ed072d025d7043ac40a79713312cf5e67aaa4facf50e1f1fb61d183d62cbe0a9[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ed072d025d7043ac40a79713312cf5e67aaa4facf50e1f1fb61d183d62cbe0a9.zip
Size

398KB
MD5

18bc6475b98737d3d71db5852daccf5c
SHA1

eb6a5398e02c446bb2de86ffb1af5392c0b79c5e
SHA256

5dadddeec7fe77d4d2da9b62e8fa09e0f3e682999bc41bce899d7f5ac4484542
SHA512

267651dc7f91568cbe85ad99ac9c0725385b84dba97e693efa8a99c21cc1e376d1d7829392a209cbf448bfbe51a432ed8a4cc31f92c3d178bb24b5c55760029e
SSDEEP

6144:nGRdfPn2nXnC0oxR8rNSkcxz+eBJiF+zlh3813bi/MldnlHdGOdmGxeGTwBQQV1x:nqdWXnleGszJBoFKruriwzdGOrESkms9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ed072d025d7043ac40a79713312cf5e67aaa4facf50e1f1fb61d183d62cbe0a9.dll

Files

ed072d025d7043ac40a79713312cf5e67aaa4facf50e1f1fb61d183d62cbe0a9.zip
.zip

Password: infected
ed072d025d7043ac40a79713312cf5e67aaa4facf50e1f1fb61d183d62cbe0a9.dll
.dll windows x86

70f14b5cb667842cb2030f8ea7a53ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetTickCount
GetTimeZoneInformation
FindNextFileA
FindFirstFileA
FindClose
GetVolumeInformationA
GetVersion
GetFullPathNameA
SetCurrentDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenA
IsBadWritePtr
lstrcpyA
GetDriveTypeA
GetLastError
SetLastError
GetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetDiskFreeSpaceA
SetErrorMode
MoveFileA
SetFileAttributesA
CloseHandle
SetFileTime
CreateFileA
GetFileAttributesA
SystemTimeToFileTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetCurrentProcessId
InterlockedExchange
Sleep
GetCurrentThreadId
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetSystemTimeAsFileTime

ole32

CoInitialize
CoUninitialize

shell32

SHGetDesktopFolder
SHFileOperationA
SHGetMalloc

user32

GetDesktopWindow
CharLowerBuffA
CharUpperBuffA

Exports

Exports

n?0B3dCamera@@QAE@ABV0@@Z
n?0B3dCamera@@QAE@ABVB3DPoint@basegfx@@ABVB3DVector@2@NNE@Z
n?0B3dTransformationSet@@QAE@ABV0@@Z
n?0B3dTransformationSet@@QAE@XZ
n?0B3dViewport@@QAE@ABV0@@Z
n?0B3dViewport@@QAE@XZ
n?0BigInt@@QAE@ABV0@@Z
n?0BigInt@@QAE@ABVByteString@@@Z
n?0BigInt@@QAE@ABVString@@@Z
n?0BigInt@@QAE@F@Z
n?0BigInt@@QAE@G@Z
n?0BigInt@@QAE@H@Z
n?0BigInt@@QAE@J@Z
n?0BigInt@@QAE@K@Z
n?0BigInt@@QAE@N@Z
n?0BigInt@@QAE@XZ
n?0ByteString@@QAE@ABV0@@Z
n?0ByteString@@QAE@ABV0@GG@Z
n?0ByteString@@QAE@ABVOString@rtl@@@Z
n?0ByteString@@QAE@ABVString@@GGGK@Z
n?0ByteString@@QAE@ABVString@@GK@Z
n?0ByteString@@QAE@D@Z
n?0ByteString@@QAE@PBD@Z
n?0ByteString@@QAE@PBDG@Z
n?0ByteString@@QAE@PBGGGK@Z
n?0ByteString@@QAE@PBGGK@Z
n?0ByteString@@QAE@XZ
n?0Color@@QAE@ABVBColor@basegfx@@@Z
n?0Color@@QAE@ABVResId@@@Z
n?0Color@@QAE@EEE@Z
n?0Color@@QAE@EEEE@Z
n?0Color@@QAE@K@Z
n?0Color@@QAE@XZ
n?0Config@@QAE@ABVString@@@Z
n?0Config@@QAE@XZ
n?0Container@@QAE@ABV0@@Z
n?0Container@@QAE@GGG@Z
n?0Container@@QAE@K@Z
n?0Date@@QAE@ABV0@@Z
n?0Date@@QAE@ABVResId@@@Z
n?0Date@@QAE@GGG@Z
n?0Date@@QAE@K@Z
n?0Date@@QAE@XZ
n?0DateTime@@QAE@ABV0@@Z
n?0DateTime@@QAE@ABVDate@@@Z
n?0DateTime@@QAE@ABVDate@@ABVTime@@@Z
n?0DateTime@@QAE@ABVTime@@@Z
n?0DateTime@@QAE@XZ
n?0Dir@@QAA@ABVDirEntry@@HHZZ
n?0Dir@@QAE@ABVDirEntry@@H@Z
n?0Dir@@QAE@XZ
n?0DirEntry@@AAE@ABVByteString@@W4DirEntryFlag@@W4FSysPathStyle@@@Z
n?0DirEntry@@QAE@ABV0@@Z
n?0DirEntry@@QAE@ABVByteString@@W4FSysPathStyle@@@Z
n?0DirEntry@@QAE@ABVString@@W4FSysPathStyle@@@Z
n?0DirEntry@@QAE@W4DirEntryFlag@@@Z
n?0DynamicErrorInfo@@QAE@ABV0@@Z
n?0DynamicErrorInfo@@QAE@KG@Z
n?0ErrorContext@@QAE@ABV0@@Z
n?0ErrorContext@@QAE@PAVWindow@@@Z
n?0ErrorHandler@@QAE@ABV0@@Z
n?0ErrorHandler@@QAE@XZ
n?0FileCopier@@QAE@ABV0@@Z
n?0FileCopier@@QAE@ABVDirEntry@@0@Z
n?0FileCopier@@QAE@XZ
n?0FileStat@@IAE@PBX0@Z
n?0FileStat@@QAE@ABV0@@Z
n?0FileStat@@QAE@ABVDirEntry@@H@Z
n?0FileStat@@QAE@XZ
n?0FixedMemPool@@QAE@PBDGGG@Z
n?0Fraction@@QAE@ABV0@@Z
n?0Fraction@@QAE@JJ@Z
n?0Fraction@@QAE@JJJJ@Z
n?0Fraction@@QAE@N@Z
n?0Fraction@@QAE@XZ
n?0GenericInformation@@QAE@ABV0@E@Z
n?0GenericInformation@@QAE@ABVByteString@@0PAVGenericInformationList@@1@Z
n?0GenericInformationList@@QAE@ABV0@PAVGenericInformation@@@Z
n?0GenericInformationList@@QAE@PAVGenericInformation@@@Z
n?0INetContentTypeParameterList@@QAE@ABV0@@Z
n?0INetContentTypeParameterList@@QAE@XZ
n?0INetIStream@@QAE@XZ
n?0INetMIMEMessage@@QAE@ABV0@@Z
n?0INetMIMEMessage@@QAE@XZ
n?0INetMIMEMessageStream@@QAE@K@Z
n?0INetRFC822Message@@QAE@ABV0@@Z
n?0INetRFC822Message@@QAE@XZ
n?0INetURLObject@@QAE@ABV0@@Z
n?0INetURLObject@@QAE@ABVByteString@@W4EncodeMechanism@0@G@Z
n?0INetURLObject@@QAE@ABVOUString@rtl@@W4EncodeMechanism@0@G@Z
n?0INetURLObject@@QAE@ABVOUString@rtl@@W4FSysStyle@0@@Z
n?0INetURLObject@@QAE@ABVOUString@rtl@@W4INetProtocol@@W4EncodeMechanism@0@GW4FSysStyle@0@@Z
n?0INetURLObject@@QAE@XZ
n?0InformationParser@@QAE@ABV0@@Z
n?0InformationParser@@QAE@E@Z
n?0Iterator@StringRangeEnumerator@@AAE@PBV1@PBV?$set@JU?$less@J@std@@V?$allocator@J@2@@std@@JJ@Z
n?0Iterator@StringRangeEnumerator@@QAE@XZ
n?0Line@@QAE@ABVPoint@@0@Z
n?0Line@@QAE@XZ
n?0Link@@QAE@PAXP6AJ00@Z@Z
n?0Link@@QAE@XZ
n?0MessageInfo@@QAE@ABV0@@Z
n?0MessageInfo@@QAE@KABVString@@G@Z
n?0MessageInfo@@QAE@KG@Z
n?0MultiSelection@@QAE@ABV0@@Z
n?0MultiSelection@@QAE@ABVRange@@@Z
n?0MultiSelection@@QAE@ABVString@@GG@Z
n?0MultiSelection@@QAE@XZ
n?0PolyPolygon@@QAE@ABV0@@Z
n?0PolyPolygon@@QAE@ABVB2DPolyPolygon@basegfx@@@Z
n?0PolyPolygon@@QAE@ABVPolygon@@@Z
n?0PolyPolygon@@QAE@GG@Z
n?0Polygon@@QAE@ABV0@@Z
n?0Polygon@@QAE@ABVB2DPolygon@basegfx@@@Z
n?0Polygon@@QAE@ABVPoint@@000G@Z
n?0Polygon@@QAE@ABVPoint@@JJG@Z
n?0Polygon@@QAE@ABVRectangle@@@Z
n?0Polygon@@QAE@ABVRectangle@@ABVPoint@@1W4PolyStyle@@@Z
n?0Polygon@@QAE@ABVRectangle@@KK@Z
n?0Polygon@@QAE@G@Z
n?0Polygon@@QAE@GPBVPoint@@PBE@Z
n?0Polygon@@QAE@XZ
n?0Rectangle@@QAE@ABVPoint@@0@Z
n?0Rectangle@@QAE@ABVPoint@@ABVSize@@@Z
n?0Rectangle@@QAE@JJJJ@Z
n?0Rectangle@@QAE@XZ
n?0ResMgr@@AAE@PAVInternalResMgr@@@Z
n?0ResStringArray@@QAE@ABVResId@@@Z
n?0Resource@@IAE@ABVResId@@@Z
n?0Resource@@IAE@XZ
n?0SimpleErrorHandler@@QAE@ABV0@@Z
n?0SimpleErrorHandler@@QAE@XZ
n?0SimpleResMgr@@QAE@ABVOUString@rtl@@AAULocale@lang@star@sun@com@@@Z
n?0SimpleResMgr@@QAE@PBDABULocale@lang@star@sun@com@@@Z
n?0String@@QAE@ABV0@@Z
n?0String@@QAE@ABV0@GG@Z
n?0String@@QAE@ABVByteString@@GGGK@Z
n?0String@@QAE@ABVByteString@@GK@Z
n?0String@@QAE@ABVOUString@rtl@@@Z
n?0String@@QAE@ABVResId@@@Z
n?0String@@QAE@D@Z
n?0String@@QAE@G@Z
n?0String@@QAE@PBDGGK@Z
n?0String@@QAE@PBDGK@Z
n?0String@@QAE@PBG@Z
n?0String@@QAE@PBGG@Z
n?0String@@QAE@XZ
n?0StringErrorInfo@@QAE@ABV0@@Z
n?0StringErrorInfo@@QAE@KABVString@@G@Z
n?0StringRangeEnumerator@@QAE@ABV0@@Z
n?0StringRangeEnumerator@@QAE@ABVOUString@rtl@@JJJ@Z
n?0StringRangeEnumerator@@QAE@XZ
n?0SuperSvPersistBaseMemberList@@QAE@ABV0@@Z
n?0SuperSvPersistBaseMemberList@@QAE@GG@Z
n?0SuperSvPersistBaseMemberList@@QAE@XZ
n?0SvBorder@@QAE@ABVRectangle@@0@Z
n?0SvBorder@@QAE@ABVSize@@@Z
n?0SvBorder@@QAE@JJJJ@Z
n?0SvBorder@@QAE@XZ
n?0SvCacheStream@@QAE@ABVString@@KK@Z
n?0SvCacheStream@@QAE@K@Z
n?0SvClassManager@@QAE@ABV0@@Z
n?0SvClassManager@@QAE@XZ
n?0SvDataCopyStream@@QAE@ABV0@@Z
n?0SvDataCopyStream@@QAE@XZ
n?0SvFileStream@@QAE@ABVString@@G@Z
n?0SvFileStream@@QAE@XZ
n?0SvGlobalName@@QAE@ABU_GUID@@@Z
n?0SvGlobalName@@QAE@ABV0@@Z
n?0SvGlobalName@@QAE@ABV?$Sequence@C@uno@star@sun@com@@@Z
n?0SvGlobalName@@QAE@KGGEEEEEEEE@Z
n?0SvGlobalName@@QAE@PAUImpSvGlobalName@@@Z
n?0SvGlobalName@@QAE@XZ
n?0SvLockBytes@@QAE@ABV0@@Z
n?0SvLockBytes@@QAE@PAVSvStream@@E@Z
n?0SvLockBytes@@QAE@XZ
n?0SvMemoryStream@@IAE@PAX@Z
n?0SvMemoryStream@@QAE@KK@Z
n?0SvMemoryStream@@QAE@PAXKG@Z
n?0SvOpenLockBytes@@QAE@ABV0@@Z
n?0SvOpenLockBytes@@QAE@PAVSvStream@@E@Z
n?0SvOpenLockBytes@@QAE@XZ
n?0SvPersistBaseMemberList@@QAE@ABV0@@Z
n?0SvPersistBaseMemberList@@QAE@GG@Z
n?0SvPersistBaseMemberList@@QAE@XZ
n?0SvPersistStream@@QAE@AAVSvClassManager@@PAVSvStream@@ABV0@@Z
n?0SvPersistStream@@QAE@AAVSvClassManager@@PAVSvStream@@K@Z
n?0SvRefBase@@QAE@ABV0@@Z
n?0SvRefBase@@QAE@XZ
n?0SvRttiBase@@QAE@ABV0@@Z
n?0SvRttiBase@@QAE@XZ
n?0SvStream@@QAE@PAVSvLockBytes@@@Z
n?0SvStream@@QAE@XZ
n?0Table@@QAE@ABV0@@Z
n?0Table@@QAE@GG@Z
n?0TempFile@@QAE@ABVString@@PBV1@1E@Z
n?0TempFile@@QAE@PBVString@@E@Z
n?0Time@@QAE@ABV0@@Z
n?0Time@@QAE@ABVResId@@@Z
n?0Time@@QAE@J@Z
n?0Time@@QAE@KKKK@Z
n?0Time@@QAE@XZ
n?0TwoStringErrorInfo@@QAE@ABV0@@Z
n?0TwoStringErrorInfo@@QAE@KABVString@@0G@Z
n?0UniqueIdContainer@@QAE@ABV0@@Z
n?0UniqueIdContainer@@QAE@KKK@Z
n?0UniqueIndex@@QAE@ABV0@@Z
n?0UniqueIndex@@QAE@KKK@Z
n?0VersionCompat@@AAE@ABV0@@Z
n?0VersionCompat@@AAE@XZ
n?0VersionCompat@@QAE@AAVSvStream@@GG@Z
n?0WildCard@@QAE@ABV0@@Z
n?0WildCard@@QAE@ABVString@@D@Z
n?0WildCard@@QAE@XZ
n?0ZCodec@@QAE@ABV0@@Z
n?0ZCodec@@QAE@KKK@Z
n?0ZCodec@@QAE@XZ
n?1B3dCamera@@UAE@XZ
n?1B3dTransformationSet@@UAE@XZ
n?1B3dViewport@@UAE@XZ
n?1ByteString@@QAE@XZ
n?1Config@@QAE@XZ
n?1Container@@QAE@XZ
n?1Dir@@QAE@XZ
n?1DirEntry@@QAE@XZ
n?1DynamicErrorInfo@@UAE@XZ
n?1ErrorContext@@UAE@XZ
n?1ErrorHandler@@UAE@XZ
n?1FileCopier@@UAE@XZ
n?1FileStat@@QAE@XZ
n?1FixedMemPool@@QAE@XZ
n?1GenericInformation@@QAE@XZ
n?1GenericInformationList@@QAE@XZ
n?1INetContentTypeParameterList@@QAE@XZ
n?1INetIStream@@UAE@XZ
n?1INetMIMEMessage@@UAE@XZ
n?1INetMIMEMessageStream@@UAE@XZ
n?1INetRFC822Message@@UAE@XZ
n?1INetURLObject@@QAE@XZ
n?1InformationParser@@UAE@XZ
n?1MessageInfo@@UAE@XZ
n?1MultiSelection@@QAE@XZ
n?1PolyPolygon@@QAE@XZ
n?1Polygon@@QAE@XZ
n?1ResMgr@@QAE@XZ
n?1ResStringArray@@QAE@XZ
n?1Resource@@QAE@XZ
n?1SimpleErrorHandler@@UAE@XZ
n?1SimpleResMgr@@UAE@XZ
n?1String@@QAE@XZ
n?1StringErrorInfo@@UAE@XZ
n?1StringRangeEnumerator@@QAE@XZ
n?1SuperSvPersistBaseMemberList@@QAE@XZ
n?1SvCacheStream@@UAE@XZ
n?1SvClassManager@@QAE@XZ
n?1SvDataCopyStream@@UAE@XZ
n?1SvFileStream@@UAE@XZ
n?1SvGlobalName@@QAE@XZ
n?1SvLockBytes@@UAE@XZ
n?1SvMemoryStream@@UAE@XZ
n?1SvOpenLockBytes@@UAE@XZ
n?1SvPersistBaseMemberList@@QAE@XZ
n?1SvPersistStream@@UAE@XZ
n?1SvRefBase@@MAE@XZ
n?1SvRttiBase@@UAE@XZ
n?1SvStream@@UAE@XZ
n?1Table@@QAE@XZ
n?1TempFile@@QAE@XZ
n?1TwoStringErrorInfo@@UAE@XZ
n?1UniqueIdContainer@@QAE@XZ
n?1UniqueIndex@@QAE@XZ
n?1VersionCompat@@QAE@XZ
n?1WildCard@@QAE@XZ
n?1ZCodec@@UAE@XZ
n?4B3dCamera@@QAEAAV0@ABV0@@Z
n?4B3dTransformationSet@@QAEAAV0@ABV0@@Z
n?4B3dViewport@@QAEAAV0@ABV0@@Z
n?4BigInt@@QAEAAV0@ABV0@@Z
n?4BigInt@@QAEAAV0@F@Z
n?4BigInt@@QAEAAV0@G@Z
n?4BigInt@@QAEAAV0@H@Z
n?4BigInt@@QAEAAV0@J@Z
n?4ByteString@@QAEAAV0@ABV0@@Z
n?4ByteString@@QAEAAV0@ABVOString@rtl@@@Z
n?4ByteString@@QAEAAV0@D@Z
n?4ByteString@@QAEAAV0@PBD@Z
n?4Color@@QAEAAV0@ABV0@@Z
n?4Container@@QAEAAV0@ABV0@@Z
n?4Date@@QAEAAV0@ABV0@@Z
n?4DateTime@@QAEAAV0@ABV0@@Z
n?4DirEntry@@QAEAAV0@ABV0@@Z
n?4DynamicErrorInfo@@QAEAAV0@ABV0@@Z
n?4ErrorContext@@QAEAAV0@ABV0@@Z
n?4ErrorHandler@@QAEAAV0@ABV0@@Z
n?4FileCopier@@QAEAAV0@ABV0@@Z
n?4FileStat@@QAEAAV0@ABV0@@Z
n?4FixedMemPool@@QAEAAV0@ABV0@@Z
n?4Fraction@@QAEAAV0@ABV0@@Z
n?4GenericInformation@@QAEAAV0@ABV0@@Z
n?4GenericInformationList@@QAEAAV0@ABV0@@Z
n?4INetContentTypeParameterList@@QAEAAV0@ABV0@@Z
n?4INetMIME@@QAEAAV0@ABV0@@Z
n?4INetMIMEMessage@@QAEAAV0@ABV0@@Z
n?4INetRFC822Message@@QAEAAV0@ABV0@@Z
n?4INetURLObject@@QAEAAV0@ABV0@@Z
n?4InformationParser@@QAEAAV0@ABV0@@Z
n?4Iterator@StringRangeEnumerator@@QAEAAV01@ABV01@@Z
n?4Line@@QAEAAV0@ABV0@@Z
n?4Link@@QAEAAV0@ABV0@@Z
n?4MessageInfo@@QAEAAV0@ABV0@@Z
n?4MultiSelection@@QAEAAV0@ABV0@@Z
n?4PolyPolygon@@QAEAAV0@ABV0@@Z
n?4Polygon@@QAEAAV0@ABV0@@Z
n?4Rectangle@@QAEAAV0@ABV0@@Z
n?4Resource@@QAEAAV0@ABV0@@Z
n?4SimpleErrorHandler@@QAEAAV0@ABV0@@Z
n?4SolarMutex@tools@@QAEAAV01@ABV01@@Z
n?4String@@QAEAAV0@ABV0@@Z
n?4String@@QAEAAV0@ABVOUString@rtl@@@Z
n?4String@@QAEAAV0@D@Z
n?4String@@QAEAAV0@G@Z
n?4String@@QAEAAV0@PBG@Z
n?4StringErrorInfo@@QAEAAV0@ABV0@@Z
n?4StringRangeEnumerator@@QAEAAV0@ABV0@@Z
n?4SuperSvPersistBaseMemberList@@QAEAAV0@ABV0@@Z
n?4SvBorder@@QAEAAV0@ABV0@@Z
n?4SvClassManager@@QAEAAV0@ABV0@@Z
n?4SvDataCopyStream@@QAEAAV0@ABV0@@Z
n?4SvGlobalName@@QAEAAV0@ABV0@@Z
n?4SvLibrary@@QAEAAV0@ABV0@@Z
n?4SvLockBytes@@QAEAAV0@ABV0@@Z
n?4SvOpenLockBytes@@QAEAAV0@ABV0@@Z
n?4SvPersistBaseMemberList@@QAEAAV0@ABV0@@Z
n?4SvRefBase@@QAEAAV0@ABV0@@Z
n?4SvRttiBase@@QAEAAV0@ABV0@@Z
n?4Table@@QAEAAV0@ABV0@@Z
n?4TempFile@@QAEAAV0@ABV0@@Z
n?4Time@@QAEAAV0@ABV0@@Z
n?4TwoStringErrorInfo@@QAEAAV0@ABV0@@Z
n?4UniqueIdContainer@@QAEAAV0@ABV0@@Z
n?4UniqueIndex@@QAEAAV0@ABV0@@Z
n?4VersionCompat@@AAEAAV0@ABV0@@Z
n?4WildCard@@QAEAAV0@ABV0@@Z
n?4WildCard@@QAEAAV0@ABVString@@@Z
n?4ZCodec@@QAEAAV0@ABV0@@Z
n?5@YAAAVSvPersistStream@@AAV0@AAPAVSvPersistBase@@@Z
n?5@YAAAVSvPersistStream@@AAV0@AAVSvPersistBaseMemberList@@@Z
n?5@YAAAVSvStream@@AAV0@AAVColor@@@Z
n?5@YAAAVSvStream@@AAV0@AAVFraction@@@Z
n?5@YAAAVSvStream@@AAV0@AAVPair@@@Z
n?5@YAAAVSvStream@@AAV0@AAVPolyPolygon@@@Z
n?5@YAAAVSvStream@@AAV0@AAVPolygon@@@Z
n?5@YAAAVSvStream@@AAV0@AAVRectangle@@@Z
n?5@YAAAVSvStream@@AAV0@AAVSvGlobalName@@@Z
n?5INetMIMEMessage@@MAEAAVSvStream@@AAV1@@Z
n?5INetRFC822Message@@MAEAAVSvStream@@AAV1@@Z
n?5SvStream@@QAEAAV0@AAC@Z
n?5SvStream@@QAEAAV0@AAD@Z
n?5SvStream@@QAEAAV0@AAE@Z
n?5SvStream@@QAEAAV0@AAF@Z
n?5SvStream@@QAEAAV0@AAG@Z
n?5SvStream@@QAEAAV0@AAH@Z
n?5SvStream@@QAEAAV0@AAJ@Z
n?5SvStream@@QAEAAV0@AAK@Z
n?5SvStream@@QAEAAV0@AAM@Z
n?5SvStream@@QAEAAV0@AAN@Z
n?5SvStream@@QAEAAV0@AAV0@@Z
n?5SvStream@@QAEAAV0@AAVByteString@@@Z
n?6@YAAAVSvPersistStream@@AAV0@ABVSvPersistBaseMemberList@@@Z
n?6@YAAAVSvPersistStream@@AAV0@PAVSvPersistBase@@@Z
n?6@YAAAVSvStream@@AAV0@ABVColor@@@Z
n?6@YAAAVSvStream@@AAV0@ABVFraction@@@Z
n?6@YAAAVSvStream@@AAV0@ABVPair@@@Z
n?6@YAAAVSvStream@@AAV0@ABVPolyPolygon@@@Z
n?6@YAAAVSvStream@@AAV0@ABVPolygon@@@Z
n?6@YAAAVSvStream@@AAV0@ABVRectangle@@@Z
n?6@YAAAVSvStream@@AAV0@ABVSvGlobalName@@@Z
n?6INetMIMEMessage@@MBEAAVSvStream@@AAV1@@Z
n?6INetRFC822Message@@MBEAAVSvStream@@AAV1@@Z
n?6SvStream@@QAEAAV0@AAV0@@Z
n?6SvStream@@QAEAAV0@ABN@Z
n?6SvStream@@QAEAAV0@ABVByteString@@@Z
n?6SvStream@@QAEAAV0@C@Z
n?6SvStream@@QAEAAV0@D@Z
n?6SvStream@@QAEAAV0@E@Z
n?6SvStream@@QAEAAV0@F@Z
n?6SvStream@@QAEAAV0@G@Z
n?6SvStream@@QAEAAV0@H@Z
n?6SvStream@@QAEAAV0@J@Z
n?6SvStream@@QAEAAV0@K@Z
n?6SvStream@@QAEAAV0@M@Z
n?6SvStream@@QAEAAV0@PBD@Z
n?6SvStream@@QAEAAV0@PBE@Z
n?7Link@@QBEEXZ
n?7MultiSelection@@QBEEXZ
n?8@YAEABVBigInt@@0@Z
n?8@YAEABVFraction@@0@Z
n?8Color@@QBEEABV0@@Z
n?8Container@@QBEEABV0@@Z
n?8Date@@QBEEABV0@@Z
n?8DateTime@@QBEEABV0@@Z
n?8DirEntry@@QBEEABV0@@Z
n?8INetURLObject@@QBE_NABV0@@Z
n?8Iterator@StringRangeEnumerator@@QBE_NABV01@@Z
n?8Link@@QBEEABV0@@Z
n?8MultiSelection@@QAEEAAV0@@Z
n?8PolyPolygon@@QBEEABV0@@Z
n?8Polygon@@QBEEABV0@@Z
n?8Rectangle@@QBEEABV0@@Z
n?8SvBorder@@QBEEABV0@@Z
n?8SvGlobalName@@QBEEABV0@@Z
n?8Table@@QBEEABV0@@Z
n?8Time@@QBEEABV0@@Z
n?8UniqueIndex@@QBEEABV0@@Z
n?8VersionCompat@@AAEEABV0@@Z
n?8WildCard@@QBEEABVString@@@Z
n?9Color@@QBEEABV0@@Z
n?9Container@@QBEEABV0@@Z
n?9Date@@QBEEABV0@@Z
n?9DateTime@@QBEEABV0@@Z
n?9DirEntry@@QBEEABV0@@Z
n?9INetURLObject@@QBE_NABV0@@Z
n?9Iterator@StringRangeEnumerator@@QBE_NABV01@@Z
n?9Link@@QBEEABV0@@Z
n?9MultiSelection@@QAEEAAV0@@Z
n?9PolyPolygon@@QBEEABV0@@Z
n?9Polygon@@QBEEABV0@@Z
n?9Rectangle@@QBEEABV0@@Z
n?9SvBorder@@QBEEABV0@@Z
n?9SvGlobalName@@QBEEABV0@@Z
n?9Table@@QBEEABV0@@Z
n?9Time@@QBEEABV0@@Z
n?9UniqueIndex@@QBEEABV0@@Z
n?9WildCard@@QBEEABVString@@@Z
n?ADir@@QBEAAVDirEntry@@G@Z
n?ADirEntry@@QBEABV0@G@Z
n?APolyPolygon@@QAEAAVPolygon@@G@Z
n?APolyPolygon@@QBEABVPolygon@@G@Z
n?APolygon@@QAEAAVPoint@@G@Z
n?APolygon@@QBEABVPoint@@G@Z
n?BBigInt@@QBEFXZ
n?BBigInt@@QBEGXZ
n?BBigInt@@QBEHXZ
n?BBigInt@@QBEJXZ
n?BBigInt@@QBEKXZ
n?BBigInt@@QBENXZ
n?BByteString@@QBE?AVOString@rtl@@XZ
n?BDynamicErrorInfo@@QBEKXZ
n?BFraction@@QBEJXZ
n?BFraction@@QBENXZ
n?BString@@QBE?AVOUString@rtl@@XZ
n?BSvMemoryStream@@QAEPBXXZ
n?DIterator@StringRangeEnumerator@@QBEJXZ
n?EDate@@QAE?AV0@H@Z
n?EDate@@QAEAAV0@XZ
n?EIterator@StringRangeEnumerator@@QAEAAV01@XZ
n?ESvGlobalName@@QAEAAV0@XZ
n?FDate@@QAE?AV0@H@Z
n?FDate@@QAEAAV0@XZ
n?G@YA?AVDate@@ABV0@J@Z
n?G@YA?AVDateTime@@ABV0@ABVTime@@@Z
n?G@YA?AVDateTime@@ABV0@J@Z
n?G@YA?AVDateTime@@ABV0@N@Z
n?G@YA?AVTime@@ABV0@0@Z
n?G@YAJABVDate@@0@Z
n?G@YAJABVDateTime@@ABVDate@@@Z
n?G@YANABVDateTime@@0@Z
n?GTime@@QBE?AV0@XZ
n?H@YA?AVDate@@ABV0@J@Z
n?H@YA?AVDateTime@@ABV0@ABVTime@@@Z
n?H@YA?AVDateTime@@ABV0@J@Z
n?H@YA?AVDateTime@@ABV0@N@Z
n?H@YA?AVTime@@ABV0@0@Z
n?HDirEntry@@QBE?AV0@ABV0@@Z
n?M@YAEABVBigInt@@0@Z
n?M@YAEABVFraction@@0@Z
n?MDate@@QBEEABV0@@Z
n?MDateTime@@QBEEABV0@@Z
n?MINetURLObject@@QBE_NABV0@@Z
n?MLink@@QBEEABV0@@Z
n?MSvGlobalName@@QBEEABV0@@Z
n?MTime@@QBEEABV0@@Z
n?NDate@@QBEEABV0@@Z
n?NDateTime@@QBEEABV0@@Z
n?NTime@@QBEEABV0@@Z
n?O@YAEABVBigInt@@0@Z
n?O@YAEABVFraction@@0@Z
n?ODate@@QBEEABV0@@Z
n?ODateTime@@QBEEABV0@@Z
n?OINetURLObject@@QBE_NABV0@@Z
n?OTime@@QBEEABV0@@Z
n?PDate@@QBEEABV0@@Z
n?PDateTime@@QBEEABV0@@Z
n?PTime@@QBEEABV0@@Z
n?RWildCard@@QBE?BVString@@XZ
n?XBigInt@@QAEAAV0@ABV0@@Z
n?XFraction@@QAEAAV0@ABV0@@Z
n?Y@YAAAVRectangle@@AAV0@ABVSvBorder@@@Z
n?YBigInt@@QAEAAV0@ABV0@@Z
n?YByteString@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

70f14b5cb667842cb2030f8ea7a53ffe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 378KB - Virtual size: 378KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 116KB - Virtual size: 112KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 378KB - Virtual size: 378KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 116KB - Virtual size: 112KB

.reloc
Size: 17KB - Virtual size: 17KB