zloader | 0d533321292f6854d7f9705a738d58ee5941c93b52674681083ec5c21a987ab1_unpacked

Reason

config extraction: Zloader: zloader: not enough configuration available

General

Target

0d533321292f6854d7f9705a738d58ee5941c93b52674681083ec5c21a987ab1_unpacked
Size

156KB
MD5

d9260a4b6dbbd14005070ea871f4cfd2
SHA1

456ce2295431e297036bf9f185b6a80d1866f849
SHA256

d010b0b5bff25d4cc9b65d8f24e4ae5b596804d4c60c506e993d312323a881bb
SHA512

43ba2387df4cae14d3b696d9ac23977e32eadd30dff24b862fc9dcc33d9b73bdfba40d6363b8906627454cbc76635720c64b35d7bbeecf27ba71673c62957fbe
SSDEEP

3072:EcuwpCTxFeqTqLtg2l3z1TR9lPl4Bq89CP9qCL3qZnd2+gvcYwl6:tuwpCTxFIljz9lPCBq8jaL

Score

10^/10

zloader

Malware Config

Extracted

Family

zloader

Attributes

build_id
49

Signatures

Zloader family
zloader

Files

0d533321292f6854d7f9705a738d58ee5941c93b52674681083ec5c21a987ab1_unpacked
.dll regsvr32 windows x86

326c6637a425baf7aa2365abce2dae84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CreateEventW
CreateFileW
EnumSystemLocalesW
ExitProcess
FlushFileBuffers
FreeLibrary
GetACP
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetDateFormatW
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetUserDefaultLCID
GetVersion
GlobalAlloc
HeapReAlloc
IsValidLocale
LCMapStringW
LeaveCriticalSection
LocalAlloc
MultiByteToWideChar
ResetEvent
SetEndOfFile
SetEvent
SetStdHandle
SystemTimeToFileTime
VirtualFree
WaitForSingleObject
WriteFile
lstrcmpiW

shlwapi

PathAddBackslashW

shell32

ShellAboutW

user32

AppendMenuW
CharNextA
CheckMenuItem
CopyRect
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxIndirectParamW
EnableWindow
FillRect
GetClassNameW
GetDC
GetMenuState
GetProcessDefaultLayout
GetSysColor
GetSystemMetrics
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
InvalidateRgn
IsDialogMessageW
IsIconic
IsWindowEnabled
LoadAcceleratorsW
LoadCursorW
LoadImageW
LoadMenuA
MapWindowPoints
MessageBoxW
MoveWindow
RedrawWindow
ScreenToClient
SetCursor
SetDlgItemInt
SetFocus
SetPropW
SetTimer
SetWindowPlacement
TrackPopupMenu
UnregisterClassW

gdi32

CreateDIBSection
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EndPage
GetBkColor
GetObjectW
LineTo
SetBkColor
SetBkMode
SetRectRgn
SetTextColor
StartDocA
StartPage

Exports

Exports

DllRegisterServer

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Extracted

Signatures

Files

326c6637a425baf7aa2365abce2dae84

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

shell32

user32

gdi32

Exports

Exports

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 11KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 11KB

.reloc
Size: 10KB - Virtual size: 10KB