ServiceRouteEx
StartServiceEx
StopServiceEx
Static task
static1
Behavioral task
behavioral1
Sample
013065aef9d4e633f6ca4b34e091223e.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
013065aef9d4e633f6ca4b34e091223e.dll
Resource
win10v2004-20231222-en
Target
013065aef9d4e633f6ca4b34e091223e
Size
24KB
MD5
013065aef9d4e633f6ca4b34e091223e
SHA1
0f5ee93334e9d64465ec20de32786482f5a0b64a
SHA256
3eb14a47eb63ec769510d15cb7facede9bca79a35d402f8d47f5bc6b3c69f2ce
SHA512
befe2e41834f99822dccadb30578cc04b4999fff059af0e08bbbbb314cd42b2e97f8f2d3de8715493912e105395a6d583a5d744a39e41d015038bb16684f0ddf
SSDEEP
384:oBJvOLBhi59aaFfcBgSuBBQARQk2hhICqmeVCML:+JmLBhM9a6cBIBBQARQkgICJW
Checks for missing Authenticode signature.
resource |
---|
013065aef9d4e633f6ca4b34e091223e |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
SetEvent
WriteProcessMemory
WaitForSingleObject
MultiByteToWideChar
GetCurrentDirectoryA
ReadProcessMemory
GetProcAddress
LoadLibraryA
CreateEventA
lstrlenA
Sleep
CreateThread
WideCharToMultiByte
lstrcatA
GetPrivateProfileStringA
VirtualProtect
CloseHandle
GetModuleFileNameA
wsprintfA
SetTimer
KillTimer
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
gethostname
send
InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA
strcat
strcpy
memset
strlen
memcmp
fclose
fread
fputs
fopen
strcmp
strrchr
free
_initterm
malloc
_adjust_fdiv
_strlwr
_itoa
ServiceRouteEx
StartServiceEx
StopServiceEx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ