TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
Static task
static1
Behavioral task
behavioral1
Sample
498c7052d8f177344ccf0ebe5ca2bc0ceb8aab6ac009f95549e24d4e9e125f62.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
498c7052d8f177344ccf0ebe5ca2bc0ceb8aab6ac009f95549e24d4e9e125f62.exe
Resource
win10v2004-20240802-en
Target
498c7052d8f177344ccf0ebe5ca2bc0ceb8aab6ac009f95549e24d4e9e125f62
Size
6.9MB
MD5
881aad59d92965841614bd56bab49d51
SHA1
eb64ebf961c7ce29f2164c4e8828bf48158cea4f
SHA256
498c7052d8f177344ccf0ebe5ca2bc0ceb8aab6ac009f95549e24d4e9e125f62
SHA512
80ba924dfa63f02a418a577dfb28e8a2f50b8c216465c1831e550dec8f199e5e6d28afcc3c04d24f4fa5b6e4464afa6bbf16b91884de5988fe946697efa14dec
SSDEEP
196608:h1d/KlJHADMgOM3WDSp25cLL7kmriKc4A:h1d/5DMfOWDSp25cL3kmGK
Checks for missing Authenticode signature.
resource |
---|
498c7052d8f177344ccf0ebe5ca2bc0ceb8aab6ac009f95549e24d4e9e125f62 |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
FlatSB_SetScrollInfo
Shell_NotifyIconW
CopyImage
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW
GetFileVersionInfoSizeW
GetErrorInfo
CryptReleaseContext
NetWkstaGetInfo
memcpy
GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
gethostbyaddr
IsAccelerator
Arc
WTSSendMessageW
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ