b8712ac9da563512d8f1cb713b2bf1ad9fa2d434934d061a67a5412f65ec48cf

Sharing

Copy URL Twitter E-mail

General

Target

b8712ac9da563512d8f1cb713b2bf1ad9fa2d434934d061a67a5412f65ec48cf
Size

29KB
MD5

7008bfa9b8429f0fffc23a3bcaeed4ce
SHA1

dc17d6508480672603ea7d8d7e879d31c6b7d938
SHA256

b8712ac9da563512d8f1cb713b2bf1ad9fa2d434934d061a67a5412f65ec48cf
SHA512

ff7d86ef70b7d15b41ddbee82b1b94097d058e6df6b480b3055536458300109c36065a5a2e3d0474cd5c96eebcb8ab98098e5649812d457841e66f5cef9fe3ad
SSDEEP

192:BBaJ3f7NP79bbuNGk5TExecRV2JguMOnAiem9BSBf1ZVhbmr0aL5XQEp5KF6:BQD9bbucKTEvoJgEn9yPVhqnLqc5y6

Score

1^/10

Malware Config

Signatures

Files

b8712ac9da563512d8f1cb713b2bf1ad9fa2d434934d061a67a5412f65ec48cf
.dll windows x86

e21583e90da57770a2c3de73e5253ac6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord1182
ord342
ord1253
ord823
ord1168

msvcrt

malloc
_adjust_fdiv
longjmp
__CxxFrameHandler
_initterm
__dllonexit
_onexit
free

kernel32

CreateDirectoryA
DeleteFileA

user32

LoadCursorA

gdi32

DeleteObject

zeonicon

?ZeonIconLoadBitmap@@YAPAUHBITMAP__@@I@Z

zeondata

??0CZeonString@@QAE@ABV0@@Z
?IsEmpty@CZeonString@@QBEHXZ
??BCZeonString@@QAEPADXZ
??8@YAHABVCZeonString@@0@Z
??0CZeonString@@QAE@XZ
??1CZeonString@@UAE@XZ
??0CZeonString@@QAE@PBD@Z
?GetData@CZeonString@@QBEPADXZ
??4CZeonString@@QAEAAV0@ABV0@@Z

zui

?CloneTo@CZZItem@@UAEPAXXZ
?Set@CZCursorGlobal@@QAEXH@Z
??1CZZItem@@UAE@XZ
?FindItem@CZZItem@@QAEPAV1@AAVCZeonString@@@Z
?Register@CZCursorGlobal@@QAEHPAUHICON__@@@Z
?CanPopup@CZZItem@@UAEHXZ
?Execute@CZZItem@@UAEXH@Z
?AddIcon@CZIconSurface@@QAEHPAUHBITMAP__@@H@Z
??0CZZItem@@QAE@XZ
?LoadFromRes@@YA?AVCZeonString@@I@Z
?Set@CZZItem@@QAEXHVCZeonString@@00@Z
?ZUIGetGlobal@@YAPAVCZUIGlobal@@XZ
?AddNext@CZTItem@@QAEXPAV1@@Z
?Popup@CZZItem@@UAEHPAVCZMenu@@VCRect@@HHPAVCZShadowLayer@@PAPAV1@@Z
?IsWithButton@CZItem@@UAEHPAVCZeonString@@00@Z
?SetNotification@CZZItem@@QAEXP6AXPAX@Z0@Z
?Clone@CZZItem@@UAEXPAV1@@Z
?Free@CZTItem@@UAEXXZ
?DrawItem@CZZItem@@UAEXPAVCZSurface@@VCRect@@HH@Z
?OnDblClick@CZItem@@UAEXH@Z
?OnClick@CZItem@@UAEXH@Z
?GetSize@CZZItem@@UAE?AVCSize@@HH@Z

zutil

?Util_PDDocCheckPermEx@@YAHPAU_t_DDDoc@@J@Z
?Util_PDDocCheckPerm@@YAHPAU_t_DDDoc@@J@Z

Exports

Exports

ZeonPlugInMain

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e21583e90da57770a2c3de73e5253ac6

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

zeonicon

zeondata

zui

zutil

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 854B

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 854B