General

Malware Config

Signatures

Files

• dcf55c3817c98cb1b0092311f51d10154f501349611a8dcea2267c0424b935e6

  .exe windows x86

  8fb3671cab2050124d971575d125dfc6

  
  

  Code Sign

  74:37:4d:78:a1:fa:25:43:bd:72:24:e3:e1:85:4a:92

  Certificate

  Issuer

  CN=JRONWIMCXMCTRNTHUQ

  Not Before

  02-10-2020 15:47

  Not After

  31-12-2039 23:59

  Subject

  CN=JRONWIMCXMCTRNTHUQ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  7b:ad:06:f6:8f:e1:6c:b1:a9:90:78:b2:dc:73:50:fb:e2:0e:23:e2

  Signer

  Actual PE Digest

  7b:ad:06:f6:8f:e1:6c:b1:a9:90:78:b2:dc:73:50:fb:e2:0e:23:e2

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=JRONWIMCXMCTRNTHUQ

  07-05-2022 02:02

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualFree

  VirtualAlloc

  UnmapViewOfFile

  TerminateThread

  TerminateProcess

  SystemTimeToFileTime

  SuspendThread

  Sleep

  SizeofResource

  SetThreadPriority

  SetThreadContext

  SetThreadAffinityMask

  SetPriorityClass

  SetLastError

  SetFilePointer

  SetEvent

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  ReleaseSemaphore

  ReleaseMutex

  ReadProcessMemory

  ReadFile

  QueryPerformanceFrequency

  QueryPerformanceCounter

  OpenProcess

  OpenMutexW

  OpenFileMappingA

  OpenEventA

  MultiByteToWideChar

  MulDiv

  MoveFileW

  MapViewOfFile

  LockResource

  LocalFree

  LocalAlloc

  LoadResource

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryA

  LoadLibraryW

  LeaveCriticalSection

  InitializeCriticalSection

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalHandle

  GlobalLock

  GlobalFree

  GlobalFindAtomW

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GetVolumeInformationA

  GetVersionExA

  GetVersionExW

  GetVersion

  GetTimeZoneInformation

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetThreadContext

  GetTempPathW

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryA

  GetSystemDirectoryW

  GetStartupInfoW

  GetProcessVersion

  GetProcessHeap

  GetProcessAffinityMask

  GetProcAddress

  GetPriorityClass

  GetModuleHandleA

  GetModuleHandleW

  GetModuleFileNameA

  GetModuleFileNameW

  GetLogicalDrives

  GetLogicalDriveStringsW

  GetLocaleInfoW

  GetLastError

  GetFileSize

  GetFileAttributesA

  GetFileAttributesW

  GetExitCodeThread

  GetExitCodeProcess

  GetDriveTypeW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameW

  GetCommandLineA

  GetACP

  FreeResource

  InterlockedIncrement

  InterlockedExchange

  InterlockedDecrement

  FreeLibrary

  FormatMessageA

  FormatMessageW

  FlushViewOfFile

  FlushFileBuffers

  FindResourceA

  FindResourceW

  FindNextFileW

  FindFirstFileA

  FindFirstFileW

  FindClose

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  ExitProcess

  EnumResourceNamesW

  EnterCriticalSection

  DuplicateHandle

  DisconnectNamedPipe

  DeleteFileW

  DeleteCriticalSection

  CreateThread

  CreateSemaphoreW

  CreateProcessW

  CreateNamedPipeW

  CreateMutexA

  CreateMutexW

  CreateFileMappingA

  CreateFileMappingW

  CreateFileA

  CreateFileW

  CreateEventA

  CreateEventW

  CopyFileW

  ConnectNamedPipe

  CompareStringW

  CloseHandle

  CancelIo

  user32

  CallNextHookEx

  GetActiveWindow

  SetWindowsHookExW

  UnhookWindowsHookEx

  SendDlgItemMessageW

  GetDlgItemTextW

  SendMessageW

  SetFocus

  WinHelpW

  DialogBoxParamW

  CharUpperW

  ExitWindowsEx

  SetDlgItemTextW

  EndDialog

  PostMessageW

  GetDlgItem

  MessageBoxW

  wsprintfW

  LoadStringW

  EnableWindow

  LoadCursorFromFileA

  CreateMenu

  GetClipboardViewer

  CountClipboardFormats

  LoadIconA

  gdi32

  GetStockObject

  advapi32

  RegOpenKeyW

  RegQueryValueExA

  Sections

  .text

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  g2112

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  g211

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  g21

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 420KB - Virtual size: 419KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  g1

  Size: 98KB - Virtual size: 97KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  g21126

  Size: 98KB - Virtual size: 97KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  g21125

  Size: 98KB - Virtual size: 97KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  g21124

  Size: 98KB - Virtual size: 97KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  g21123

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  g21122

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 165KB - Virtual size: 164KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ