ScreenShot
| Created | 2023.09.26 11:27 | Machine | s1_win7_x6401 |
| Filename | tuu | ||
| Type | PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | d933dc430f8feadf74902c4719033886 | ||
| sha256 | 210253a0e72794026bcdfdac3d6d787fd9a69c75628fee86566e9b69e86ca1ea | ||
| ssdeep | 192:tU5z9i1jq2pJk+/qcJklyJOEqFLsBGQwrgAh:2z9ObJH/IwJO/+0QwrgC | ||
| imphash | fd410436ce0407a0a8f79bfce8af0bc3 | ||
| impfuzzy | 6:9mRxybmRxn5X0ZRHmRxT7mRx8Jt0yRlbmARrKXVNIV5GGaJvuqBYq0IquZzwD3:YRJRJJoARZqRNqBrKlaRa91Kq0iZzwD3 | ||
Network IP location
Signature (0cnts)
| Level | Description |
|---|
Rules (3cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x3862d9128 DeleteCriticalSection
0x3862d9130 EnterCriticalSection
0x3862d9138 GetLastError
0x3862d9140 InitializeCriticalSection
0x3862d9148 LeaveCriticalSection
0x3862d9150 Sleep
0x3862d9158 TlsGetValue
0x3862d9160 VirtualProtect
0x3862d9168 VirtualQuery
0x3862d9170 WinExec
msvcrt.dll
0x3862d9180 __iob_func
0x3862d9188 _amsg_exit
0x3862d9190 _initterm
0x3862d9198 _lock
0x3862d91a0 _unlock
0x3862d91a8 abort
0x3862d91b0 calloc
0x3862d91b8 free
0x3862d91c0 fwrite
0x3862d91c8 realloc
0x3862d91d0 strlen
0x3862d91d8 strncmp
0x3862d91e0 vfprintf
USER32.dll
0x3862d91f0 MessageBoxA
EAT(Export Address Table) Library
0x3862d3000 hash
0x3862d13a0 reverseString
0x3862d13f0 xlAutoOpen
KERNEL32.dll
0x3862d9128 DeleteCriticalSection
0x3862d9130 EnterCriticalSection
0x3862d9138 GetLastError
0x3862d9140 InitializeCriticalSection
0x3862d9148 LeaveCriticalSection
0x3862d9150 Sleep
0x3862d9158 TlsGetValue
0x3862d9160 VirtualProtect
0x3862d9168 VirtualQuery
0x3862d9170 WinExec
msvcrt.dll
0x3862d9180 __iob_func
0x3862d9188 _amsg_exit
0x3862d9190 _initterm
0x3862d9198 _lock
0x3862d91a0 _unlock
0x3862d91a8 abort
0x3862d91b0 calloc
0x3862d91b8 free
0x3862d91c0 fwrite
0x3862d91c8 realloc
0x3862d91d0 strlen
0x3862d91d8 strncmp
0x3862d91e0 vfprintf
USER32.dll
0x3862d91f0 MessageBoxA
EAT(Export Address Table) Library
0x3862d3000 hash
0x3862d13a0 reverseString
0x3862d13f0 xlAutoOpen