DllRegisterServer
Frw248F6c
LcDqie66xUg6
QzRAt949
XUGnM9D
Static task
static1
Behavioral task
behavioral1
Sample
cr.dll
Resource
win7-20230220-en
Target
cr.dll
Size
392KB
MD5
8312982dec68276f075d10db0ac1d925
SHA1
b16e2d37c82995bfe4c43088a7e783017f32f7fe
SHA256
4ae9a38d6dbddba6d706e92516fc0df4c3d6e899bb280b1a06e4c599cf8ce845
SHA512
dc93f98703761c7c79e59ebaa658c0c0de6d5b224904e89b3c0ea4046427f8121f7f2427840630e978443d109f527d200f278e500cecb648dd9f1837b44ad807
SSDEEP
6144:0dEeK8q1pXMgSpChXg7ruJZRiSE4P+R6pTHQu46JLrlTBtwtY6P97KhTEalgt6a+:lHlMlpzUx5Oi7TraJFcDlgt6a
Checks for missing Authenticode signature.
Processes:
resource |
---|
cr.dll |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetComputerNameA
HeapCreate
TryEnterCriticalSection
DeleteCriticalSection
GetFileAttributesA
GetTempPathA
ReadFile
LockFile
UnlockFile
GetFileInformationByHandle
WaitForMultipleObjects
CreateFileMappingA
MapViewOfFile
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
DllRegisterServer
Frw248F6c
LcDqie66xUg6
QzRAt949
XUGnM9D
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ