SetParameter
SetRunPath
SetService
SetSoftType
TaskFree
TaskStart
Static task
static1
Behavioral task
behavioral1
Sample
2b600a27a93c58ae24156475317353c3664fe7f0ec743f2e4c9687af9e6f3c2f.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2b600a27a93c58ae24156475317353c3664fe7f0ec743f2e4c9687af9e6f3c2f.dll
Resource
win10v2004-20220812-en
Target
2b600a27a93c58ae24156475317353c3664fe7f0ec743f2e4c9687af9e6f3c2f
Size
3.1MB
MD5
1fda05db744f294b104207e8028a22b8
SHA1
f5c1c25d822beeccb7bddd09d51c6b17f477d5c8
SHA256
2b600a27a93c58ae24156475317353c3664fe7f0ec743f2e4c9687af9e6f3c2f
SHA512
6099d21a252489a2af2c3d0607dfc854567c5bd151fb52e30b93a3c1eb170b31f331d416dcece7320831d3d02dec4a3b427dc964282c0fb10c5d7fb5fdc2a3fe
SSDEEP
98304:LvdQTfzVRPLpoMEs06HwLwyq7NRl3r3JVmklwJgzlHRh:rdER6MjHwLwXl3lVbo6Rh
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
OpenProcess
WaitForSingleObject
Sleep
lstrcpyW
CreateProcessW
ProcessIdToSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetSystemInfo
GetTickCount
GetVersionExW
GetFileSize
WriteFile
ReadFile
FindClose
FileTimeToSystemTime
GetTempPathW
CreateFileW
SetFileAttributesW
GetFileAttributesExW
FindNextFileW
MoveFileExW
GetLongPathNameW
AreFileApisANSI
GetSystemTime
CreateDirectoryW
RemoveDirectoryW
ReleaseMutex
GetSystemDirectoryW
GetVolumeInformationW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
GetStdHandle
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
VirtualAlloc
VirtualFree
LocalFree
SetLastError
GetNativeSystemInfo
LoadLibraryA
IsBadReadPtr
DeviceIoControl
OutputDebugStringA
SetPriorityClass
EncodePointer
InterlockedFlushSList
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GetFullPathNameW
GetACP
GetFileType
GetStringTypeW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
GetTimeZoneInformation
FlushFileBuffers
GetDriveTypeW
SetStdHandle
WriteConsoleW
GetCurrentDirectoryW
SetEndOfFile
OutputDebugStringW
CreateThread
LocalAlloc
GlobalFree
GlobalAlloc
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CloseHandle
GetModuleFileNameW
FindFirstFileW
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CopyFileW
DeleteFileW
GetCurrentProcess
DeleteCriticalSection
SetConsoleMode
ReadConsoleInputA
VirtualProtect
InitializeCriticalSection
FreeLibraryAndExitThread
ExitThread
SystemTimeToFileTime
GlobalMemoryStatus
FlushConsoleInputBuffer
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
VerifyVersionInfoA
GetSystemDirectoryA
GetModuleHandleA
VerSetConditionMask
SleepEx
GetFileAttributesExA
FormatMessageA
QueryPerformanceFrequency
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
LoadStringW
wsprintfW
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHGetFolderPathW
CoUninitialize
CLSIDFromString
CoCreateInstance
CoInitialize
EnumProcesses
GetModuleFileNameExW
EnumProcessModules
GetProcessImageFileNameW
PathAddBackslashW
PathFileExistsW
WTSQueryUserToken
CryptGetUserKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
RegSetValueExW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
ImpersonateLoggedOnUser
RevertToSelf
ReportEventA
RegisterEventSourceA
DeregisterEventSource
OpenProcessToken
GetTokenInformation
EqualSid
AllocateAndInitializeSid
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptSetHashParam
CryptGetProvParam
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
DuplicateTokenEx
CreateProcessAsUserW
LookupPrivilegeValueW
LookupAccountSidW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSidSubAuthorityCount
GetSidSubAuthority
FreeSid
GetAdaptersInfo
URLDownloadToFileW
CreateEnvironmentBlock
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateContext
ord60
ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord143
ord217
ord46
ord211
ord50
ord41
ord22
recvfrom
sendto
ioctlsocket
gethostname
shutdown
htonl
gethostbyname
select
WSAGetLastError
socket
__WSAFDIsSet
getservbyname
WSASetLastError
recv
send
bind
closesocket
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSAIoctl
WSAStartup
WSACleanup
getaddrinfo
freeaddrinfo
accept
listen
SetParameter
SetRunPath
SetService
SetSoftType
TaskFree
TaskStart
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ