Static task
static1
Behavioral task
behavioral1
Sample
2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93.dll
Resource
win10v2004-20231215-en
General
-
Target
2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93
-
Size
245KB
-
MD5
426a58b5ad8703c7cdf28bd2a978b348
-
SHA1
4e493564bb6902da5f6be971ea080ad6e9a1b49a
-
SHA256
2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93
-
SHA512
7d002c74b89cb93d63b2ea88b95cc5d5869110320e4f9d0b192e18843b931314dca21d164821b2284615b0bc2e7addf2f3b87c409ce3db911b2326915f0fe5f3
-
SSDEEP
3072:tbE4YnvcpHBsnz0QU4py5vom6D7MHKiSz51lVD4vLsgUgWNog70Yevd5Nb+Zr38V:ovcpHBQ5UuyVjSY3Wv0YeN+RtoV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93
Files
-
2538fbdf2c8bc28d4fe8e9ebccca6026d62092d8a03aafe274b0089be95e1b93.dll windows:5 windows x64 arch:x64
c1f674701ca9eeae414f9e9d913d592b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
msvcr100
_onexit
_lock
__dllonexit
_unlock
_malloc_crt
__clean_type_info_names_internal
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
malloc
??3@YAXPEAX@Z
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
_cexit
__FrameUnwindFilter
kernel32
CreateEventW
ResetEvent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
Sleep
EncodePointer
DecodePointer
GetCurrentProcessId
img3bin
CameraMarkRelease
CameraMarkCreate
GrbNtvRelease
GrbNtvCreate
mscoree
_CorDllMain
Sections
.text Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.nep Size: 512B - Virtual size: 32B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 180B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 36B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.wibu Size: 167KB - Virtual size: 166KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ