DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
090e222fa9686328d9ad53a4d6a70e7b.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
090e222fa9686328d9ad53a4d6a70e7b.dll
Resource
win10v2004-20231215-en
Target
090e222fa9686328d9ad53a4d6a70e7b
Size
98KB
MD5
090e222fa9686328d9ad53a4d6a70e7b
SHA1
38793da4f1078e6c518bb9cc6c3e43b7fa5195b7
SHA256
edeb2bb453e58ac3183f2481c2509159b804a3adc0ab13fcda9cd10a22fc6f6c
SHA512
26d183377a93cc653168fb526af3356fa05f59ba05e9d3504aeeb05cd26cf5da53b72cbc17faa01e6d7f7f3de86f82ce0b5b358596b82a38a0262407c9564f0d
SSDEEP
3072:EAuyXmZc2WNGu7K7F9lrl72STMrcmHGADQfOdov5f2j9:ETyodu7a9AmA8feSB
Checks for missing Authenticode signature.
resource |
---|
090e222fa9686328d9ad53a4d6a70e7b |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOff
JmpHookOn
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ