20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

20eb876c24...c3.dll

windows7-x64

7

20eb876c24...c3.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3.dll

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3
Size

4.3MB
MD5

33a40c2d05c66fc75b8a4528073812a9
SHA1

fae0c11ebce67c6126bd0a9ea4f1d5067a61046d
SHA256

20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3
SHA512

74e88c4b8e2b4919d203e6a16807ea6b0f29a741203d2210cafc738a50d1c7b73af1c5d43fb6b4b1f02844f0b4ee9fbca9e373b9a119567da28afed2ace1e4fa
SSDEEP

98304:SlXt8T+KxTMTRHN7x0nuY9qke21DWQ8ig3XTeCz:EdcKTRttgp9qkUCg3Xnz

Score

1^/10

Malware Config

Signatures

Files

20eb876c2428fa2c699c502eba34b7ba3e9720b6efe757549d8e8098151221c3
.dll windows x86

b3fe3bb2f9636903a8f7f7afde49bf90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

ExpandEnvironmentStringsForUserW

wtsapi32

WTSQuerySessionInformationW

shlwapi

SHGetValueW

psapi

GetModuleFileNameExW

kernel32

CreateFileW

user32

LookupIconIdFromDirectory

advapi32

RegQueryValueExW

shell32

SHGetFolderPathW

ole32

CLSIDFromString

ntdll

NtQueryInformationProcess

version

VerQueryValueW

crypt32

CryptMsgClose

ws2_32

htonl

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

Exports

Exports

CreateObject

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy