DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
0dc622611b75886905a790eb1a20fef2.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0dc622611b75886905a790eb1a20fef2.dll
Resource
win10v2004-20231215-en
Target
0dc622611b75886905a790eb1a20fef2
Size
142KB
MD5
0dc622611b75886905a790eb1a20fef2
SHA1
d7fcdcc541c32ad74e74a2e1dd50e714e011d0a7
SHA256
1e1d2eefcad765da2297ec546b8138354a581c69e9d1fe10a3da608ac0b4f012
SHA512
159a5a5130620a263f24cc0a8b40d80889a401bfa3da5f391dc91eac74dc2731a36bd3a5076e064d7d89ceead4dc9d90064e3d70cfa38fabe976d6e8550322e0
SSDEEP
1536:+F2cmkD7+Z0wx2xVrC8Zc6tcizwRd/g7OYnOJF7h3pmOuFKHl/r6OA5Y96WNF:+RPIiGW7vnOJF7fmOnr6OA5i6Y
Checks for missing Authenticode signature.
resource |
---|
0dc622611b75886905a790eb1a20fef2 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetCurrentThread
HeapAlloc
GetProcessHeap
FormatMessageW
CloseHandle
GetTickCount
WaitForSingleObject
TerminateThread
GetCurrentProcess
ResetEvent
CreateThread
WaitForMultipleObjects
SetEvent
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
Sleep
FreeLibrary
GetModuleFileNameW
InterlockedDecrement
lstrcmpiW
GetLastError
InterlockedIncrement
LeaveCriticalSection
InitializeCriticalSection
lstrlenW
LoadLibraryExW
FindResourceW
LoadResource
EnterCriticalSection
SizeofResource
GetModuleHandleW
MultiByteToWideChar
RaiseException
DeleteCriticalSection
SetThreadLocale
CreateEventW
GetThreadLocale
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
UnregisterClassA
wsprintfW
LoadStringW
CharNextW
QueryServiceStatusEx
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
GetTokenInformation
IsValidSid
GetLengthSid
CopySid
OpenThreadToken
OpenProcessToken
EqualSid
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
ControlService
CoRevertToSelf
CoImpersonateClient
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
ProgIDFromCLSID
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
CoInitializeEx
OleRun
CoMarshalInterThreadInterfaceInStream
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
SysFreeString
SysStringLen
UnRegisterTypeLi
SysAllocString
LoadTypeLi
VariantCopyInd
VariantChangeType
SafeArrayRedim
SafeArrayCreate
VarBstrCmp
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayCopy
SafeArrayDestroy
VariantInit
SafeArrayUnlock
VariantCopy
SafeArrayGetVartype
SysStringByteLen
VariantClear
LoadRegTypeLi
CreateErrorInfo
SetErrorInfo
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
??1exception@std@@UAE@XZ
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
memset
_CxxThrowException
_vswprintf
vswprintf_s
_vscwprintf
?what@exception@std@@UBEPBDXZ
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
memcpy_s
_recalloc
wcsncpy_s
malloc
wcscat_s
wcscpy_s
??_V@YAXPAX@Z
free
_purecall
swprintf_s
_resetstkoflw
??2@YAPAXI@Z
UnloadUserProfile
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ