Static task
static1
Behavioral task
behavioral1
Sample
7a7c3731a28fa07e19fb0140f153eac3.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7a7c3731a28fa07e19fb0140f153eac3.dll
Resource
win10v2004-20231215-en
General
-
Target
7a7c3731a28fa07e19fb0140f153eac3
-
Size
21KB
-
MD5
7a7c3731a28fa07e19fb0140f153eac3
-
SHA1
d6881a0ff5d624f2d2fac060a76b92c4da00d281
-
SHA256
0edb5b6b13b9467b67276edd6db837339f5b2c04d6253e8b921bbc33374a891f
-
SHA512
c4c1c7ed961371a5be3b797bdcdbc3d82944ddd7add817896e75f18616884887c2fb26eaa9a5adbea2f2bfe21b43ea9e27a29e0b51bafe425338174dcff7c482
-
SSDEEP
384:A2LG8fnygL0c6y40cuDmH7hprlW3isXPMkI:FrnyTcw3ucTrALP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7a7c3731a28fa07e19fb0140f153eac3
Files
-
7a7c3731a28fa07e19fb0140f153eac3.dll windows:4 windows x86 arch:x86
1e294f9ea43bfc264bbab3e1fcfec54b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetLastError
CreateMutexA
TerminateThread
Process32Next
GetFileAttributesW
ReadProcessMemory
VirtualQueryEx
WideCharToMultiByte
Process32First
CreateToolhelp32Snapshot
ReadFile
GetFileSize
CreateFileA
SetFilePointer
VirtualProtect
Sleep
GetProcessHeap
HeapAlloc
OutputDebugStringA
GetModuleHandleA
OpenProcess
VirtualProtectEx
WriteProcessMemory
CloseHandle
GetModuleFileNameA
CreateThread
msvcrt
strrchr
??3@YAXPAX@Z
wcslen
??2@YAPAXI@Z
wcsncat
wcscpy
wcsstr
exit
malloc
__CxxFrameHandler
memcpy
strcat
strstr
_vsnprintf
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
strcpy
sprintf
strncpy
strlen
memset
free
_except_handler3
user32
GetForegroundWindow
GetClassNameW
GetWindow
FindWindowA
MapVirtualKeyA
ToAscii
GetKeyboardState
wsprintfA
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ