Static task
static1
Behavioral task
behavioral1
Sample
8ad91829d5c371ee76587e3ff2ee9524.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8ad91829d5c371ee76587e3ff2ee9524.dll
Resource
win10v2004-20231222-en
General
-
Target
8ad91829d5c371ee76587e3ff2ee9524
-
Size
192KB
-
MD5
8ad91829d5c371ee76587e3ff2ee9524
-
SHA1
3f5d1b18080faa0252f092347977d8c5fa0e2f95
-
SHA256
5130dcc7229bbeff50617b8b89726a466a19c56cb0b43cb08bce99bf1224104a
-
SHA512
6bbc78387d11ce5f9ecd56255fe9702ee3d1b167a79127d4050ab2271ee48ad9d0687e4eccc42e62b08979230cae136ff2e8230c16c3a39eb0fc5ad888d57d54
-
SSDEEP
3072:VZ6zbe5nBmsKhAcUMs50oZpJToiWdRpbdHxFqQc1GTe+iHtzvcC6La1CF0azoF4:VZ6H6YsjVMpoBT9WdRpbdDLcxXzvj62K
Malware Config
Signatures
Files
-
8ad91829d5c371ee76587e3ff2ee9524.dll regsvr32 windows:5 windows x64 arch:x64
86a0347472bab587093d4473afa802c5
Code Sign
1b:31:ed:31:0a:42:f1:00:5d:34:c8:1d:cd:ea:10:16:1e:18:8d:12Signer
Actual PE Digest1b:31:ed:31:0a:42:f1:00:5d:34:c8:1d:cd:ea:10:16:1e:18:8d:12Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleFileNameW
RaiseException
GetLastError
HeapSize
DisableThreadLibraryCalls
LockResource
DecodePointer
DeleteCriticalSection
GetSystemTime
GetCurrentThreadId
GetCurrentProcessId
FreeLibrary
GetProcAddress
GetModuleHandleW
lstrcmpiW
MultiByteToWideChar
HeapDestroy
WaitForSingleObject
GetExitCodeProcess
CloseHandle
LoadLibraryW
GetThreadLocale
SetThreadLocale
EncodePointer
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
SizeofResource
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
LoadLibraryExW
HeapReAlloc
GetConsoleCP
LCMapStringW
FreeEnvironmentStringsW
CreateFileW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
OutputDebugStringW
IsProcessorFeaturePresent
GetCommandLineA
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
GetModuleHandleExW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStdHandle
WriteFile
IsValidCodePage
user32
IsWindow
FindWindowW
SendMessageTimeoutW
CharNextW
advapi32
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
shell32
ShellExecuteExW
DragQueryFileW
ole32
CoCreateFreeThreadedMarshaler
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
ReleaseStgMedium
CoTaskMemAlloc
oleaut32
VarUI4FromStr
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
shlwapi
PathFileExistsW
PathFindFileNameW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 112KB - Virtual size: 111KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ