DllRegisterServer
DllUnregisterServer
PauseW
ResumeServer
ResumeW
StartServer
StartW
StopServer
StopW
SuspendServer
Static task
static1
Behavioral task
behavioral1
Sample
76f0ff6a013170d0f4adb05580da5e44.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
76f0ff6a013170d0f4adb05580da5e44.dll
Resource
win10v2004-20231215-en
Target
76f0ff6a013170d0f4adb05580da5e44
Size
164KB
MD5
76f0ff6a013170d0f4adb05580da5e44
SHA1
88cd1f65611d3d6db53c2e1c54e291cf4d54eb96
SHA256
1e8a77180693c6979f4dbc0ddefa0c7eddc89474d33a325d6567c0b04242e184
SHA512
bab1984fd87e241314a16dc9951670eb8b63a66b3d4acdf69ee1703cd427a1cba337822866baef9c345b258066f79387048b14f271a699dec3f0459a7ffa0305
SSDEEP
3072:cTltpXTmRUD82PbjCb5lcUpLhUf05x97bsqWpaM0fB8U6xcBwVSuU1E7YbqnOuO4:CuC7jj05CUpLhUsj97hM28xmwUuUKkbM
Checks for missing Authenticode signature.
Processes:
resource |
---|
76f0ff6a013170d0f4adb05580da5e44 |
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
DllRegisterServer
DllUnregisterServer
PauseW
ResumeServer
ResumeW
StartServer
StartW
StopServer
StopW
SuspendServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ