWindowsDirectoryA
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
DeleteFileA

user32

TranslateMessage
DispatchMessageA
UnhookWindowsHookEx
RegisterClassExA
CallNextHookEx
SetWindowsHookExA
SetTimer
KillTimer
FindWindowExA
PostMessageA
DefWindowProcA
CreateWindowExA
ShowWindow
GetMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

_initterm
free
strchr
fopen
fwrite
fclose
strrchr
_stricmp
_access
malloc
_adjust_fdiv
_strlwr
??2@YAPAXI@Z
sprintf
__CxxFrameHandler
??3@YAXPAX@Z
strstr

Exports

Exports

DllGetClassObject
DllRegisterServer
DllUnregisterServer
ghkoplKm

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy