Hello
Static task
static1
Behavioral task
behavioral1
Sample
15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1.dll
Resource
win10v2004-20230915-en
General
-
Target
15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1
-
Size
2.1MB
-
MD5
59fe5cc4426eb37c093172a0757ca9d4
-
SHA1
9616d97acdd8dd39f04279f75ab9f1d29a562c5f
-
SHA256
15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1
-
SHA512
821a6f8a7c2d78a304c46596bd435635af417bde6f07d4bf4914199d9c56beb4dc6c012b17228472bc992ca9357a6fb0dfaed3d4891afe84b35b31dcc9e1b606
-
SSDEEP
49152:wRQjrBMW0TlEPHNiPzy0rRdnNoser7Gp/sfLnXqsgO7IYksfmQlT6eXrmDW2m7Z:1M9SPtiPzp3leo0fLqsismCTFsQZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1
Files
-
15f215a99e933b67d8f8b4ea895d9115298806ce99a13aa419be383c5b47c7b1.dll windows:4 windows x86
8dedcb82a9ae611d5c58322aecae9e48
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
rasapi32
RasGetConnectStatusA
winmm
waveOutPause
ws2_32
listen
kernel32
TlsSetValue
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
user32
DefWindowProcA
gdi32
GetWindowOrgEx
winspool.drv
DocumentPropertiesA
advapi32
RegCreateKeyExA
shell32
ShellExecuteA
ole32
OleInitialize
oleaut32
RegisterTypeLi
comctl32
ImageList_Create
wininet
InternetCrackUrlA
comdlg32
GetSaveFileNameA
Exports
Exports
Sections
.text Size: - Virtual size: 976KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 540KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.sedata Size: - Virtual size: 608KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp1 Size: - Virtual size: 896KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp2 Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ