e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a | Triage

Submit
Reports

Overview

overview

Static

static

e62889be5b...5a.dll

windows7_x64

e62889be5b...5a.dll

windows10-2004_x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a.dll

Resource

win7-en-20211208

zloader main 19.04.2020 botnet persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a.dll

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

General

Target

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
Size

860KB
MD5

bba9ace9dc7cce4cac9439a43fa4c9a0
SHA1

8a66109684bfb149ae5f59adaceb380b040f1afc
SHA256

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
SHA512

49ab85bd8272bb8e54b93cb899af72cfaf169b0db39ac334d60e2e13daa1c393e6e7e563d308d002b9e9724a51740f6a860176885afcc1473fa9a04587134d82
SSDEEP

6144:VfPhJtuLbdL0BjgwdJNhO1yd2l+nqCmv6iQtiS9Vzzz2axdqhNuy9x:VMaBku2GTmii8XGZNu2x

Score

N/A

Malware Config

Signatures

Files

e62889be5bf912d37044d83aab08dfa85c7863ec9baeac93e0397e03a407f95a
.dll windows x86

49eb4fe5a2af1aaf1471b4fc9086c943

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
lstrcmpA
lstrlenA
lstrcatA
GetLastError
GetCurrentProcess

user32

CheckDlgButton
GetWindowThreadProcessId
GetCursorInfo
GetWindowDC
CheckMenuRadioItem
GetCaretBlinkTime

comctl32

InitCommonControls

gdi32

EnumFontFamiliesExA

oleacc

GetStateTextA

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wwvi
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yrhm
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy