Sample details: 79ab57eabbf6a40618ce603c1590780e --

Hashes
MD5: 79ab57eabbf6a40618ce603c1590780e
SHA1: 4e8edee5c3ed670804a8e5b1ce6a2a4f3b1191cc
SHA256: 4bddc5f3817d5a1e16f39735d71f761c1680ccc943441c3c7cf3194cc15fe739
SSDEEP: 768:yx3LY+sPhWVJPsedLVDUYlkXrSXVteUdztHK2z9IkCBHQtcNg:SL9nVJEetVDUxSp1K2z9IDH3g
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETDLLMicrosoft | YRP/IsPE32 | YRP/IsNET_DLL | YRP/IsDLL | YRP/IsConsole | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://pt-fblogin.com/KL%20DEVELOPER/LOADER+DLL/dll.dll
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
v2.0.50727
#Strings
<Module>
ITextStream
IWshRuntimeLibrary
IWshShell
IWshCollection
IWshEnvironment
IWshShell2
IWshShell3
IWshExec
WshExecStatus
__MIDL___MIDL_itf_iwshom_0001_0037_0001
IWshShortcut
IWshNetwork
IWshNetwork2
IWshURLShortcut
CompareMethod
IOMode
Tristate
FileAttribute
__MIDL___MIDL_itf_iwshom_0000_0000_0001
IFileSystem
IDriveCollection
IDrive
DriveTypeConst
__MIDL___MIDL_itf_iwshom_0000_0000_0002
IFolder
IFolderCollection
IFileCollection
SpecialFolderConst
__MIDL___MIDL_itf_iwshom_0000_0000_0003
IFileSystem3
StandardStreamTypes
__MIDL___MIDL_itf_iwshom_0000_0000_0004
FileSystemObjectClass
FileSystemObject
DriveClass
DrivesClass
Drives
FolderClass
Folder
FoldersClass
Folders
FileClass
FilesClass
TextStreamClass
TextStream
WshWindowStyle
__MIDL___MIDL_itf_iwshom_0001_0016_0001
WshShellClass
WshShell
IWshShell_ClassClass
IWshShell_Class
WshShortcutClass
WshShortcut
IWshShortcut_ClassClass
IWshShortcut_Class
WshNetworkClass
WshNetwork
IWshNetwork_ClassClass
IWshNetwork_Class
WshCollectionClass
WshCollection
IWshCollection_ClassClass
IWshCollection_Class
WshEnvironmentClass
WshEnvironment
IWshEnvironment_ClassClass
IWshEnvironment_Class
WshURLShortcutClass
WshURLShortcut
IWshURLShortcut_ClassClass
IWshURLShortcut_Class
WshExecClass
WshExec
mscorlib
Object
System
GuidAttribute
System.Runtime.InteropServices
TypeLibTypeAttribute
DispIdAttribute
IEnumerable
System.Collections
DefaultMemberAttribute
System.Reflection
IEnumerator
ComAliasNameAttribute
TypeLibFuncAttribute
DateTime
CoClassAttribute
ClassInterfaceAttribute
ImportedFromTypeLibAttribute
TypeLibVersionAttribute
get_Line
get_Column
get_AtEndOfStream
get_AtEndOfLine
Characters
ReadLine
ReadAll
WriteLine
WriteBlankLines
SkipLine
Column
AtEndOfStream
AtEndOfLine
get_SpecialFolders
get_Environment
Command
WindowStyle
WaitOnReturn
SecondsToWait
CreateShortcut
PathLink
ExpandEnvironmentStrings
RegRead
RegWrite
RegDelete
SpecialFolders
Environment
get_length
GetEnumerator
length
get_Item
set_Item
out_Value
Remove
LogEvent
Message
Target
AppActivate
SendKeys
get_CurrentDirectory
set_CurrentDirectory
out_Directory
CurrentDirectory
get_Status
get_StdIn
get_StdOut
get_StdErr
get_ProcessID
get_ExitCode
Terminate
Status
StdOut
StdErr
ProcessID
ExitCode
value__
WshRunning
WshFinished
WshFailed
get_FullName
get_Arguments
set_Arguments
out_Arguments
get_Description
set_Description
out_Description
get_Hotkey
set_Hotkey
out_HotKey
get_IconLocation
set_IconLocation
out_IconPath
set_RelativePath
get_TargetPath
set_TargetPath
out_Path
get_WindowStyle
set_WindowStyle
out_ShowCmd
get_WorkingDirectory
set_WorkingDirectory
out_WorkingDirectory
FullName
Arguments
Description
Hotkey
IconLocation
RelativePath
TargetPath
WorkingDirectory
get_UserDomain
get_UserName
get_UserProfile
get_ComputerName
get_Organization
get_Site
MapNetworkDrive
LocalName
RemoteName
UpdateProfile
UserName
Password
RemoveNetworkDrive
EnumNetworkDrives
AddPrinterConnection
RemovePrinterConnection
EnumPrinterConnections
SetDefaultPrinter
UserDomain
UserProfile
ComputerName
Organization
AddWindowsPrinterConnection
PrinterName
DriverName
BinaryCompare
TextCompare
DatabaseCompare
ForReading
ForWriting
ForAppending
TristateTrue
TristateFalse
TristateUseDefault
TristateMixed
Normal
ReadOnly
Hidden
Volume
Directory
Archive
Compressed
get_Drives
BuildPath
GetDriveName
GetParentFolderName
GetFileName
GetBaseName
GetExtensionName
GetAbsolutePathName
GetTempName
DriveExists
DriveSpec
FileExists
FileSpec
FolderExists
FolderSpec
GetDrive
GetFile
FilePath
GetFolder
FolderPath
GetSpecialFolder
SpecialFolder
DeleteFile
DeleteFolder
MoveFile
Source
Destination
MoveFolder
CopyFile
OverWriteFiles
CopyFolder
CreateFolder
CreateTextFile
FileName
Overwrite
Unicode
OpenTextFile
Create
Format
get_Count
get_Path
get_DriveLetter
get_ShareName
get_DriveType
get_RootFolder
get_AvailableSpace
get_FreeSpace
get_TotalSize
get_VolumeName
set_VolumeName
pbstrName
get_FileSystem
get_SerialNumber
get_IsReady
DriveLetter
ShareName
DriveType
RootFolder
AvailableSpace
FreeSpace
TotalSize
VolumeName
FileSystem
SerialNumber
IsReady
UnknownType
Removable
Remote
RamDisk
get_Name
set_Name
get_ShortPath
get_ShortName
get_Drive
get_ParentFolder
get_Attributes
set_Attributes
get_DateCreated
get_DateLastModified
get_DateLastAccessed
get_Type
Delete
get_IsRootFolder
get_Size
get_SubFolders
get_Files
ShortPath
ShortName
ParentFolder
Attributes
DateCreated
DateLastModified
DateLastAccessed
IsRootFolder
SubFolders
OpenAsTextStream
WindowsFolder
SystemFolder
TemporaryFolder
GetStandardStream
StandardStreamType
GetFileVersion
WshHide
WshNormalFocus
WshMinimizedFocus
WshMaximizedFocus
WshNormalNoFocus
WshMinimizedNoFocus
Interop.IWshRuntimeLibrary
IWshRuntimeLibrary.dll
System.Runtime.InteropServices.CustomMarshalers.EnumeratorToEnumVariantMarshaler, CustomMarshalers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
$53BAD8C1-E718-11CF-893D-00A0C9054228
$F935DC21-1CF0-11D0-ADB9-00C04FD58A0B
$F935DC27-1CF0-11D0-ADB9-00C04FD58A0B
$F935DC29-1CF0-11D0-ADB9-00C04FD58A0B
$24BE5A30-EDFE-11D2-B933-00104B365C9F
$41904400-BE18-11D3-A28B-00104BD35090
$08FED190-BE19-11D3-A28B-00104BD35090
 IWshRuntimeLibrary.WshExecStatus
$F935DC23-1CF0-11D0-ADB9-00C04FD58A0B
FullName
$F935DC25-1CF0-11D0-ADB9-00C04FD58A0B
$24BE5A31-EDFE-11D2-B933-00104B365C9F
$F935DC2B-1CF0-11D0-ADB9-00C04FD58A0B
$0AB5A3D0-E5B6-11D0-ABF5-00A0C90FFFC0
%IWshRuntimeLibrary.SpecialFolderConst
$C7C3F5A1-88A3-11D0-ABCB-00A0C90FFFC0
$C7C3F5A0-88A3-11D0-ABCB-00A0C90FFFC0
!IWshRuntimeLibrary.DriveTypeConst
$C7C3F5A2-88A3-11D0-ABCB-00A0C90FFFC0
 IWshRuntimeLibrary.FileAttribute
$C7C3F5A3-88A3-11D0-ABCB-00A0C90FFFC0
$C7C3F5A5-88A3-11D0-ABCB-00A0C90FFFC0
$C7C3F5A4-88A3-11D0-ABCB-00A0C90FFFC0
$2A0B9D10-4B87-11D3-A97A-00104B365C9F
&IWshRuntimeLibrary.StandardStreamTypes
$0D43FE01-F093-11CF-8940-00A0C9054228
(IWshRuntimeLibrary.FileSystemObjectClass
$C7C3F5B1-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.DriveClass
$C7C3F5B2-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.DrivesClass
$C7C3F5B3-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.FolderClass
$C7C3F5B4-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.FoldersClass
$C7C3F5B5-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.FileClass
$C7C3F5B6-88A3-11D0-ABCB-00A0C90FFFC0
IWshRuntimeLibrary.FilesClass
$0BB02EC0-EF49-11CF-8940-00A0C9054228
"IWshRuntimeLibrary.TextStreamClass
$F935DC1F-1CF0-11D0-ADB9-00C04FD58A0B
$72C24DD5-D70A-438B-8A42-98424B88AFB8
 IWshRuntimeLibrary.WshShellClass
$F935DC22-1CF0-11D0-ADB9-00C04FD58A0B
'IWshRuntimeLibrary.IWshShell_ClassClass
$A548B8E4-51D5-4661-8824-DAA1D893DFB2
#IWshRuntimeLibrary.WshShortcutClass
$F935DC24-1CF0-11D0-ADB9-00C04FD58A0B
*IWshRuntimeLibrary.IWshShortcut_ClassClass
$093FF999-1EA0-4079-9525-9614C3504B74
"IWshRuntimeLibrary.WshNetworkClass
$F935DC26-1CF0-11D0-ADB9-00C04FD58A0B
)IWshRuntimeLibrary.IWshNetwork_ClassClass
$387DAFF4-DA03-44D2-B0D1-80C927C905AC
%IWshRuntimeLibrary.WshCollectionClass
$F935DC28-1CF0-11D0-ADB9-00C04FD58A0B
,IWshRuntimeLibrary.IWshCollection_ClassClass
$F48229AF-E28C-42B5-BB92-E114E62BDD54
&IWshRuntimeLibrary.WshEnvironmentClass
$F935DC2A-1CF0-11D0-ADB9-00C04FD58A0B
-IWshRuntimeLibrary.IWshEnvironment_ClassClass
$50E13488-6F1E-4450-96B0-873755403955
&IWshRuntimeLibrary.WshURLShortcutClass
$F935DC2C-1CF0-11D0-ADB9-00C04FD58A0B
-IWshRuntimeLibrary.IWshURLShortcut_ClassClass
$08FED191-BE19-11D3-A28B-00104BD35090
IWshRuntimeLibrary.WshExecClass
$f935dc20-1cf0-11d0-adb9-00c04fd58a0b
IWshRuntimeLibrary
_CorDllMain
mscoree.dll