Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start
Static task
static1
Behavioral task
behavioral1
Sample
1debc9bb97eee09296d98b3108734b44.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1debc9bb97eee09296d98b3108734b44.dll
Resource
win10v2004-20231215-en
Target
1debc9bb97eee09296d98b3108734b44
Size
28KB
MD5
1debc9bb97eee09296d98b3108734b44
SHA1
09dce940470b73debbf91b0d4da885bdb3c91e0d
SHA256
a21245cfde13da26f4f1e651e617767110ed6e1dfc9dc0209d6954e49bf18954
SHA512
7bc3449afd13eefd3672fb64d9646d520141bccb6e0f0ad95882fab061a30a1a6998bb1750a13bcb4314bf532f24902408950bb7ad7069abc69d0b68d3c328bd
SSDEEP
384:IBySWqwQs5mOlIH6RBT2rJzaDPSRfMOHA2m26ORrRm+qYe:I4TIaP6lzaD+MTd+q5
Checks for missing Authenticode signature.
resource |
---|
1debc9bb97eee09296d98b3108734b44 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE