Static task
static1
Behavioral task
behavioral1
Sample
564114973f01f2fb82840c513a00e3d5b09e8fb8de50e0c00f47189e6814def3.dll
Resource
win7-20241023-en
General
-
Target
564114973f01f2fb82840c513a00e3d5b09e8fb8de50e0c00f47189e6814def3
-
Size
364KB
-
MD5
37fc36143af63f5f3ba7ccefa484e884
-
SHA1
4ce03969e43b4c6251b21a76d968a9badd576eb1
-
SHA256
564114973f01f2fb82840c513a00e3d5b09e8fb8de50e0c00f47189e6814def3
-
SHA512
20e6c6f6542c7161caae8e414804ac45a181157fb361996bbb52691b877d7241a29cbac0e87c4f32ff41c87fa6e9e6c1aebebe128a3919d36cc2253f539ef6a0
-
SSDEEP
6144:qRsMh9YQWtcgA70wgF7nJy76CQK+kIVDRjudJMrt32fFcRmXIeJXjWMmAD:cvm9Y0HFLKRQKqV4epRmxAvAD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 564114973f01f2fb82840c513a00e3d5b09e8fb8de50e0c00f47189e6814def3
Files
-
564114973f01f2fb82840c513a00e3d5b09e8fb8de50e0c00f47189e6814def3.dll windows:6 windows x86 arch:x86
609402ef170a35cc0e660d7d95ac10ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsSetValue
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
SetLastError
GetEnvironmentVariableW
GetLastError
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
ReleaseMutex
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
CloseHandle
GetStdHandle
GetConsoleMode
WriteFile
WriteConsoleW
TlsAlloc
GetCommandLineW
CreateFileA
GetTickCount64
CreateFileW
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
DecodePointer
user32
GetDC
ReleaseDC
GetWindowRect
Exports
Exports
Control_RunDLL
ajkaibu
akyncbgollmj
alrcidxljxybdggs
bgmotrriehds
bojkfvynhhupnooyb
bujuoqldqlzaod
bunsahctogxzts
cjogbtafwukesw
csbbcaopuok
cyqrjpaeorjur
dlrzuyaeqj
egiimrq
evhgyts
fdqpjjjyuw
finabzjyxhxnnuuv
fkeacqpbbfw
fuwsgzf
fzbmpailk
gamsrhauvgl
gjfqgtgk
gwsmfxfmekkyr
haymuvtatadeydqmk
hqruohhkvpdalhq
htdaydfvtjlujwcaj
hzyrvjtx
ifnsupqhxkwj
ijhgowlpmypocg
ispjhrqaxnyflnn
iszvcqv
ixgucop
jcdvrhrguqtjpkc
jkfyadsdpoks
kfzgxmljkwaqy
kzfvroxozxufciczm
lpstjqa
ltkoyvzovzkqemyw
mdigcwjymnzvgaql
mefathlzguuhqodfx
mgsrmfbja
mrxhcceopg
nafhmuoq
nefxgpc
nrehxpiznrppeu
nucocnvjyqp
obxoxtcbntaxofr
ofrzojd
oofbctfc
opzpazspbecyjojf
oqoigff
oujlzhzvhjh
ovpsanbypajv
pblpcaadqbdxyb
ragwdgnyohftj
rfosmac
rgymbuetvifqjqdlo
rmoxbxbbgidnbds
rxnkmfbycdcc
sefltbc
sgieprcsphl
shpcmnqzvyltgdt
slktbekupvmdbt
sormivnk
tdblkstlyin
tkllyrc
tkwpnvfqnbpbdqe
tnhtgnjrabqakgeke
tzpmcwwig
uceklmggjof
ukwdddyj
uwnaptydgur
vjusqoeo
vnyufpq
vsrwmkhzkrtlexxb
wermsdfzb
wkhpfdjkypy
wksndtayhfm
wnjvxspilxpchq
wuqwfssiddrcl
wyyhtqptznbrknitg
wzkcijdvadq
wzxlvxuyy
xhtxeilfgsghxik
xvdijhconoukll
ybbwnezvxfafm
yeylpreasnzamgac
ypkidshxgzkkehc
ypzvmpfbgai
zbrzizodycg
zdiuqcnzg
zfkwwtxd
zktykfwmaehxg
zmkbqvofdhermov
zvtqmkitgmzgo
Sections
.text Size: 153KB - Virtual size: 153KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 197KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ