DllRegisterServer
YYR91
Static task
static1
Behavioral task
behavioral1
Sample
zoHnNvuTkk.dll
Resource
win10v2004-20241007-en
Target
zoHnNvuTkk.dll
Size
4.1MB
MD5
22cc610a0dc995b24733ab10a0de155b
SHA1
5fdf0793cc0a81462b1cf0370fa1912900a54a6e
SHA256
9e07d09f1457297a9a229def9771f6badaa8798751b22611dd915327069fa831
SHA512
c2fe130e9db35f71c45e1a0b8a2d1016875f36655223b4a8f742bce812e28e1f14dec99331a7fb0603888a18cc9ee87c33450e79eb845523e0bd182870c4b363
SSDEEP
49152:D4XNMMWqBJ0xqoyHe53etjsamXSaurtbobdKlpPzq75jApOVv5p5GAoIW0O7GICE:D49FWqopKsaEbH+pe5jCOV5Gf3GJ9o
Checks for missing Authenticode signature.
resource |
---|
zoHnNvuTkk.dll |
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
CreateFileA
CloseHandle
GetLastError
TryEnterCriticalSection
GetTempPathA
WaitForSingleObject
GetStdHandle
LockFile
CreateNamedPipeA
ConnectNamedPipe
DisconnectNamedPipe
VirtualAlloc
GetNamedPipeHandleStateA
HeapLock
HeapFree
GetModuleHandleW
GetProcAddress
HeapAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetLastError
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
RtlUnwindEx
DllRegisterServer
YYR91
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ