6648c9ffc4f4e705545daaa3c09373fd | Triage

Submit
Reports

Overview

overview

1

Static

static

1

6648c9ffc4...fd.dll

windows7-x64

1

6648c9ffc4...fd.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6648c9ffc4f4e705545daaa3c09373fd.dll

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

6648c9ffc4f4e705545daaa3c09373fd.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6648c9ffc4f4e705545daaa3c09373fd
Size

15KB
MD5

6648c9ffc4f4e705545daaa3c09373fd
SHA1

00a89486907b16b5699a6f0ce99ba159688f5dc5
SHA256

9aeba194a0e6367beed5aac6dcf9ae78d88d2b69c55123724991b713e5e10c86
SHA512

82944c04dd0fc243f40e6c3fb00f79137698b3149432ab69ed5508b957a9f5ccd3bc6dc734f103f6a8f3860a1882a16e00d0e073e51ed001b4898c30e640c35e
SSDEEP

384:jKV+qXaV/EANILsAgneU8NNz9vdNWIjrWpP:wGpNIIb8NNz9VvW

Score

1^/10

Malware Config

Signatures

Files

6648c9ffc4f4e705545daaa3c09373fd
.dll windows:4 windows x86 arch:x86

0e75d060369525895ae7a3a8219856a1

Code Sign

36:0a:0e:da:c2:4d:e5:42:bd:da:43:f9:ef:59:0e:2a
Certificate

Issuer

CN=Root Agency

Not Before

27/09/2010, 10:05

Not After

31/12/2039, 23:59

Subject

CN=CeleSign,OU=WWW.CeleWare.NET,O=CeleWare.NET,1.2.840.113549.1.9.1=#0c1443656c655369676e40686f746d61696c2e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
GetLastError
GetSystemDirectoryA
lstrcatA
LoadLibraryA
VirtualAlloc
GlobalAlloc
CloseHandle
CreateThread
GetModuleFileNameA
lstrcmpiA

msvcrt

memcpy
strrchr

Exports

Exports

wdmAudio

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy