New[.]7z | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

New.7z
Size

1.3MB
MD5

4a0669dd1287f85e595dd08755ba039d
SHA1

b04919cc21e958db088a79b125f9bb967ba3607c
SHA256

b2a9d9fa76e0d276d2a9ee93a0cd32a7796ffa5c5481dba57c89c0590fb61d09
SHA512

2cd1ceba87fe33fdacf6a9e3cbd868dff07088751c01e7e0548733318f70028d8c3051ab0ab8dc7614e685b1d78106fcb77f95e69153fd289f5cd39938acf8d4
SSDEEP

24576:TjnByrJ9Y9rJ/p65savb6Xzzq6FG4qglM3cfEFjxpKgo9lfKR:/Bu9+9/p66avbGq0LqwAcfEJ94KR

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New/3mm.exe
unpack001/New/6mm.exe
unpack001/New/dgbw.exe
unpack001/New/dggw.exe
unpack001/New/vm-uw.exe

Files

New.7z
.7z

Password: infected
New/3mm.exe
.exe windows:5 windows x86 arch:x86

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Work\haozip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

HeapAlloc
LocalFree
GetProcessHeap
GetFileAttributesW
LoadLibraryW
CloseHandle
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetEnvironmentVariableW
GetCurrentThread
GetCommandLineW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
CreateFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
InterlockedExchangeAdd
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetACP
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
FileTimeToSystemTime
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
HeapFree
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetStringTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
SetTimer
IsDialogMessageW
TranslateMessage
LoadIconW
KillTimer
PostQuitMessage
EnableWindow
ScreenToClient
IsWindow
MessageBoxW
ShowWindow
PostMessageW
GetWindowRect
SetWindowPos
DialogBoxParamW
SendMessageW
EndDialog
SetWindowTextW
SetFocus
GetDlgItem
GetWindowTextW
IsWindowVisible
CreateDialogParamW
GetMessageW
GetDesktopWindow
LoadStringW
DestroyIcon
GetSystemMetrics

gdi32

CreateSolidBrush
DeleteObject

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New/6mm.exe
.exe windows:5 windows x86 arch:x86

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Work\haozip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

HeapAlloc
LocalFree
GetProcessHeap
GetFileAttributesW
LoadLibraryW
CloseHandle
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetEnvironmentVariableW
GetCurrentThread
GetCommandLineW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
CreateFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
InterlockedExchangeAdd
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetACP
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
FileTimeToSystemTime
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
HeapFree
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetStringTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
SetTimer
IsDialogMessageW
TranslateMessage
LoadIconW
KillTimer
PostQuitMessage
EnableWindow
ScreenToClient
IsWindow
MessageBoxW
ShowWindow
PostMessageW
GetWindowRect
SetWindowPos
DialogBoxParamW
SendMessageW
EndDialog
SetWindowTextW
SetFocus
GetDlgItem
GetWindowTextW
IsWindowVisible
CreateDialogParamW
GetMessageW
GetDesktopWindow
LoadStringW
DestroyIcon
GetSystemMetrics

gdi32

CreateSolidBrush
DeleteObject

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New/dgbw.exe
.exe windows:5 windows x86 arch:x86

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Work\haozip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

HeapAlloc
LocalFree
GetProcessHeap
GetFileAttributesW
LoadLibraryW
CloseHandle
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetEnvironmentVariableW
GetCurrentThread
GetCommandLineW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
CreateFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
InterlockedExchangeAdd
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetACP
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
FileTimeToSystemTime
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
HeapFree
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetStringTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
SetTimer
IsDialogMessageW
TranslateMessage
LoadIconW
KillTimer
PostQuitMessage
EnableWindow
ScreenToClient
IsWindow
MessageBoxW
ShowWindow
PostMessageW
GetWindowRect
SetWindowPos
DialogBoxParamW
SendMessageW
EndDialog
SetWindowTextW
SetFocus
GetDlgItem
GetWindowTextW
IsWindowVisible
CreateDialogParamW
GetMessageW
GetDesktopWindow
LoadStringW
DestroyIcon
GetSystemMetrics

gdi32

CreateSolidBrush
DeleteObject

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New/dggw.exe
.exe windows:5 windows x86 arch:x86

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Work\haozip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

HeapAlloc
LocalFree
GetProcessHeap
GetFileAttributesW
LoadLibraryW
CloseHandle
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetEnvironmentVariableW
GetCurrentThread
GetCommandLineW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
CreateFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
InterlockedExchangeAdd
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetACP
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
FileTimeToSystemTime
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
HeapFree
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetStringTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
SetTimer
IsDialogMessageW
TranslateMessage
LoadIconW
KillTimer
PostQuitMessage
EnableWindow
ScreenToClient
IsWindow
MessageBoxW
ShowWindow
PostMessageW
GetWindowRect
SetWindowPos
DialogBoxParamW
SendMessageW
EndDialog
SetWindowTextW
SetFocus
GetDlgItem
GetWindowTextW
IsWindowVisible
CreateDialogParamW
GetMessageW
GetDesktopWindow
LoadStringW
DestroyIcon
GetSystemMetrics

gdi32

CreateSolidBrush
DeleteObject

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New/vm-uw.exe
.exe windows:5 windows x86 arch:x86

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Work\haozip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

HeapAlloc
LocalFree
GetProcessHeap
GetFileAttributesW
LoadLibraryW
CloseHandle
GetProcAddress
FreeLibrary
GetCurrentProcess
GetVersionExW
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetEnvironmentVariableW
GetCurrentThread
GetCommandLineW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
CreateFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryExW
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
InterlockedExchangeAdd
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetACP
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
GetWindowsDirectoryW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentProcessId
FileTimeToSystemTime
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
HeapFree
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetStringTypeW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

DispatchMessageW
SetTimer
IsDialogMessageW
TranslateMessage
LoadIconW
KillTimer
PostQuitMessage
EnableWindow
ScreenToClient
IsWindow
MessageBoxW
ShowWindow
PostMessageW
GetWindowRect
SetWindowPos
DialogBoxParamW
SendMessageW
EndDialog
SetWindowTextW
SetFocus
GetDlgItem
GetWindowTextW
IsWindowVisible
CreateDialogParamW
GetMessageW
GetDesktopWindow
LoadStringW
DestroyIcon
GetSystemMetrics

gdi32

CreateSolidBrush
DeleteObject

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 20KB - Virtual size: 19KB

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 20KB - Virtual size: 19KB

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 20KB - Virtual size: 19KB

Password: infected

eec4c9510d1f15621b464022e8c2d408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 33KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 20KB - Virtual size: 19KB