BeginNdocwqt
AddFgatyay
EndYnkymeip
BeginOpisyendmhx
Static task
static1
Behavioral task
behavioral1
Sample
3f28e5e6a394e7f668d701b1f7125b64.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3f28e5e6a394e7f668d701b1f7125b64.dll
Resource
win10v2004-20231215-en
Target
3f28e5e6a394e7f668d701b1f7125b64
Size
35KB
MD5
3f28e5e6a394e7f668d701b1f7125b64
SHA1
d4613b9fd47bafc0bad4b5b4facc54dd30a52916
SHA256
91859f35e1826babfc20d762ba13a30936b838d104312fa1dc325dc5f3e554c9
SHA512
ac0fbaf76ba2f38085223e1e370f718eee16a6ff9ceb3dcaebd8eb82cf911a5537adf6d84b070c23d4f9babaae618b252172c7d77b54883ca280fcfb98d54e29
SSDEEP
768:ghxhJGS3mKgUBrWjpHBJLwLUF9r4zNjPHSUGeOWNnoloBIzAIqVqZYsuD7kq:SLGomgriYLQV4zNLHSmzNnxBIzAoZru8
Checks for missing Authenticode signature.
resource |
---|
3f28e5e6a394e7f668d701b1f7125b64 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetModuleFileNameA
GetEnvironmentVariableW
IsValidLanguageGroup
GetACP
IsProcessorFeaturePresent
ExpandEnvironmentStringsA
EnumSystemLanguageGroupsA
SetNamedPipeHandleState
PeekConsoleInputA
FindNextVolumeMountPointA
GetDiskFreeSpaceW
GetCommandLineA
ExitProcess
GetStartupInfoA
BeginNdocwqt
AddFgatyay
EndYnkymeip
BeginOpisyendmhx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE