docs_pdf_8[.]iso

Resubmissions

15/09/2022, 12:22

220915-pj5vwadad7 10

11/04/2022, 16:15

220411-tp8aeaahg9 9

Sharing

Copy URL Twitter E-mail

General

Target

docs_pdf_8.iso
Size

2.1MB
MD5

d7154fc91caef7b5d3f76a68680fd771
SHA1

9cc37055397743238967e575d6f291ca8f453fa6
SHA256

8b8dad2c17f06198db3d988b60ba48629d767a0d2c8a493f9919ac0dccb95609
SHA512

1db47825e08105b276b79111b5a2003b15b8a82fbcd920154717b59f159066497b17fcb266df5bd1a15c061b35e655540f00ff92010a31f5fa2cd4c155a8f7e3
SSDEEP

49152:cpfaMa7wkHW4GnVibdZAi6WcJQc2CU/Z9dYn0XZW1:W4KVIZAiTcqcHkdEII1

Score

N/A

Malware Config

Signatures

Files

docs_pdf_8.iso
.iso
document.lnk
.lnk
vil.dll
.dll windows x64

7203ec25856268deba275d3c50808a4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetEnvironmentStringsA
GetProcessVersion
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
RtlCaptureContext
VirtualProtect
GetModuleFileNameA
GetModuleHandleExA
GetProcAddress
LoadLibraryA
LoadLibraryW
ReplacePartitionUnit
OpenSemaphoreW
SetCalendarInfoA
HeapSummary
GetCurrentThreadId
GetCompressedFileSizeTransactedW

user32

CharToOemBuffW
SetMessageExtraInfo
CreateDesktopExA
LookupIconIdFromDirectory
DefFrameProcA
GetLastInputInfo
SetWindowDisplayAffinity
ShowScrollBar

gdi32

GetCurrentObject
CloseFigure
GdiPlayDCScript
GetTextExtentPointW
CreateBitmapIndirect

shell32

SHBindToFolderIDListParent
ShellExecuteEx
SHGetFolderPathA
SHGetMalloc
SHGetUnreadMailCountW

ole32

CoSetProxyBlanket
HMENU_UserUnmarshal
CoUnmarshalInterface
HBITMAP_UserUnmarshal
CoBuildVersion
CLIPFORMAT_UserSize

Exports

Exports

IternalJob
QuerySettings

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 910KB - Virtual size: 909KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

7203ec25856268deba275d3c50808a4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 910KB - Virtual size: 909KB

.pdata Size: 512B - Virtual size: 408B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 910KB - Virtual size: 909KB

.pdata
Size: 512B - Virtual size: 408B

.rsrc
Size: 4KB - Virtual size: 3KB