ServiceRouteExA
StartServiceEx
Static task
static1
Behavioral task
behavioral1
Sample
7ccfa013137edf633207e0dada1356fb.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7ccfa013137edf633207e0dada1356fb.dll
Resource
win10v2004-20231215-en
Target
7ccfa013137edf633207e0dada1356fb
Size
19KB
MD5
7ccfa013137edf633207e0dada1356fb
SHA1
c0e251d5a99f8de5cde865266d0592c0cfce89f4
SHA256
cbf844cf949b3dab3b6f81dab72c9355b6889e88a2b6a97232a013657259d2a6
SHA512
390f449b633135bfc6352fcdbb85b94492105823cef9f1a5ea2e59619100612573f6fb856d9730f1cb9e9f63cc6aa868bc27805dfedcc1dd986dafa674ea7873
SSDEEP
384:pAE6khqqsTLmIajOrQjqDduBBQARQkRPy40cwVm2:pLhqpTqIahjWQBBQARQktzsVm
Checks for missing Authenticode signature.
resource |
---|
7ccfa013137edf633207e0dada1356fb |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
strstr
strlen
memcpy
memcmp
RtlZeroMemory
closesocket
gethostname
ReadFile
Sleep
IsBadReadPtr
GetSystemDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateThread
lstrcmpA
lstrcpynA
lstrcpyA
lstrcmpiA
WritePrivateProfileStringA
WaitForSingleObject
CloseHandle
CreateFileA
GetExitCodeThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryA
MultiByteToWideChar
ExitProcess
VirtualProtectEx
lstrcatA
lstrlenA
TerminateThread
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
KillTimer
SetTimer
wsprintfA
ServiceRouteExA
StartServiceEx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ