DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
Static task
static1
Behavioral task
behavioral1
Sample
c5ab015513d92b344693ecca010a2a6b.dll
Resource
win7-20231129-en
Target
c5ab015513d92b344693ecca010a2a6b
Size
48KB
MD5
c5ab015513d92b344693ecca010a2a6b
SHA1
48f0744268e2a419aab77d8e54246ccdb3f54ba2
SHA256
7973ce3c2fb3a4375638961258f447af75020e19e4e08e50c9f75ae0f3341777
SHA512
9a7cd7e93138d963ddce1d74f363c013d7e688ba815e72f0af8ee203239aa01859f99128daa567c267eccce842a8a888f0d94bbb68934114f2ae9122da472318
SSDEEP
768:o0T+h/G/b1IM6dUFOlPQ4bAlKHX01cRYo7dCWIjNtwtCytcxkTvW0SfFYrZwPE5x:o0yBG/beMPOlhbAlKHXI27PIhtQCVWWm
Checks for missing Authenticode signature.
resource |
---|
c5ab015513d92b344693ecca010a2a6b |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrlenA
GetCurrentProcessId
WideCharToMultiByte
lstrlenW
LocalFree
CreateDirectoryA
RemoveDirectoryA
Sleep
GetCommandLineW
EnterCriticalSection
Process32First
WritePrivateProfileStringA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetShortPathNameA
GetModuleHandleA
ExitProcess
CreateThread
LeaveCriticalSection
FreeLibrary
MultiByteToWideChar
MoveFileA
FindFirstFileA
GetPrivateProfileStringA
SetFileAttributesA
DeleteFileA
FindNextFileA
GetSystemDirectoryA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
CloseHandle
GetExitCodeProcess
GetProcAddress
LoadLibraryA
Process32Next
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
BuildExplicitAccessWithNameA
SetEntriesInAclA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
RegDeleteKeyA
SHGetSpecialFolderPathA
CommandLineToArgvW
CoInitialize
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoCreateInstance
SysStringLen
LoadRegTypeLi
SysAllocString
VariantClear
SysFreeString
??2@YAPAXI@Z
_strlwr
_strupr
_adjust_fdiv
malloc
_initterm
free
_purecall
strncmp
strncpy
strchr
atoi
_wcslwr
wcsstr
_access
strcpy
??3@YAXPAX@Z
memset
sprintf
strlen
strstr
strrchr
strcat
strcmp
fclose
fread
_stricmp
ftell
fseek
fopen
memcmp
memcpy
SHSetValueA
SHDeleteKeyA
SHDeleteValueA
DllCanUnloadNow
DllGetClassObject
DllGetObjectType
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ