zloader | 4afd18322fa314a305c50129c89764ca9f54238c5e89d86a4a312398e8e56ca8_unpacked

Reason

config extraction: Zloader: zloader: not enough configuration available

General

Target

4afd18322fa314a305c50129c89764ca9f54238c5e89d86a4a312398e8e56ca8_unpacked
Size

142KB
MD5

1187a2f3026eed231abc21c2749e4e63
SHA1

6fbe2c541fdb705f29899d7d67eb1c54decc620e
SHA256

4afd18322fa314a305c50129c89764ca9f54238c5e89d86a4a312398e8e56ca8
SHA512

379fdd86d12f61d59ecad4aeb26e4c6873db8b9e863ec941432a4268dde70d7c113098b5968069b22020893edb843ea7451967353375f4ba3775698b733242c2
SSDEEP

3072:WxJqEQmQfL0N8tEs9IWMLsKIUmkIp+L3aOF0sEzdmldTvTMMMy:+JxQmQUs9aLsZkTeOS5di1YNy

Score

10^/10

zloader

Malware Config

Extracted

Family

zloader

Attributes

build_id
929195383

Signatures

Zloader family
zloader

Files

4afd18322fa314a305c50129c89764ca9f54238c5e89d86a4a312398e8e56ca8_unpacked
.exe windows x86

6eb314104d69ef1412f930c6d145d0f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CreateEventW
CreateFileW
DeleteCriticalSection
EnterCriticalSection
ExitThread
ExpandEnvironmentStringsW
GetACP
GetCommandLineW
GetConsoleCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetDateFormatW
GetFileAttributesW
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetProcAddress
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetTimeFormatW
GetUserDefaultLangID
HeapSize
InitializeCriticalSection
LeaveCriticalSection
LocalAlloc
SetEndOfFile
SetHandleCount
VirtualFree
WriteFile
lstrcmpW

shell32

CommandLineToArgvW

user32

CallWindowProcW
CharNextA
CheckMenuItem
CreateDialogParamW
CreatePopupMenu
DispatchMessageW
DrawMenuBar
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
GetClassNameW
GetClassWord
GetClientRect
GetDC
GetMenu
GetMenuState
GetMessageA
GetMessageW
GetParent
GetSystemMetrics
GetWindowPlacement
GetWindowRect
GetWindowTextW
InsertMenuItemW
IntersectRect
InvalidateRect
LoadAcceleratorsW
LoadMenuA
LoadStringW
MessageBeep
RedrawWindow
RegisterClassExW
ScreenToClient
SetDlgItemInt
SetPropW
SetTimer
SetWindowPlacement
SetWindowPos
ShowWindow
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnregisterClassW
UpdateWindow

gdi32

CreateFontIndirectW
CreateRectRgn
CreateSolidBrush
DeleteObject
ExtCreatePen
GetBkColor
GetDeviceCaps
GetObjectA
GetObjectW
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
StartDocA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Extracted

Signatures

Files

6eb314104d69ef1412f930c6d145d0f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

user32

gdi32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 11KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 11KB

.reloc
Size: 9KB - Virtual size: 9KB