CreateFaceGenModule
Static task
static1
Behavioral task
behavioral1
Sample
6510838524864912acecccf13d3fed49.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6510838524864912acecccf13d3fed49.dll
Resource
win10v2004-20231222-en
General
-
Target
6510838524864912acecccf13d3fed49
-
Size
248KB
-
MD5
6510838524864912acecccf13d3fed49
-
SHA1
3cd1189f433be8e9cd7417e89def7bf3dcef5dcd
-
SHA256
5822d4e1961423a7a17f0dd8aeedcc9c26e59eb289005e0d784d5cbb78e45ab4
-
SHA512
0b184fb66fb352d65eafcb8b84edfcf93baaec26064b5eaf7612c15a735866a9d425a594d36f4a32aad93a43bd5a2fa09cc49f45768cc7ecd07b85768f40e98a
-
SSDEEP
6144:aliSq/1PSm2sQPkgCyoHVvdnf5CVE1oPb:alnq1EsQahHRdnIgoD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6510838524864912acecccf13d3fed49
Files
-
6510838524864912acecccf13d3fed49.dll windows:4 windows x86 arch:x86
550f0e81bcc98449e64d8cb409d91b47
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
InterlockedIncrement
InterlockedDecrement
user32
MessageBoxA
thrixxx010267
ord1894
ord1835
ord131
ord1498
ord85
ord991
ord992
ord195
ord1891
ord1581
ord1823
ord138
ord103
ord1903
ord1865
ord1866
ord1901
ord864
ord133
ord686
ord631
ord583
ord268
ord989
ord990
ord1591
msvcp71
?_Nomemory@std@@YAXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?flush@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
msvcr71
__CppXcptFilter
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_callnewh
malloc
_CIpow
exit
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
Exports
Exports
Sections
.text Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gjvyctcp Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
1l7hscd5 Size: 138KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
h8mhd3ux Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ