ExecuteBang
Finalize
GL70
Update
Static task
static1
Behavioral task
behavioral1
Sample
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114.dll
Resource
win10v2004-20230220-en
Target
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
Size
260KB
MD5
d5916cb2ff52e0411bc80a716b2aa528
SHA1
98baa0c511f8595f3a8b28c5ae1d69717b855791
SHA256
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
SHA512
618ef15305dd64d82e65e81fee659a59313998fab0d493accc122cc6795abbffcf1e31bcb1aff34413706c220777b3834a8f46240e60aca85e8d1d523f990deb
SSDEEP
6144:woGZATIJ/rRDAmZ0CI1jp8qTiAS1fW0PBJ+Y:woGGTM/hnZ0VayYv+Y
Checks for missing Authenticode signature.
Processes:
resource |
---|
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114 |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetAsyncKeyState
GetKeyState
VkKeyScanExW
MapVirtualKeyW
CallNextHookEx
GetKeyNameTextW
GetKeyboardLayout
UnhookWindowsHookEx
SetWindowsHookExW
GetStringTypeW
CreateFileW
DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP
GetACP
HeapAlloc
LCMapStringW
HeapFree
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleMode
ExecuteBang
Finalize
GL70
Update
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ