Try VMRay Platform
Malicious
Classifications

Downloader

Threat Names

Emotet Mal/HTMLGen-A

Dynamic Analysis Report

Created on 2022-11-02T12:16:09+00:00

e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6.exe.ocx

Windows ActiveX Control (x86-64)

Remarks (1/1)

(0x02000009): DLL files normally need to be submitted with an appropriate loader. Analysis result may be incomplete if an appropriate loader was not submitted.

Filters:
File Name Category Type Verdict Actions
C:\Users\RDhJ0CNFevzX\Desktop\e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6.exe.ocx Sample File Binary
Malicious
»
Also Known As C:\Users\RDHJ0C~1\Desktop\e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6.exe.ocx (Accessed File)
C:\Windows\system32\KhajxY\lNyMEPRvd.dll (Accessed File, Dropped File)
MIME Type application/vnd.microsoft.portable-executable
File Size 664.50 KB
MD5 8bd3d333098c0ebd794275f220830556 Copy to Clipboard
SHA1 8b5c541b51f569e181cb7d51e2ecf44e395a1c65 Copy to Clipboard
SHA256 e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6 Copy to Clipboard
SSDeep 12288:v9D2/XRIK1chzV2rBt5APJlGIJ4cDVi8HY1lW+lJk1XY61IU:lD2vRA2rv5APJfJ4jiY18+lJkt Copy to Clipboard
ImpHash 6e8babed9b0b941a34aa7c12e96745c0 Copy to Clipboard
PE Information
»
Image Base 0x10000000
Entry Point 0x10024630
Size Of Code 0x0004E000
Size Of Initialized Data 0x00057E00
File Type IMAGE_FILE_DLL
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Machine Type IMAGE_FILE_MACHINE_AMD64
Compile Timestamp 2022-11-01 21:56 (UTC+1)
Sections (6)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x10001000 0x0004DF0B 0x0004E000 0x00000400 IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ 6.34
.rdata 0x1004F000 0x00017F46 0x00018000 0x0004E400 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 4.7
.data 0x10067000 0x000364D0 0x00030400 0x00066400 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 7.76
.pdata 0x1009E000 0x00005D84 0x00005E00 0x00096800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 5.82
.rsrc 0x100A4000 0x00006FD0 0x00007000 0x0009C600 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 4.13
.reloc 0x100AB000 0x00002A2A 0x00002C00 0x000A3600 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ 2.5
Imports (11)
»
KERNEL32.dll (136)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
GetDriveTypeA - 0x1004F130 0x00065238 0x00064638 0x00000156
RaiseException - 0x1004F138 0x00065240 0x00064640 0x000002A3
RtlPcToFileHeader - 0x1004F140 0x00065248 0x00064648 0x000002D9
RtlLookupFunctionEntry - 0x1004F148 0x00065250 0x00064650 0x000002D7
RtlUnwindEx - 0x1004F150 0x00065258 0x00064658 0x000002DD
ExitThread - 0x1004F158 0x00065260 0x00064660 0x000000BD
CreateThread - 0x1004F160 0x00065268 0x00064668 0x00000071
HeapAlloc - 0x1004F168 0x00065270 0x00064670 0x00000212
HeapFree - 0x1004F170 0x00065278 0x00064678 0x00000218
HeapReAlloc - 0x1004F178 0x00065280 0x00064680 0x0000021C
FlsSetValue - 0x1004F180 0x00065288 0x00064688 0x000000EF
GetCommandLineA - 0x1004F188 0x00065290 0x00064690 0x00000113
GetProcessHeap - 0x1004F190 0x00065298 0x00064698 0x000001A5
SetStdHandle - 0x1004F198 0x000652A0 0x000646A0 0x0000033D
GetFileType - 0x1004F1A0 0x000652A8 0x000646A8 0x00000169
ExitProcess - 0x1004F1A8 0x000652B0 0x000646B0 0x000000BC
HeapSize - 0x1004F1B0 0x000652B8 0x000646B8 0x0000021E
TerminateProcess - 0x1004F1B8 0x000652C0 0x000646C0 0x00000364
UnhandledExceptionFilter - 0x1004F1C0 0x000652C8 0x000646C8 0x00000374
SetUnhandledExceptionFilter - 0x1004F1C8 0x000652D0 0x000646D0 0x00000350
IsDebuggerPresent - 0x1004F1D0 0x000652D8 0x000646D8 0x00000235
RtlCaptureContext - 0x1004F1D8 0x000652E0 0x000646E0 0x000002D0
GetACP - 0x1004F1E0 0x000652E8 0x000646E8 0x00000100
FlsGetValue - 0x1004F1E8 0x000652F0 0x000646F0 0x000000EE
FlsFree - 0x1004F1F0 0x000652F8 0x000646F8 0x000000ED
FlsAlloc - 0x1004F1F8 0x00065300 0x00064700 0x000000EC
Sleep - 0x1004F200 0x00065308 0x00064708 0x0000035C
RtlVirtualUnwind - 0x1004F208 0x00065310 0x00064710 0x000002DE
HeapSetInformation - 0x1004F210 0x00065318 0x00064718 0x0000021D
HeapCreate - 0x1004F218 0x00065320 0x00064720 0x00000214
HeapDestroy - 0x1004F220 0x00065328 0x00064728 0x00000216
SetHandleCount - 0x1004F228 0x00065330 0x00064730 0x0000032A
GetStartupInfoA - 0x1004F230 0x00065338 0x00064738 0x000001B9
FreeEnvironmentStringsA - 0x1004F238 0x00065340 0x00064740 0x000000F9
GetEnvironmentStrings - 0x1004F240 0x00065348 0x00064748 0x00000158
FreeEnvironmentStringsW - 0x1004F248 0x00065350 0x00064750 0x000000FA
GetEnvironmentStringsW - 0x1004F250 0x00065358 0x00064758 0x0000015A
QueryPerformanceCounter - 0x1004F258 0x00065360 0x00064760 0x0000029F
GetTickCount - 0x1004F260 0x00065368 0x00064768 0x000001E1
GetSystemTimeAsFileTime - 0x1004F268 0x00065370 0x00064770 0x000001CC
GetConsoleCP - 0x1004F270 0x00065378 0x00064778 0x00000125
GetConsoleMode - 0x1004F278 0x00065380 0x00064780 0x00000136
GetTimeZoneInformation - 0x1004F280 0x00065388 0x00064788 0x000001E4
LCMapStringA - 0x1004F288 0x00065390 0x00064790 0x00000240
LCMapStringW - 0x1004F290 0x00065398 0x00064798 0x00000241
GetStringTypeA - 0x1004F298 0x000653A0 0x000647A0 0x000001BC
GetStringTypeW - 0x1004F2A0 0x000653A8 0x000647A8 0x000001BF
GetUserDefaultLCID - 0x1004F2A8 0x000653B0 0x000647B0 0x000001E5
EnumSystemLocalesA - 0x1004F2B0 0x000653B8 0x000647B8 0x000000B2
IsValidLocale - 0x1004F2B8 0x000653C0 0x000647C0 0x0000023D
IsValidCodePage - 0x1004F2C0 0x000653C8 0x000647C8 0x0000023B
WriteConsoleA - 0x1004F2C8 0x000653D0 0x000647D0 0x0000039F
GetConsoleOutputCP - 0x1004F2D0 0x000653D8 0x000647D8 0x00000138
WriteConsoleW - 0x1004F2D8 0x000653E0 0x000647E0 0x000003A9
GetLocaleInfoW - 0x1004F2E0 0x000653E8 0x000647E8 0x00000177
SetEnvironmentVariableA - 0x1004F2E8 0x000653F0 0x000647F0 0x0000031A
GetOEMCP - 0x1004F2F0 0x000653F8 0x000647F8 0x00000195
GetCPInfo - 0x1004F2F8 0x00065400 0x00064800 0x00000107
GlobalFlags - 0x1004F300 0x00065408 0x00064808 0x00000200
GetCurrentDirectoryA - 0x1004F308 0x00065410 0x00064810 0x00000143
WritePrivateProfileStringA - 0x1004F310 0x00065418 0x00064818 0x000003AF
GetFileTime - 0x1004F318 0x00065420 0x00064820 0x00000168
GetFileAttributesA - 0x1004F320 0x00065428 0x00064828 0x00000161
FileTimeToLocalFileTime - 0x1004F328 0x00065430 0x00064830 0x000000C7
CreateFileA - 0x1004F330 0x00065438 0x00064838 0x00000056
GetFullPathNameA - 0x1004F338 0x00065440 0x00064840 0x0000016C
GetVolumeInformationA - 0x1004F340 0x00065448 0x00064848 0x000001ED
FindFirstFileA - 0x1004F348 0x00065450 0x00064850 0x000000D5
FindClose - 0x1004F350 0x00065458 0x00064858 0x000000D1
GetCurrentProcess - 0x1004F358 0x00065460 0x00064860 0x00000145
DuplicateHandle - 0x1004F360 0x00065468 0x00064868 0x00000096
GetFileSize - 0x1004F368 0x00065470 0x00064870 0x00000166
SetEndOfFile - 0x1004F370 0x00065478 0x00064878 0x00000317
UnlockFile - 0x1004F378 0x00065480 0x00064880 0x00000375
LockFile - 0x1004F380 0x00065488 0x00064888 0x0000025F
FlushFileBuffers - 0x1004F388 0x00065490 0x00064890 0x000000F1
SetFilePointer - 0x1004F390 0x00065498 0x00064898 0x00000322
WriteFile - 0x1004F398 0x000654A0 0x000648A0 0x000003AA
ReadFile - 0x1004F3A0 0x000654A8 0x000648A8 0x000002B1
FileTimeToSystemTime - 0x1004F3A8 0x000654B0 0x000648B0 0x000000C8
GetThreadLocale - 0x1004F3B0 0x000654B8 0x000648B8 0x000001DC
TlsFree - 0x1004F3B8 0x000654C0 0x000648C0 0x0000036A
DeleteCriticalSection - 0x1004F3C0 0x000654C8 0x000648C8 0x00000084
LocalReAlloc - 0x1004F3C8 0x000654D0 0x000648D0 0x0000025B
TlsSetValue - 0x1004F3D0 0x000654D8 0x000648D8 0x0000036C
GlobalHandle - 0x1004F3D8 0x000654E0 0x000648E0 0x00000204
GlobalReAlloc - 0x1004F3E0 0x000654E8 0x000648E8 0x00000208
TlsAlloc - 0x1004F3E8 0x000654F0 0x000648F0 0x00000369
InitializeCriticalSection - 0x1004F3F0 0x000654F8 0x000648F8 0x00000225
EnterCriticalSection - 0x1004F3F8 0x00065500 0x00064900 0x0000009B
TlsGetValue - 0x1004F400 0x00065508 0x00064908 0x0000036B
LeaveCriticalSection - 0x1004F408 0x00065510 0x00064910 0x0000024D
LocalAlloc - 0x1004F410 0x00065518 0x00064918 0x00000254
GlobalGetAtomNameA - 0x1004F418 0x00065520 0x00064920 0x00000202
GlobalFindAtomA - 0x1004F420 0x00065528 0x00064928 0x000001FD
lstrcmpW - 0x1004F428 0x00065530 0x00064930 0x000003CB
GetVersionExA - 0x1004F430 0x00065538 0x00064938 0x000001EB
FreeResource - 0x1004F438 0x00065540 0x00064940 0x000000FD
GetCurrentProcessId - 0x1004F440 0x00065548 0x00064948 0x00000146
GlobalAddAtomA - 0x1004F448 0x00065550 0x00064950 0x000001F8
ResumeThread - 0x1004F450 0x00065558 0x00064958 0x000002CE
CloseHandle - 0x1004F458 0x00065560 0x00064960 0x00000036
GetCurrentThread - 0x1004F460 0x00065568 0x00064968 0x00000148
GetCurrentThreadId - 0x1004F468 0x00065570 0x00064970 0x00000149
ConvertDefaultLocale - 0x1004F470 0x00065578 0x00064978 0x00000042
EnumResourceLanguagesA - 0x1004F478 0x00065580 0x00064980 0x000000A6
GetLocaleInfoA - 0x1004F480 0x00065588 0x00064988 0x00000176
lstrcmpA - 0x1004F488 0x00065590 0x00064990 0x000003CA
FreeLibrary - 0x1004F490 0x00065598 0x00064998 0x000000FB
GlobalDeleteAtom - 0x1004F498 0x000655A0 0x000649A0 0x000001FC
GlobalFree - 0x1004F4A0 0x000655A8 0x000649A8 0x00000201
GlobalAlloc - 0x1004F4A8 0x000655B0 0x000649B0 0x000001FA
GlobalLock - 0x1004F4B0 0x000655B8 0x000649B8 0x00000205
GlobalUnlock - 0x1004F4B8 0x000655C0 0x000649C0 0x0000020C
FormatMessageA - 0x1004F4C0 0x000655C8 0x000649C8 0x000000F6
LocalFree - 0x1004F4C8 0x000655D0 0x000649D0 0x00000258
FindResourceA - 0x1004F4D0 0x000655D8 0x000649D8 0x000000E6
LoadResource - 0x1004F4D8 0x000655E0 0x000649E0 0x00000253
LockResource - 0x1004F4E0 0x000655E8 0x000649E8 0x00000261
SizeofResource - 0x1004F4E8 0x000655F0 0x000649F0 0x0000035B
MulDiv - 0x1004F4F0 0x000655F8 0x000649F8 0x00000270
lstrlenA - 0x1004F4F8 0x00065600 0x00064A00 0x000003D6
CompareStringW - 0x1004F500 0x00065608 0x00064A08 0x0000003D
CompareStringA - 0x1004F508 0x00065610 0x00064A10 0x0000003C
GetVersion - 0x1004F510 0x00065618 0x00064A18 0x000001EA
WideCharToMultiByte - 0x1004F518 0x00065620 0x00064A20 0x0000039A
MultiByteToWideChar - 0x1004F520 0x00065628 0x00064A28 0x00000271
GetLastError - 0x1004F528 0x00065630 0x00064A30 0x00000173
SetLastError - 0x1004F530 0x00065638 0x00064A38 0x0000032E
GetProcAddress - 0x1004F538 0x00065640 0x00064A40 0x000001A2
GetModuleHandleA - 0x1004F540 0x00065648 0x00064A48 0x00000181
LoadLibraryA - 0x1004F548 0x00065650 0x00064A50 0x0000024E
GetModuleFileNameA - 0x1004F550 0x00065658 0x00064A58 0x0000017F
VirtualAlloc - 0x1004F558 0x00065660 0x00064A60 0x00000387
GetStdHandle - 0x1004F560 0x00065668 0x00064A68 0x000001BB
WaitForSingleObject - 0x1004F568 0x00065670 0x00064A70 0x00000396
USER32.dll (113)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
UnregisterClassA - 0x1004F5C0 0x000656C8 0x00064AC8 0x000002BA
DestroyMenu - 0x1004F5C8 0x000656D0 0x00064AD0 0x00000097
RegisterWindowMessageA - 0x1004F5D0 0x000656D8 0x00064AD8 0x0000022A
SendDlgItemMessageA - 0x1004F5D8 0x000656E0 0x00064AE0 0x00000239
WinHelpA - 0x1004F5E0 0x000656E8 0x00064AE8 0x000002D8
GetCapture - 0x1004F5E8 0x000656F0 0x00064AF0 0x000000F3
GetClassLongA - 0x1004F5F0 0x000656F8 0x00064AF8 0x000000FA
GetClassNameA - 0x1004F5F8 0x00065700 0x00064B00 0x000000FE
GetClassLongPtrA - 0x1004F600 0x00065708 0x00064B08 0x000000FB
SetPropA - 0x1004F608 0x00065710 0x00064B10 0x0000026F
GetPropA - 0x1004F610 0x00065718 0x00064B18 0x0000014C
RemovePropA - 0x1004F618 0x00065720 0x00064B20 0x0000022F
GetForegroundWindow - 0x1004F620 0x00065728 0x00064B28 0x00000119
GetTopWindow - 0x1004F628 0x00065730 0x00064B30 0x00000165
GetWindowLongPtrA - 0x1004F630 0x00065738 0x00064B38 0x00000171
SetWindowLongPtrA - 0x1004F638 0x00065740 0x00064B40 0x00000286
GetMessageTime - 0x1004F640 0x00065748 0x00064B48 0x0000013F
MapWindowPoints - 0x1004F648 0x00065750 0x00064B50 0x000001DD
SetForegroundWindow - 0x1004F650 0x00065758 0x00064B58 0x0000025C
UpdateWindow - 0x1004F658 0x00065760 0x00064B60 0x000002C3
GetMenu - 0x1004F660 0x00065768 0x00064B68 0x0000012E
CreateWindowExA - 0x1004F668 0x00065770 0x00064B70 0x00000060
GetClassInfoExA - 0x1004F670 0x00065778 0x00064B78 0x000000F7
GetClassInfoA - 0x1004F678 0x00065780 0x00064B80 0x000000F6
RegisterClassA - 0x1004F680 0x00065788 0x00064B88 0x00000219
AdjustWindowRectEx - 0x1004F688 0x00065790 0x00064B90 0x00000002
PtInRect - 0x1004F690 0x00065798 0x00064B98 0x0000020F
GetDlgCtrlID - 0x1004F698 0x000657A0 0x00064BA0 0x00000112
DefWindowProcA - 0x1004F6A0 0x000657A8 0x00064BA8 0x0000008E
CallWindowProcA - 0x1004F6A8 0x000657B0 0x00064BB0 0x0000001B
SetWindowPos - 0x1004F6B0 0x000657B8 0x00064BB8 0x0000028A
SystemParametersInfoA - 0x1004F6B8 0x000657C0 0x00064BC0 0x000002A0
GetWindowPlacement - 0x1004F6C0 0x000657C8 0x00064BC8 0x00000177
GetWindowRect - 0x1004F6C8 0x000657D0 0x00064BD0 0x00000178
EndPaint - 0x1004F6D0 0x000657D8 0x00064BD8 0x000000C8
BeginPaint - 0x1004F6D8 0x000657E0 0x00064BE0 0x0000000D
ClientToScreen - 0x1004F6E0 0x000657E8 0x00064BE8 0x00000040
GrayStringA - 0x1004F6E8 0x000657F0 0x00064BF0 0x00000181
DrawTextExA - 0x1004F6F0 0x000657F8 0x00064BF8 0x000000BD
DrawTextA - 0x1004F6F8 0x00065800 0x00064C00 0x000000BC
GetWindowTextA - 0x1004F700 0x00065808 0x00064C08 0x0000017B
GetWindow - 0x1004F708 0x00065810 0x00064C10 0x0000016C
SetFocus - 0x1004F710 0x00065818 0x00064C18 0x0000025B
UnhookWindowsHookEx - 0x1004F718 0x00065820 0x00064C20 0x000002B5
ReleaseDC - 0x1004F720 0x00065828 0x00064C28 0x0000022D
GetDesktopWindow - 0x1004F728 0x00065830 0x00064C30 0x00000110
SetActiveWindow - 0x1004F730 0x00065838 0x00064C38 0x00000246
CreateDialogIndirectParamA - 0x1004F738 0x00065840 0x00064C40 0x00000052
DestroyWindow - 0x1004F740 0x00065848 0x00064C48 0x00000099
IsWindow - 0x1004F748 0x00065850 0x00064C50 0x000001B0
GetDlgItem - 0x1004F750 0x00065858 0x00064C58 0x00000113
GetNextDlgTabItem - 0x1004F758 0x00065860 0x00064C60 0x00000145
EndDialog - 0x1004F760 0x00065868 0x00064C68 0x000000C6
GetWindowThreadProcessId - 0x1004F768 0x00065870 0x00064C70 0x0000017F
GetWindowLongA - 0x1004F770 0x00065878 0x00064C78 0x00000170
GetLastActivePopup - 0x1004F778 0x00065880 0x00064C80 0x0000012A
IsWindowEnabled - 0x1004F780 0x00065888 0x00064C88 0x000001B1
MessageBoxA - 0x1004F788 0x00065890 0x00064C90 0x000001E2
SetCursor - 0x1004F790 0x00065898 0x00064C98 0x00000252
SetWindowsHookExA - 0x1004F798 0x000658A0 0x00064CA0 0x00000291
CallNextHookEx - 0x1004F7A0 0x000658A8 0x00064CA8 0x0000001A
GetActiveWindow - 0x1004F7A8 0x000658B0 0x00064CB0 0x000000EB
IsWindowVisible - 0x1004F7B0 0x000658B8 0x00064CB8 0x000001B4
GetKeyState - 0x1004F7B8 0x000658C0 0x00064CC0 0x00000123
GetCursorPos - 0x1004F7C0 0x000658C8 0x00064CC8 0x0000010D
ValidateRect - 0x1004F7C8 0x000658D0 0x00064CD0 0x000002CB
SetMenuItemBitmaps - 0x1004F7D0 0x000658D8 0x00064CD8 0x00000266
GetMenuCheckMarkDimensions - 0x1004F7D8 0x000658E0 0x00064CE0 0x00000130
LoadBitmapA - 0x1004F7E0 0x000658E8 0x00064CE8 0x000001BB
GetFocus - 0x1004F7E8 0x000658F0 0x00064CF0 0x00000118
GetParent - 0x1004F7F0 0x000658F8 0x00064CF8 0x00000147
ModifyMenuA - 0x1004F7F8 0x00065900 0x00064D00 0x000001EA
EnableMenuItem - 0x1004F800 0x00065908 0x00064D08 0x000000C2
CheckMenuItem - 0x1004F808 0x00065910 0x00064D10 0x00000039
PostMessageA - 0x1004F810 0x00065918 0x00064D18 0x00000205
PostQuitMessage - 0x1004F818 0x00065920 0x00064D20 0x00000207
GetMenuState - 0x1004F820 0x00065928 0x00064D28 0x00000139
GetMenuItemID - 0x1004F828 0x00065930 0x00064D30 0x00000135
LoadCursorA - 0x1004F830 0x00065938 0x00064D38 0x000001BD
GetSysColorBrush - 0x1004F838 0x00065940 0x00064D40 0x0000015D
ShowWindow - 0x1004F840 0x00065948 0x00064D48 0x00000299
GetMenuItemCount - 0x1004F848 0x00065950 0x00064D50 0x00000134
GetSubMenu - 0x1004F850 0x00065958 0x00064D58 0x0000015B
SetWindowTextA - 0x1004F858 0x00065960 0x00064D60 0x0000028D
IsDialogMessageA - 0x1004F860 0x00065968 0x00064D68 0x000001A4
CharUpperA - 0x1004F868 0x00065970 0x00064D70 0x00000034
GetSysColor - 0x1004F870 0x00065978 0x00064D78 0x0000015C
GetMessagePos - 0x1004F878 0x00065980 0x00064D80 0x0000013E
DestroyIcon - 0x1004F880 0x00065988 0x00064D88 0x00000096
InvalidateRect - 0x1004F888 0x00065990 0x00064D90 0x00000196
GetDC - 0x1004F890 0x00065998 0x00064D98 0x0000010E
ScreenToClient - 0x1004F898 0x000659A0 0x00064DA0 0x00000234
DrawFocusRect - 0x1004F8A0 0x000659A8 0x00064DA8 0x000000B3
OffsetRect - 0x1004F8A8 0x000659B0 0x00064DB0 0x000001F8
SetRect - 0x1004F8B0 0x000659B8 0x00064DB8 0x00000271
CopyRect - 0x1004F8B8 0x000659C0 0x00064DC0 0x0000004A
DrawStateA - 0x1004F8C0 0x000659C8 0x00064DC8 0x000000BA
EnableWindow - 0x1004F8C8 0x000659D0 0x00064DD0 0x000000C4
GetSystemMetrics - 0x1004F8D0 0x000659D8 0x00064DD8 0x0000015F
LoadIconA - 0x1004F8D8 0x000659E0 0x00064DE0 0x000001C1
GetClientRect - 0x1004F8E0 0x000659E8 0x00064DE8 0x00000101
IsIconic - 0x1004F8E8 0x000659F0 0x00064DF0 0x000001A9
SendMessageA - 0x1004F8F0 0x000659F8 0x00064DF8 0x0000023E
DrawIcon - 0x1004F8F8 0x00065A00 0x00064E00 0x000000B6
MsgWaitForMultipleObjects - 0x1004F900 0x00065A08 0x00064E08 0x000001F0
IsWindowUnicode - 0x1004F908 0x00065A10 0x00064E10 0x000001B3
GetMessageW - 0x1004F910 0x00065A18 0x00064E18 0x00000140
GetMessageA - 0x1004F918 0x00065A20 0x00064E20 0x0000013C
TranslateMessage - 0x1004F920 0x00065A28 0x00064E28 0x000002B1
DispatchMessageW - 0x1004F928 0x00065A30 0x00064E30 0x000000A2
DispatchMessageA - 0x1004F930 0x00065A38 0x00064E38 0x000000A1
PeekMessageA - 0x1004F938 0x00065A40 0x00064E40 0x00000203
TabbedTextOutA - 0x1004F940 0x00065A48 0x00064E48 0x000002A2
GDI32.dll (25)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ScaleWindowExtEx - 0x1004F060 0x00065168 0x00064568 0x00000209
DeleteDC - 0x1004F068 0x00065170 0x00064570 0x0000008C
GetStockObject - 0x1004F070 0x00065178 0x00064578 0x000001A5
SetWindowExtEx - 0x1004F078 0x00065180 0x00064580 0x00000242
GetObjectA - 0x1004F080 0x00065188 0x00064588 0x00000195
ScaleViewportExtEx - 0x1004F088 0x00065190 0x00064590 0x00000208
SetViewportExtEx - 0x1004F090 0x00065198 0x00064598 0x0000023E
OffsetViewportOrgEx - 0x1004F098 0x000651A0 0x000645A0 0x000001D5
SetViewportOrgEx - 0x1004F0A0 0x000651A8 0x000645A8 0x0000023F
SelectObject - 0x1004F0A8 0x000651B0 0x000645B0 0x0000020E
Escape - 0x1004F0B0 0x000651B8 0x000645B8 0x000000D4
ExtTextOutA - 0x1004F0B8 0x000651C0 0x000645C0 0x000000DD
TextOutA - 0x1004F0C0 0x000651C8 0x000645C8 0x0000024E
RectVisible - 0x1004F0C8 0x000651D0 0x000645D0 0x000001F5
PtVisible - 0x1004F0D0 0x000651D8 0x000645D8 0x000001F1
GetDeviceCaps - 0x1004F0D8 0x000651E0 0x000645E0 0x0000016B
DeleteObject - 0x1004F0E0 0x000651E8 0x000645E8 0x0000008F
GetClipBox - 0x1004F0E8 0x000651F0 0x000645F0 0x00000160
SetMapMode - 0x1004F0F0 0x000651F8 0x000645F8 0x0000022B
SetTextColor - 0x1004F0F8 0x00065200 0x00064600 0x0000023C
SetBkMode - 0x1004F100 0x00065208 0x00064608 0x00000216
SetBkColor - 0x1004F108 0x00065210 0x00064610 0x00000215
RestoreDC - 0x1004F110 0x00065218 0x00064618 0x00000200
SaveDC - 0x1004F118 0x00065220 0x00064620 0x00000207
CreateBitmap - 0x1004F120 0x00065228 0x00064628 0x00000027
comdlg32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
GetFileTitleA - 0x1004F970 0x00065A78 0x00064E78 0x00000007
WINSPOOL.DRV (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ClosePrinter - 0x1004F950 0x00065A58 0x00064E58 0x0000001B
DocumentPropertiesA - 0x1004F958 0x00065A60 0x00064E60 0x00000046
OpenPrinterA - 0x1004F960 0x00065A68 0x00064E68 0x0000007D
ADVAPI32.dll (9)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RegEnumKeyA - 0x1004F000 0x00065108 0x00064508 0x000001DD
RegSetValueExA - 0x1004F008 0x00065110 0x00064510 0x00000204
RegCreateKeyExA - 0x1004F010 0x00065118 0x00064518 0x000001D1
RegQueryValueA - 0x1004F018 0x00065120 0x00064520 0x000001F6
RegCloseKey - 0x1004F020 0x00065128 0x00064528 0x000001CB
RegDeleteKeyA - 0x1004F028 0x00065130 0x00064530 0x000001D4
RegOpenKeyExA - 0x1004F030 0x00065138 0x00064538 0x000001EC
RegQueryValueExA - 0x1004F038 0x00065140 0x00064540 0x000001F7
RegOpenKeyA - 0x1004F040 0x00065148 0x00064548 0x000001EB
COMCTL32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ImageList_GetIconSize - 0x1004F050 0x00065158 0x00064558 0x00000047
SHLWAPI.dll (4)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
PathFindFileNameA - 0x1004F598 0x000656A0 0x00064AA0 0x00000031
PathStripToRootA - 0x1004F5A0 0x000656A8 0x00064AA8 0x0000007D
PathFindExtensionA - 0x1004F5A8 0x000656B0 0x00064AB0 0x0000002F
PathIsUNCA - 0x1004F5B0 0x000656B8 0x00064AB8 0x00000055
ole32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CoLoadLibrary - 0x1004F980 0x00065A88 0x00064E88 0x00000047
OLEAUT32.dll (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
VariantClear 0x00000009 0x1004F578 0x00065680 0x00064A80 -
VariantChangeType 0x0000000C 0x1004F580 0x00065688 0x00064A88 -
VariantInit 0x00000008 0x1004F588 0x00065690 0x00064A90 -
urlmon.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
URLDownloadToFileA - 0x1004F990 0x00065A98 0x00064E98 0x0000004A
Exports (1)
»
API Name EAT Address Ordinal
DllRegisterServer 0x00001638 0x00000001
88eb549f6642c1ab2d38f9c15c0531d9b6a330eab6dd4b49b596bc25c03258cb Downloaded File Stream
Clean
»
MIME Type application/octet-stream
File Size 891 Bytes
MD5 151787e7df65ca6034c8d75436b51b38 Copy to Clipboard
SHA1 3ada9b15f60684b78b54d20212f2a53e37f586b5 Copy to Clipboard
SHA256 88eb549f6642c1ab2d38f9c15c0531d9b6a330eab6dd4b49b596bc25c03258cb Copy to Clipboard
SSDeep 24:0vIjUibpLq72RSdUmFuihIt+vICBFStK2V/ebW/x5A:x9U/dUmFuYIt+vIyotxWg5A Copy to Clipboard
ImpHash -
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image