deskmon[.]dat | Triage

Resubmissions

20/12/2022, 05:45

221220-gf4veagg85 1

20/12/2022, 05:44

221220-gfekhsbh6t 1

Sharing

Copy URL Twitter E-mail

General

Target

deskmon.dat
Size

1.0MB
MD5

11297f4082e4c4b60e8b3ba6d35c2d52
SHA1

d4bfbe9a6df9a9b412e3690a68b5c4fca44d321c
SHA256

db333be4247b3cef1efefe762327112ca465de58a15a260033d03a7aaaf5cbb2
SHA512

7288352c080399257369613b2435ceafaa7a39769655d5c42b719fb65dfed62326fd3e42248a3b0e4c825c73b75235d9bd7d61b80c78bb0d244d1cc34afa12ae
SSDEEP

24576:Dxjz/fW1fil8KupGavkg3NyY+bbTNYIBAUZLYnTwFU0s:FXOg8KupGaXXEYIBAUZLYngx

Score

N/A

Malware Config

Signatures

Files

deskmon.dat
.dll windows x86

5e2a8adbd67a9f695a7d7e5f915f640f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___mb_cur_max_func
_amsg_exit
_errno
_initterm
_iob
_lock
_unlock
abort
atoi
calloc
free
fwrite
malloc
memcmp
memcpy
memset
qsort
realloc
setlocale
sprintf
strchr
strcmp
strcpy
strlen
strncmp
strrchr
vfprintf
_strdup

Exports

Exports

plibiconv_version
pliases_lookup
pconv_canonicalize
pibiconv
pibiconv_close
pibiconv_open
pibiconv_open_into
pibiconv_relocate
pibiconv_set_relocation_prefix
pibiconvctl
pibiconvlist
qqqq

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

5e2a8adbd67a9f695a7d7e5f915f640f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 822KB - Virtual size: 822KB

.bss Size: - Virtual size: 1KB

.edata Size: 512B - Virtual size: 373B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 116KB - Virtual size: 114KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 822KB - Virtual size: 822KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 373B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 116KB - Virtual size: 114KB