77e0be489fe5338ffdf4d59b4553d1cd7920b0bd6ce4f073b3e661df9d2fb92d

Sharing

Copy URL Twitter E-mail

General

Target

77e0be489fe5338ffdf4d59b4553d1cd7920b0bd6ce4f073b3e661df9d2fb92d
Size

120KB
MD5

81d77a42c26b7bd2e7056bbb7e041167
SHA1

b021fd796e874dae2ab4543eec0ef54cdc70f53f
SHA256

77e0be489fe5338ffdf4d59b4553d1cd7920b0bd6ce4f073b3e661df9d2fb92d
SHA512

b014bb85179e05b45be2c96d76c525c75a1070c823f052b0b88f4b6047e36102a5233f0a2258118023499270ab04de1578389cade2c5071fc80852787f88f22e
SSDEEP

3072:LV4Tk09m1EKOcqgTa8xstHtf7n9y0Z6Vfi2D9+JSJ:qTp/Lcqg1xoWRrD9+o

Score

N/A

Malware Config

Signatures

Files

77e0be489fe5338ffdf4d59b4553d1cd7920b0bd6ce4f073b3e661df9d2fb92d
.dll windows x86

d79ca362623451b81479ff3216bb8cab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ieakeng

SelectADMItem
DisplayADMItem
ErrorMessageBox
CanDeleteADM
ShowADMWindow
BToolbar_Remove
NewFolder
GetAdmWindowHandle
GetFavoritesNumber
GetFavoritesMaxNumber
ModifyAuthCode
MoveDownFavorite
MoveADMWindow
CheckField
CheckForDupKeys
DestroyADMWindow
MoveUpFavorite
BToolbar_Edit
ModifyZones
BuildPalette
CreateADMWindow
ModifyRatings
SaveADMItem
ShowInetcpl
DoReboot
IsFavoriteItem
ProcessFavSelChange

iprtprio

ComputeRouteMetric
SetPriorityInfo
GetPriorityInfo

sisbkup

SisRestoredCommonStoreFile

avifil32

EditStreamSetInfo
AVIFileOpen

kernel32

VirtualAlloc
GetLastError

msvbvm60

__vbaVarTextCmpGt
rtcSetDateVar
__vbaR4Var
rtcAnsiValueBstr
__vbaRecUniToAnsi
__vbaAryLock
rtcChangeDrive
__vbaLsetFixstrFree
__vbaR8Sgn
rtcLowerCaseBstr
__vbaAryVarVarg
rtcGetDayOfWeek
_CIlog
__vbaLdZeroAry
rtcRightTrimBstr
rtI2FromErrVar
__vbaVarForInit
__vbaUdtVar
rtcRemoveDir
__vbaObjSetAddref
rtcGetObject
__vbaVarLikeVar
PutMem8
__vbaUI1I4
rtcRate
__vbaVarTextLikeVar
GetMemNewObj
rtUI1FromErrVar
rtcCreateObject2
__vbaGenerateBoundsError
__vbaVargParmRef
__vbaLateMemNamedCallSt
rtcFormatNumber
Zombie_Invoke
__vbaCopyBytes

gdi32

GetTextExtentPoint32A
ChoosePixelFormat
ResetDCW

qdvd

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

msvidctl

DllUnregisterServer
DllCanUnloadNow
GetProxyDllInfo
DllRegisterServer
DllGetClassObject

netshell

DllGetClassObject
DllCanUnloadNow
NcFreeNetconProperties
DllRegisterServer
NcIsValidConnectionName
HrCreateDesktopIcon
HrRenameConnection
HrLaunchConnection
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 480KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d79ca362623451b81479ff3216bb8cab

Headers

DLL Characteristics

File Characteristics

Imports

ieakeng

iprtprio

sisbkup

avifil32

kernel32

msvbvm60

gdi32

qdvd

msvidctl

netshell

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: - Virtual size: 480KB

.rsrc Size: 1024B - Virtual size: 820B

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 114KB - Virtual size: 113KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 480KB

.rsrc
Size: 1024B - Virtual size: 820B

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 114KB - Virtual size: 113KB