Static task
static1
Behavioral task
behavioral1
Sample
05f67c9cad169b567414a05a586c0c18.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
05f67c9cad169b567414a05a586c0c18.dll
Resource
win10v2004-20231215-en
General
-
Target
05f67c9cad169b567414a05a586c0c18
-
Size
195KB
-
MD5
05f67c9cad169b567414a05a586c0c18
-
SHA1
33deef64f146c20076d5ddfb28ce1463f1ead92f
-
SHA256
c666e1b476e4c99e4068d5c544b6e95ccf40ef260963020e411d84a199807120
-
SHA512
cc3a20874659fdcf973a3d582f153a3440dc9376b1352c2b8cee2c53092b4493075ca76232a55bea2325e669b0d1e9c0b6b166bab909a2ae63072365ac0f029e
-
SSDEEP
6144:V1CgtQxwGx6RkkqeDWrZUxcrorfGcDriLP+SePIDC1TCfUmdoAN3M0v5XJCPtjEI:KkQxwGx6RkkqNrZUxcrorfGce+SePIDa
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05f67c9cad169b567414a05a586c0c18
Files
-
05f67c9cad169b567414a05a586c0c18.dll windows:1 windows x86 arch:x86
e54fde7d1bcc8060e8441555f52b4862
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
CreateFileA
GetFileSize
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
user32
EnableWindow
FindWindowA
GetWindowLongA
SendMessageA
SendMessageW
wsprintfA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
ntdll
memcpy
memset
Sections
.code Size: 192KB - Virtual size: 192KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 1024B - Virtual size: 804B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 652B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ