Trojan[.]Win64[.]Dridex[.]ASFS[.]MTB-3f3ad389e9541bbce7ff09e031de4105c89ad468be01b7ef7310f189e2b98642N

Sharing

Copy URL

Twitter E-mail

General

Target

Trojan.Win64.Dridex.ASFS.MTB-3f3ad389e9541bbce7ff09e031de4105c89ad468be01b7ef7310f189e2b98642N
Size

968KB
MD5

2f6f37b1fbcaef784678f6c7c28b0000
SHA1

a95e2e1be2d3ff1981431b0410d085c26f3cee23
SHA256

3f3ad389e9541bbce7ff09e031de4105c89ad468be01b7ef7310f189e2b98642
SHA512

00a7e7919324f165262a70fcdd581b68ce7ff8a7ced313b6f8ba8511f20caf2c002a8bdc803a21d5263fde986691112649653ecf6a4fe27bdaab9248cf16e197
SSDEEP

12288:LfJV6EzPTIzQF9mVz5wYacR/8HiFeQBsjgyvunuAoA2U3PxyWhD:LhVXu8mZ5racR/xFejmnuAD2U3Prh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Trojan.Win64.Dridex.ASFS.MTB-3f3ad389e9541bbce7ff09e031de4105c89ad468be01b7ef7310f189e2b98642N

Files

Trojan.Win64.Dridex.ASFS.MTB-3f3ad389e9541bbce7ff09e031de4105c89ad468be01b7ef7310f189e2b98642N
.dll windows:5 windows x64 arch:x64

204759c3a1674d576e980fc25c55668c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdi32

GetRegionData

iphlpapi

IcmpSendEcho2

kernel32

GetNLSVersion
GetLastError
FindFirstVolumeMountPointW

Exports

Exports

??0?$PatternProvider@VExpandCollapseProvider@DirectUI@@UIExpandCollapseProvider@@$00@DirectUI@@QEAA@XZ
??0?$PatternProvider@VGridItemProvider@DirectUI@@UIGridItemProvider@@$01@DirectUI@@QEAA@XZ
??0?$PatternProvider@VGridProvider@DirectUI@@UIGridProvider@@$02@DirectUI@@QEAA@XZ
??0?$PatternProvider@VInvokeProvider@DirectUI@@UIInvokeProvider@@$0A@@DirectUI@@QEAA@XZ
??0?$PatternProvider@VRangeValueProvider@DirectUI@@UIRangeValueProvider@@$03@DirectUI@@QEAA@XZ
??0?$PatternProvider@VScrollItemProvider@DirectUI@@UIScrollItemProvider@@$05@DirectUI@@QEAA@XZ
??0?$PatternProvider@VScrollProvider@DirectUI@@UIScrollProvider@@$04@DirectUI@@QEAA@XZ
??0?$PatternProvider@VSelectionItemProvider@DirectUI@@UISelectionItemProvider@@$06@DirectUI@@QEAA@XZ
??0?$PatternProvider@VSelectionProvider@DirectUI@@UISelectionProvider@@$07@DirectUI@@QEAA@XZ
??0?$PatternProvider@VTableItemProvider@DirectUI@@UITableItemProvider@@$09@DirectUI@@QEAA@XZ
??0?$PatternProvider@VTableProvider@DirectUI@@UITableProvider@@$08@DirectUI@@QEAA@XZ
??0?$PatternProvider@VToggleProvider@DirectUI@@UIToggleProvider@@$0L@@DirectUI@@QEAA@XZ
??0?$PatternProvider@VValueProvider@DirectUI@@UIValueProvider@@$0M@@DirectUI@@QEAA@XZ
??0?$SafeArrayAccessor@H@DirectUI@@QEAA@XZ
??0AccessibleButton@DirectUI@@QEAA@$$QEAV01@@Z
??0AccessibleButton@DirectUI@@QEAA@AEBV01@@Z
??0AccessibleButton@DirectUI@@QEAA@XZ
??0AnimationStrip@DirectUI@@QEAA@AEBV01@@Z
??0AnimationStrip@DirectUI@@QEAA@XZ
??0AutoButton@DirectUI@@QEAA@$$QEAV01@@Z
??0AutoButton@DirectUI@@QEAA@AEBV01@@Z
??0AutoButton@DirectUI@@QEAA@XZ
??0AutoLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??0AutoThread@DirectUI@@QEAA@XZ
??0AutoVariant@DirectUI@@QEAA@XZ
??0BaseScrollBar@DirectUI@@QEAA@$$QEAV01@@Z
??0BaseScrollBar@DirectUI@@QEAA@AEBV01@@Z
??0BaseScrollBar@DirectUI@@QEAA@XZ
??0BaseScrollViewer@DirectUI@@QEAA@AEBV01@@Z
??0BaseScrollViewer@DirectUI@@QEAA@XZ
??0Bind@DirectUI@@QEAA@$$QEAV01@@Z
??0Bind@DirectUI@@QEAA@AEBV01@@Z
??0Bind@DirectUI@@QEAA@XZ
??0BorderLayout@DirectUI@@QEAA@AEBV01@@Z
??0BorderLayout@DirectUI@@QEAA@XZ
??0Browser@DirectUI@@QEAA@$$QEAV01@@Z
??0Browser@DirectUI@@QEAA@AEBV01@@Z
??0Browser@DirectUI@@QEAA@XZ
??0BrowserSelectionProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0BrowserSelectionProxy@DirectUI@@QEAA@AEBV01@@Z
??0BrowserSelectionProxy@DirectUI@@QEAA@XZ
??0Button@DirectUI@@QEAA@AEBV01@@Z
??0Button@DirectUI@@QEAA@XZ
??0CCAVI@DirectUI@@QEAA@$$QEAV01@@Z
??0CCAVI@DirectUI@@QEAA@AEBV01@@Z
??0CCAVI@DirectUI@@QEAA@XZ
??0CCBase@DirectUI@@QEAA@AEBV01@@Z
??0CCBase@DirectUI@@QEAA@KPEBG@Z
??0CCBaseCheckRadioButton@DirectUI@@QEAA@$$QEAV01@@Z
??0CCBaseCheckRadioButton@DirectUI@@QEAA@AEBV01@@Z
??0CCBaseCheckRadioButton@DirectUI@@QEAA@K@Z
??0CCBaseScrollBar@DirectUI@@QEAA@$$QEAV01@@Z
??0CCBaseScrollBar@DirectUI@@QEAA@AEBV01@@Z
??0CCBaseScrollBar@DirectUI@@QEAA@K@Z
??0CCCheckBox@DirectUI@@QEAA@$$QEAV01@@Z
??0CCCheckBox@DirectUI@@QEAA@AEBV01@@Z
??0CCCheckBox@DirectUI@@QEAA@K@Z
??0CCCommandLink@DirectUI@@QEAA@$$QEAV01@@Z
??0CCCommandLink@DirectUI@@QEAA@AEBV01@@Z
??0CCCommandLink@DirectUI@@QEAA@K@Z
??0CCHScrollBar@DirectUI@@QEAA@$$QEAV01@@Z
??0CCHScrollBar@DirectUI@@QEAA@AEBV01@@Z
??0CCHScrollBar@DirectUI@@QEAA@XZ
??0CCListBox@DirectUI@@QEAA@$$QEAV01@@Z
??0CCListBox@DirectUI@@QEAA@AEBV01@@Z
??0CCListBox@DirectUI@@QEAA@XZ
??0CCListView@DirectUI@@QEAA@$$QEAV01@@Z
??0CCListView@DirectUI@@QEAA@AEBV01@@Z
??0CCListView@DirectUI@@QEAA@XZ
??0CCProgressBar@DirectUI@@QEAA@$$QEAV01@@Z
??0CCProgressBar@DirectUI@@QEAA@AEBV01@@Z
??0CCProgressBar@DirectUI@@QEAA@XZ
??0CCPushButton@DirectUI@@QEAA@$$QEAV01@@Z
??0CCPushButton@DirectUI@@QEAA@AEBV01@@Z
??0CCPushButton@DirectUI@@QEAA@K@Z
??0CCRadioButton@DirectUI@@QEAA@$$QEAV01@@Z
??0CCRadioButton@DirectUI@@QEAA@AEBV01@@Z
??0CCRadioButton@DirectUI@@QEAA@XZ
??0CCSysLink@DirectUI@@QEAA@$$QEAV01@@Z
??0CCSysLink@DirectUI@@QEAA@AEBV01@@Z
??0CCSysLink@DirectUI@@QEAA@XZ
??0CCTrackBar@DirectUI@@QEAA@$$QEAV01@@Z
??0CCTrackBar@DirectUI@@QEAA@AEBV01@@Z
??0CCTrackBar@DirectUI@@QEAA@XZ
??0CCTreeView@DirectUI@@QEAA@$$QEAV01@@Z
??0CCTreeView@DirectUI@@QEAA@AEBV01@@Z
??0CCTreeView@DirectUI@@QEAA@K@Z
??0CCVScrollBar@DirectUI@@QEAA@$$QEAV01@@Z
??0CCVScrollBar@DirectUI@@QEAA@AEBV01@@Z
??0CCVScrollBar@DirectUI@@QEAA@XZ
??0CallstackTracker@DirectUI@@QEAA@XZ
??0CheckBoxGlyph@DirectUI@@QEAA@AEBV01@@Z
??0CheckBoxGlyph@DirectUI@@QEAA@XZ
??0ClassInfoBase@DirectUI@@QEAA@AEBV01@@Z
??0ClassInfoBase@DirectUI@@QEAA@XZ
??0Clipper@DirectUI@@QEAA@$$QEAV01@@Z
??0Clipper@DirectUI@@QEAA@AEBV01@@Z
??0Clipper@DirectUI@@QEAA@XZ
??0Combobox@DirectUI@@QEAA@AEBV01@@Z
??0Combobox@DirectUI@@QEAA@XZ
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??0DCSurface@DirectUI@@QEAA@AEBV01@@Z
??0DCSurface@DirectUI@@QEAA@PEAUHDC__@@@Z
??0DUIFactory@DirectUI@@QEAA@PEAUHWND__@@@Z
??0DUIXmlParser@DirectUI@@QEAA@AEBV01@@Z
??0DUIXmlParser@DirectUI@@QEAA@XZ
??0DialogElement@DirectUI@@QEAA@$$QEAV01@@Z
??0DialogElement@DirectUI@@QEAA@AEBV01@@Z
??0DialogElement@DirectUI@@QEAA@XZ
??0DuiAccessible@DirectUI@@QEAA@XZ
??0Edit@DirectUI@@QEAA@AEBV01@@Z
??0Edit@DirectUI@@QEAA@XZ
??0Element@DirectUI@@QEAA@AEBV01@@Z
??0Element@DirectUI@@QEAA@XZ
??0ElementProvider@DirectUI@@QEAA@XZ
??0ElementProxy@DirectUI@@IEAA@XZ
??0ElementProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ElementProxy@DirectUI@@QEAA@AEBV01@@Z
??0ElementWithHWND@DirectUI@@QEAA@$$QEAV01@@Z
??0ElementWithHWND@DirectUI@@QEAA@AEBV01@@Z
??0ElementWithHWND@DirectUI@@QEAA@XZ
??0ExpandCollapseProvider@DirectUI@@QEAA@XZ
??0ExpandCollapseProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ExpandCollapseProxy@DirectUI@@QEAA@AEBV01@@Z
??0ExpandCollapseProxy@DirectUI@@QEAA@XZ
??0Expandable@DirectUI@@QEAA@$$QEAV01@@Z
??0Expandable@DirectUI@@QEAA@AEBV01@@Z
??0Expandable@DirectUI@@QEAA@XZ
??0Expando@DirectUI@@QEAA@$$QEAV01@@Z
??0Expando@DirectUI@@QEAA@AEBV01@@Z
??0Expando@DirectUI@@QEAA@XZ
??0ExpandoButtonGlyph@DirectUI@@QEAA@AEBV01@@Z
??0ExpandoButtonGlyph@DirectUI@@QEAA@XZ
??0FillLayout@DirectUI@@QEAA@AEBV01@@Z
??0FillLayout@DirectUI@@QEAA@XZ
??0FlowLayout@DirectUI@@QEAA@AEBV01@@Z
??0FlowLayout@DirectUI@@QEAA@XZ
??0FontCache@DirectUI@@QEAA@$$QEAV01@@Z
??0FontCache@DirectUI@@QEAA@AEBV01@@Z
??0FontCache@DirectUI@@QEAA@XZ
??0FontCheckOut@DirectUI@@QEAA@PEAVElement@1@PEAUHDC__@@@Z
??0GridItemProvider@DirectUI@@QEAA@XZ
??0GridItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0GridItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0GridItemProxy@DirectUI@@QEAA@XZ
??0GridLayout@DirectUI@@QEAA@AEBV01@@Z
??0GridLayout@DirectUI@@QEAA@XZ
??0GridProvider@DirectUI@@QEAA@XZ
??0GridProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0GridProxy@DirectUI@@QEAA@AEBV01@@Z
??0GridProxy@DirectUI@@QEAA@XZ
??0HWNDElement@DirectUI@@QEAA@AEBV01@@Z
??0HWNDElement@DirectUI@@QEAA@XZ
??0HWNDElementAccessible@DirectUI@@QEAA@XZ
??0HWNDElementProvider@DirectUI@@QEAA@XZ
??0HWNDElementProxy@DirectUI@@IEAA@XZ
??0HWNDElementProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0HWNDElementProxy@DirectUI@@QEAA@AEBV01@@Z
??0HWNDHost@DirectUI@@QEAA@AEBV01@@Z
??0HWNDHost@DirectUI@@QEAA@XZ
??0HWNDHostAccessible@DirectUI@@QEAA@XZ
??0HWNDHostClientAccessible@DirectUI@@QEAA@XZ
??0IDataEngine@DirectUI@@QEAA@AEBU01@@Z
??0IDataEngine@DirectUI@@QEAA@XZ
??0IDataEntry@DirectUI@@QEAA@AEBU01@@Z
??0IDataEntry@DirectUI@@QEAA@XZ
??0IProvider@DirectUI@@QEAA@$$QEAV01@@Z
??0IProvider@DirectUI@@QEAA@AEBV01@@Z
??0IProvider@DirectUI@@QEAA@XZ
??0ISBLeak@DirectUI@@QEAA@$$QEAU01@@Z
??0ISBLeak@DirectUI@@QEAA@AEBU01@@Z
??0ISBLeak@DirectUI@@QEAA@XZ
??0IXElementCP@DirectUI@@QEAA@$$QEAV01@@Z
??0IXElementCP@DirectUI@@QEAA@AEBV01@@Z
??0IXElementCP@DirectUI@@QEAA@XZ
??0IXProviderCP@DirectUI@@QEAA@$$QEAV01@@Z
??0IXProviderCP@DirectUI@@QEAA@AEBV01@@Z
??0IXProviderCP@DirectUI@@QEAA@XZ
??0InvokeHelper@DirectUI@@QEAA@XZ
??0InvokeProvider@DirectUI@@QEAA@XZ
??0InvokeProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0InvokeProxy@DirectUI@@QEAA@AEBV01@@Z
??0InvokeProxy@DirectUI@@QEAA@XZ
??0ItemList@DirectUI@@QEAA@XZ
??0Layout@DirectUI@@QEAA@AEBV01@@Z
??0Layout@DirectUI@@QEAA@XZ
??0LinkedList@DirectUI@@QEAA@XZ
??0Macro@DirectUI@@QEAA@$$QEAV01@@Z
??0Macro@DirectUI@@QEAA@AEBV01@@Z
??0Macro@DirectUI@@QEAA@XZ
??0ModernProgressBar@DirectUI@@QEAA@XZ
??0ModernProgressBarRangeValueProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ModernProgressBarRangeValueProxy@DirectUI@@QEAA@AEBV01@@Z
??0ModernProgressBarRangeValueProxy@DirectUI@@QEAA@XZ
??0ModernProgressRing@DirectUI@@QEAA@XZ
??0Movie@DirectUI@@QEAA@AEBV01@@Z
??0Movie@DirectUI@@QEAA@XZ
??0NativeHWNDHost@DirectUI@@QEAA@AEBV01@@Z
??0NativeHWNDHost@DirectUI@@QEAA@XZ
??0Navigator@DirectUI@@QEAA@$$QEAV01@@Z
??0Navigator@DirectUI@@QEAA@AEBV01@@Z
??0Navigator@DirectUI@@QEAA@XZ
??0NavigatorSelectionItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0NavigatorSelectionItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0NavigatorSelectionItemProxy@DirectUI@@QEAA@XZ
??0NineGridLayout@DirectUI@@QEAA@AEBV01@@Z
??0NineGridLayout@DirectUI@@QEAA@XZ
??0PText@DirectUI@@QEAA@AEBV01@@Z
??0PText@DirectUI@@QEAA@XZ
??0Page@DirectUI@@QEAA@$$QEAV01@@Z
??0Page@DirectUI@@QEAA@AEBV01@@Z
??0Page@DirectUI@@QEAA@XZ
??0Pages@DirectUI@@QEAA@$$QEAV01@@Z
??0Pages@DirectUI@@QEAA@AEBV01@@Z
??0Pages@DirectUI@@QEAA@XZ
??0Progress@DirectUI@@QEAA@AEBV01@@Z
??0Progress@DirectUI@@QEAA@XZ
??0ProgressRangeValueProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ProgressRangeValueProxy@DirectUI@@QEAA@AEBV01@@Z
??0ProgressRangeValueProxy@DirectUI@@QEAA@XZ
??0ProviderProxy@DirectUI@@IEAA@XZ
??0ProviderProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ProviderProxy@DirectUI@@QEAA@AEBV01@@Z
??0Proxy@DirectUI@@QEAA@AEBV01@@Z
??0Proxy@DirectUI@@QEAA@XZ
??0PushButton@DirectUI@@QEAA@$$QEAV01@@Z
??0PushButton@DirectUI@@QEAA@AEBV01@@Z
??0PushButton@DirectUI@@QEAA@XZ
??0RadioButtonGlyph@DirectUI@@QEAA@AEBV01@@Z
??0RadioButtonGlyph@DirectUI@@QEAA@XZ
??0RangeValueProvider@DirectUI@@QEAA@XZ
??0RangeValueProxy@DirectUI@@IEAA@XZ
??0RangeValueProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0RangeValueProxy@DirectUI@@QEAA@AEBV01@@Z
??0RefPointElement@DirectUI@@QEAA@AEBV01@@Z
??0RefPointElement@DirectUI@@QEAA@XZ
??0RefcountBase@DirectUI@@QEAA@XZ
??0RepeatButton@DirectUI@@QEAA@AEBV01@@Z
??0RepeatButton@DirectUI@@QEAA@XZ
??0Repeater@DirectUI@@QEAA@$$QEAV01@@Z
??0Repeater@DirectUI@@QEAA@AEBV01@@Z
??0Repeater@DirectUI@@QEAA@XZ
??0ResourceModuleHandles@DirectUI@@QEAA@XZ
??0RichText@DirectUI@@QEAA@XZ
??0RowLayout@DirectUI@@QEAA@AEBV01@@Z
??0RowLayout@DirectUI@@QEAA@XZ
??0ScrollBar@DirectUI@@QEAA@AEBV01@@Z
??0ScrollBar@DirectUI@@QEAA@XZ
??0ScrollBarRangeValueProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ScrollBarRangeValueProxy@DirectUI@@QEAA@AEBV01@@Z
??0ScrollBarRangeValueProxy@DirectUI@@QEAA@XZ
??0ScrollItemProvider@DirectUI@@QEAA@XZ
??0ScrollItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ScrollItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0ScrollItemProxy@DirectUI@@QEAA@XZ
??0ScrollProvider@DirectUI@@QEAA@XZ
??0ScrollProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ScrollProxy@DirectUI@@QEAA@AEBV01@@Z
??0ScrollProxy@DirectUI@@QEAA@XZ
??0ScrollViewer@DirectUI@@QEAA@AEBV01@@Z
??0ScrollViewer@DirectUI@@QEAA@XZ
??0SelectionItemProvider@DirectUI@@QEAA@XZ
??0SelectionItemProxy@DirectUI@@IEAA@XZ
??0SelectionItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0SelectionItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0SelectionProvider@DirectUI@@QEAA@XZ
??0SelectionProxy@DirectUI@@IEAA@XZ
??0SelectionProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0SelectionProxy@DirectUI@@QEAA@AEBV01@@Z
??0Selector@DirectUI@@QEAA@AEBV01@@Z
??0Selector@DirectUI@@QEAA@XZ
??0SelectorNoDefault@DirectUI@@QEAA@$$QEAV01@@Z
??0SelectorNoDefault@DirectUI@@QEAA@AEBV01@@Z
??0SelectorNoDefault@DirectUI@@QEAA@XZ
??0SelectorSelectionItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0SelectorSelectionItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0SelectorSelectionItemProxy@DirectUI@@QEAA@XZ
??0SelectorSelectionProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0SelectorSelectionProxy@DirectUI@@QEAA@AEBV01@@Z
??0SelectorSelectionProxy@DirectUI@@QEAA@XZ
??0ShellBorderLayout@DirectUI@@QEAA@AEBV01@@Z
??0ShellBorderLayout@DirectUI@@QEAA@XZ
??0StyleSheet@DirectUI@@QEAA@$$QEAV01@@Z
??0StyleSheet@DirectUI@@QEAA@AEBV01@@Z
??0StyleSheet@DirectUI@@QEAA@XZ
??0StyledScrollViewer@DirectUI@@QEAA@AEBV01@@Z
??0StyledScrollViewer@DirectUI@@QEAA@XZ
??0Surface@DirectUI@@QEAA@AEBV01@@Z
??0Surface@DirectUI@@QEAA@XZ
??0TableItemProvider@DirectUI@@QEAA@XZ
??0TableItemProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0TableItemProxy@DirectUI@@QEAA@AEBV01@@Z
??0TableItemProxy@DirectUI@@QEAA@XZ
??0TableLayout@DirectUI@@QEAA@AEBV01@@Z
??0TableLayout@DirectUI@@QEAA@XZ
??0TableProvider@DirectUI@@QEAA@XZ
??0TableProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0TableProxy@DirectUI@@QEAA@AEBV01@@Z
??0TableProxy@DirectUI@@QEAA@XZ
??0TaskPage@DirectUI@@QEAA@AEBV01@@Z
??0TaskPage@DirectUI@@QEAA@XZ
??0TextGraphic@DirectUI@@QEAA@$$QEAV01@@Z
??0TextGraphic@DirectUI@@QEAA@AEBV01@@Z
??0TextGraphic@DirectUI@@QEAA@XZ
??0Thumb@DirectUI@@QEAA@AEBV01@@Z
??0Thumb@DirectUI@@QEAA@XZ
??0ToggleProvider@DirectUI@@QEAA@XZ
??0ToggleProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ToggleProxy@DirectUI@@QEAA@AEBV01@@Z
??0ToggleProxy@DirectUI@@QEAA@XZ
??0TouchButton@DirectUI@@QEAA@XZ
??0TouchCheckBox@DirectUI@@QEAA@XZ
??0TouchCheckBoxGlyph@DirectUI@@QEAA@XZ
??0TouchCommandButton@DirectUI@@QEAA@XZ
??0TouchEdit2@DirectUI@@QEAA@XZ
??0TouchHWNDElement@DirectUI@@QEAA@XZ
??0TouchHyperLink@DirectUI@@QEAA@XZ
??0TouchRepeatButton@DirectUI@@QEAA@XZ
??0TouchScrollBar@DirectUI@@QEAA@XZ
??0TouchSelect@DirectUI@@QEAA@XZ
??0TouchSelectItem@DirectUI@@QEAA@XZ
??0UnknownElement@DirectUI@@QEAA@AEBV01@@Z
??0UnknownElement@DirectUI@@QEAA@XZ
??0ValueProvider@DirectUI@@QEAA@XZ
??0ValueProxy@DirectUI@@QEAA@$$QEAV01@@Z
??0ValueProxy@DirectUI@@QEAA@AEBV01@@Z
??0ValueProxy@DirectUI@@QEAA@XZ
??0VerticalFlowLayout@DirectUI@@QEAA@AEBV01@@Z
??0VerticalFlowLayout@DirectUI@@QEAA@XZ
??0Viewer@DirectUI@@QEAA@AEBV01@@Z
??0Viewer@DirectUI@@QEAA@XZ
??0XBaby@DirectUI@@QEAA@AEBV01@@Z
??0XBaby@DirectUI@@QEAA@XZ
??0XElement@DirectUI@@QEAA@AEBV01@@Z
??0XElement@DirectUI@@QEAA@XZ
??0XHost@DirectUI@@QEAA@XZ
??0XProvider@DirectUI@@QEAA@AEBV01@@Z
??0XProvider@DirectUI@@QEAA@XZ
??0XResourceProvider@DirectUI@@QEAA@$$QEAV01@@Z
??0XResourceProvider@DirectUI@@QEAA@AEBV01@@Z
??0XResourceProvider@DirectUI@@QEAA@XZ
??1?$PatternProvider@VExpandCollapseProvider@DirectUI@@UIExpandCollapseProvider@@$00@DirectUI@@UEAA@XZ
??1?$PatternProvider@VGridItemProvider@DirectUI@@UIGridItemProvider@@$01@DirectUI@@UEAA@XZ
??1?$PatternProvider@VGridProvider@DirectUI@@UIGridProvider@@$02@DirectUI@@UEAA@XZ
??1?$PatternProvider@VInvokeProvider@DirectUI@@UIInvokeProvider@@$0A@@DirectUI@@UEAA@XZ
??1?$PatternProvider@VRangeValueProvider@DirectUI@@UIRangeValueProvider@@$03@DirectUI@@UEAA@XZ
??1?$PatternProvider@VScrollItemProvider@DirectUI@@UIScrollItemProvider@@$05@DirectUI@@UEAA@XZ
??1?$PatternProvider@VScrollProvider@DirectUI@@UIScrollProvider@@$04@DirectUI@@UEAA@XZ
??1?$PatternProvider@VSelectionItemProvider@DirectUI@@UISelectionItemProvider@@$06@DirectUI@@UEAA@XZ
??1?$PatternProvider@VSelectionProvider@DirectUI@@UISelectionProvider@@$07@DirectUI@@UEAA@XZ
??1?$PatternProvider@VTableItemProvider@DirectUI@@UITableItemProvider@@$09@DirectUI@@UEAA@XZ
??1?$PatternProvider@VTableProvider@DirectUI@@UITableProvider@@$08@DirectUI@@UEAA@XZ
??1?$PatternProvider@VToggleProvider@DirectUI@@UIToggleProvider@@$0L@@DirectUI@@UEAA@XZ
??1?$PatternProvider@VValueProvider@DirectUI@@UIValueProvider@@$0M@@DirectUI@@UEAA@XZ
??1?$SafeArrayAccessor@H@DirectUI@@QEAA@XZ
??1AccessibleButton@DirectUI@@UEAA@XZ
??1AnimationStrip@DirectUI@@UEAA@XZ
??1AutoButton@DirectUI@@UEAA@XZ
??1AutoLock@DirectUI@@QEAA@XZ
??1AutoThread@DirectUI@@QEAA@XZ
??1AutoVariant@DirectUI@@QEAA@XZ
??1BaseScrollViewer@DirectUI@@UEAA@XZ
??1Bind@DirectUI@@UEAA@XZ
??1BorderLayout@DirectUI@@UEAA@XZ
??1Browser@DirectUI@@UEAA@XZ
??1Button@DirectUI@@UEAA@XZ
??1CCAVI@DirectUI@@UEAA@XZ
??1CCBase@DirectUI@@UEAA@XZ
??1CCBaseCheckRadioButton@DirectUI@@UEAA@XZ
??1CCBaseScrollBar@DirectUI@@UEAA@XZ
??1CCCheckBox@DirectUI@@UEAA@XZ
??1CCCommandLink@DirectUI@@UEAA@XZ
??1CCHScrollBar@DirectUI@@UEAA@XZ
??1CCListBox@DirectUI@@UEAA@XZ
??1CCListView@DirectUI@@UEAA@XZ
??1CCProgressBar@DirectUI@@UEAA@XZ
??1CCPushButton@DirectUI@@UEAA@XZ
??1CCRadioButton@DirectUI@@UEAA@XZ
??1CCSysLink@DirectUI@@UEAA@XZ
??1CCTrackBar@DirectUI@@UEAA@XZ
??1CCTreeView@DirectUI@@UEAA@XZ
??1CCVScrollBar@DirectUI@@UEAA@XZ
??1CallstackTracker@DirectUI@@QEAA@XZ
??1CheckBoxGlyph@DirectUI@@UEAA@XZ
??1ClassInfoBase@DirectUI@@UEAA@XZ
??1Clipper@DirectUI@@UEAA@XZ
??1Combobox@DirectUI@@UEAA@XZ
??1CritSecLock@DirectUI@@QEAA@XZ
??1DCSurface@DirectUI@@UEAA@XZ
??1DUIFactory@DirectUI@@QEAA@XZ
??1DUIXmlParser@DirectUI@@UEAA@XZ
??1DialogElement@DirectUI@@UEAA@XZ
??1DuiAccessible@DirectUI@@UEAA@XZ
??1Edit@DirectUI@@UEAA@XZ
??1Element@DirectUI@@UEAA@XZ
??1ElementProvider@DirectUI@@UEAA@XZ
??1ElementWithHWND@DirectUI@@UEAA@XZ
??1ExpandCollapseProvider@DirectUI@@UEAA@XZ
??1Expandable@DirectUI@@UEAA@XZ
??1Expando@DirectUI@@UEAA@XZ
??1ExpandoButtonGlyph@DirectUI@@UEAA@XZ
??1FillLayout@DirectUI@@UEAA@XZ
??1FlowLayout@DirectUI@@UEAA@XZ
??1FontCheckOut@DirectUI@@QEAA@XZ
??1GridItemProvider@DirectUI@@UEAA@XZ
??1GridLayout@DirectUI@@UEAA@XZ
??1GridProvider@DirectUI@@UEAA@XZ
??1HWNDElement@DirectUI@@UEAA@XZ
??1HWNDElementAccessible@DirectUI@@UEAA@XZ
??1HWNDElementProvider@DirectUI@@UEAA@XZ
??1HWNDHost@DirectUI@@UEAA@XZ
??1HWNDHostAccessible@DirectUI@@UEAA@XZ
??1HWNDHostClientAccessible@DirectUI@@UEAA@XZ
??1IDataEngine@DirectUI@@UEAA@XZ
??1IDataEntry@DirectUI@@UEAA@XZ
??1InvokeHelper@DirectUI@@UEAA@XZ
??1InvokeProvider@DirectUI@@UEAA@XZ
??1ItemList@DirectUI@@UEAA@XZ
??1Layout@DirectUI@@UEAA@XZ
??1LinkedList@DirectUI@@QEAA@XZ
??1Macro@DirectUI@@UEAA@XZ
??1ModernProgressBar@DirectUI@@UEAA@XZ
??1ModernProgressRing@DirectUI@@UEAA@XZ
??1Movie@DirectUI@@UEAA@XZ
??1NativeHWNDHost@DirectUI@@UEAA@XZ
??1Navigator@DirectUI@@UEAA@XZ
??1NineGridLayout@DirectUI@@UEAA@XZ
??1PText@DirectUI@@UEAA@XZ
??1Page@DirectUI@@UEAA@XZ
??1Pages@DirectUI@@UEAA@XZ
??1Progress@DirectUI@@UEAA@XZ
??1Proxy@DirectUI@@UEAA@XZ
??1PushButton@DirectUI@@UEAA@XZ
??1RadioButtonGlyph@DirectUI@@UEAA@XZ
??1RangeValueProvider@DirectUI@@UEAA@XZ
??1RefPointElement@DirectUI@@UEAA@XZ
??1RefcountBase@DirectUI@@UEAA@XZ
??1RepeatButton@DirectUI@@UEAA@XZ
??1Repeater@DirectUI@@UEAA@XZ
??1ResourceModuleHandles@DirectUI@@QEAA@XZ
??1RichText@DirectUI@@UEAA@XZ
??1RowLayout@DirectUI@@UEAA@XZ
??1ScrollBar@DirectUI@@UEAA@XZ
??1ScrollItemProvider@DirectUI@@UEAA@XZ
??1ScrollProvider@DirectUI@@UEAA@XZ
??1ScrollViewer@DirectUI@@UEAA@XZ
??1SelectionItemProvider@DirectUI@@UEAA@XZ
??1SelectionProvider@DirectUI@@UEAA@XZ
??1Selector@DirectUI@@UEAA@XZ
??1SelectorNoDefault@DirectUI@@UEAA@XZ
??1ShellBorderLayout@DirectUI@@UEAA@XZ
??1StyledScrollViewer@DirectUI@@UEAA@XZ
??1Surface@DirectUI@@UEAA@XZ
??1TableItemProvider@DirectUI@@UEAA@XZ
??1TableLayout@DirectUI@@UEAA@XZ
??1TableProvider@DirectUI@@UEAA@XZ
??1TaskPage@DirectUI@@UEAA@XZ
??1TextGraphic@DirectUI@@UEAA@XZ
??1Thumb@DirectUI@@UEAA@XZ
??1ToggleProvider@DirectUI@@UEAA@XZ
??1TouchButton@DirectUI@@UEAA@XZ
??1TouchCheckBox@DirectUI@@UEAA@XZ
??1TouchCheckBoxGlyph@DirectUI@@UEAA@XZ
??1TouchHWNDElement@DirectUI@@UEAA@XZ
??1TouchHyperLink@DirectUI@@UEAA@XZ
??1TouchScrollBar@DirectUI@@UEAA@XZ
??1TouchSelect@DirectUI@@UEAA@XZ
??1TouchSelectItem@DirectUI@@UEAA@XZ
??1UnknownElement@DirectUI@@UEAA@XZ
??1ValueProvider@DirectUI@@UEAA@XZ
??1VerticalFlowLayout@DirectUI@@UEAA@XZ
??1Viewer@DirectUI@@UEAA@XZ
??1XBaby@DirectUI@@UEAA@XZ
??1XElement@DirectUI@@UEAA@XZ
??1XHost@DirectUI@@QEAA@XZ
??1XProvider@DirectUI@@UEAA@XZ
??4?$FunctionDefinition@H@DUIXmlParser@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4?$FunctionDefinition@H@DUIXmlParser@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4?$FunctionDefinition@K@DUIXmlParser@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4?$FunctionDefinition@K@DUIXmlParser@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4?$FunctionDefinition@PEAVValue@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4?$FunctionDefinition@PEAVValue@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4?$FunctionDefinition@UScaledRECT@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4?$FunctionDefinition@UScaledRECT@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4?$FunctionDefinition@UScaledSIZE@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4?$FunctionDefinition@UScaledSIZE@DirectUI@@@DUIXmlParser@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4ACCESSIBLEROLE@AccessibleButton@DirectUI@@QEAAAEAU012@$$QEAU012@@Z
??4ACCESSIBLEROLE@AccessibleButton@DirectUI@@QEAAAEAU012@AEBU012@@Z
??4AccessibleButton@DirectUI@@QEAAAEAV01@$$QEAV01@@Z
??4AccessibleButton@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4AnimationStrip@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4AutoButton@DirectUI@@QEAAAEAV01@$$QEAV01@@Z
??4AutoButton@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4AutoLock@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4AutoThread@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4AutoVariant@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4BaseScrollBar@DirectUI@@QEAAAEAV01@$$QEAV01@@Z
??4BaseScrollBar@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4BaseScrollViewer@DirectUI@@QEAAAEAV01@AEBV01@@Z
??4Bind@DirectUI@@QEAAAEAV01@$$QEAV01@@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

204759c3a1674d576e980fc25c55668c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

iphlpapi

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 520KB - Virtual size: 519KB

pdata Size: 76KB - Virtual size: 75KB

.pdata Size: 4KB - Virtual size: 324B

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 4KB - Virtual size: 2KB

Size: 4KB - Virtual size: 571B

Size: 4KB - Virtual size: 674B

Size: 8KB - Virtual size: 4KB

Size: 8KB - Virtual size: 4KB

Size: 4KB - Virtual size: 3KB

Size: 4KB - Virtual size: 674B

Size: 8KB - Virtual size: 6KB

Size: 4KB - Virtual size: 905B

Size: 4KB - Virtual size: 2KB

Size: 4KB - Virtual size: 571B

Size: 280KB - Virtual size: 276KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 520KB - Virtual size: 519KB

pdata
Size: 76KB - Virtual size: 75KB

.pdata
Size: 4KB - Virtual size: 324B

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 4KB - Virtual size: 2KB