DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOf
JmpHookOn
Static task
static1
Behavioral task
behavioral1
Sample
bd64e01f17e70e6a8aa1507e301700ff.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bd64e01f17e70e6a8aa1507e301700ff.dll
Resource
win10v2004-20240226-en
Target
bd64e01f17e70e6a8aa1507e301700ff
Size
35KB
MD5
bd64e01f17e70e6a8aa1507e301700ff
SHA1
c030c16320b46c777e81712e6b1f0cbe15c23037
SHA256
0902972680e716b73234aebccf422652c70372ab2c46eff6c9dfba4f13efdb88
SHA512
f3e2a6a583bb99ae0730f723c7c963ea77fe5e6743f29fd593ec51fe18444264b9d977d26f70ace9629b586aa277863f922a320a4907b5d5a9a472d2fe001c97
SSDEEP
768:qQoi6qZO1Qegd2h73c3G84SMsWWzdVGOJ3S30:qQv6qZ4Q3D3G84SX5S30
Checks for missing Authenticode signature.
resource |
---|
bd64e01f17e70e6a8aa1507e301700ff |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JmpHookOf
JmpHookOn
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ