DllEntry
Init
Static task
static1
Behavioral task
behavioral1
Sample
a7d3cf2f359c7e951c313493721ae3cc5be01d9f7f0bf4582585899ac2476142.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
a7d3cf2f359c7e951c313493721ae3cc5be01d9f7f0bf4582585899ac2476142.dll
Resource
win10v2004-20231215-en
Target
a7d3cf2f359c7e951c313493721ae3cc5be01d9f7f0bf4582585899ac2476142
Size
380KB
MD5
96bf83492c920f5f8ed272e9ee598119
SHA1
c4b1878435c7115149a18929b5dd1c774b48e18d
SHA256
a7d3cf2f359c7e951c313493721ae3cc5be01d9f7f0bf4582585899ac2476142
SHA512
88618ad63222a1fbe3b522d055f92d14ced55df0b9425aa87a8e8ab93c5ac5d84b0bf5da972b84e6e4bf5e7036d1822ddfceac8a55b390cd025537d7ac1d09fd
SSDEEP
6144:PW/rc1Xzu0CjXOw36RBg8QvjuOYv6cEOkCybEaQRXr9HNdvOa:O/rcdu0rtRBg8avygOkx2LIa
Checks for missing Authenticode signature.
resource |
---|
a7d3cf2f359c7e951c313493721ae3cc5be01d9f7f0bf4582585899ac2476142 |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
VirtualQuery
GetTickCount
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
SetCurrentDirectoryW
ProcessIdToSessionId
GetCurrentProcessId
CreateProcessW
TerminateProcess
GetCurrentThreadId
LoadLibraryA
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
FindResourceExW
InitializeCriticalSection
DeleteCriticalSection
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
CreateThread
Sleep
ExitProcess
GetModuleFileNameW
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetModuleHandleW
GetCurrentProcess
CloseHandle
OpenMutexW
GetLastError
LeaveCriticalSection
CreateMutexW
GetStringTypeW
IsValidCodePage
GetStringTypeA
ReadFile
SetFilePointer
CreateRemoteThread
VirtualFreeEx
VirtualAllocEx
GetSystemInfo
GetModuleHandleA
WriteProcessMemory
WriteFile
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GlobalAlloc
GlobalFree
QueryPerformanceCounter
CreateFileA
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FlsSetValue
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
HeapSetInformation
HeapCreate
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetCPInfo
GetACP
GetOEMCP
InitializeCriticalSectionAndSpinCount
GetWindowThreadProcessId
FindWindowExW
FindWindowW
SetThreadDesktop
OpenDesktopW
GetThreadDesktop
wsprintfW
AllocateAndInitializeSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
FreeSid
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
StrCmpIW
PathFileExistsW
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
InternetQueryOptionW
InternetSetOptionA
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetReadFile
DnsFree
DnsQuery_W
GetIpNetTable
GetAdaptersInfo
SendARP
htonl
inet_ntoa
inet_addr
ntohl
DllEntry
Init
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ