95a54481095f4715856df25b13fbe88b5bb11fc4c5f0252b5dc595e41bc8acb2

Sharing

Copy URL

Twitter E-mail

General

Target

95a54481095f4715856df25b13fbe88b5bb11fc4c5f0252b5dc595e41bc8acb2
Size

731KB
MD5

908bfad0cf50a00d74dfeb62c4b26430
SHA1

2cdcd90ec3aa414f7dd10c2cba6a5a3bd79298be
SHA256

95a54481095f4715856df25b13fbe88b5bb11fc4c5f0252b5dc595e41bc8acb2
SHA512

94de3f0f265c35c2db6c48f80085e0e1e8da21ddf0d35c147e6a5b2d7faa6fbbb20d27e1717a6f1b468e4b0f3cf904868a279e3438085fd0fbf19367fffeb0b4
SSDEEP

12288:zW7hnwMbb3IVFF7bR+s2X2uNqL8s9ilY72t5fkVxnQM:16b3sFas29qLnMlYazcxnQM

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

95a54481095f4715856df25b13fbe88b5bb11fc4c5f0252b5dc595e41bc8acb2
.exe windows x86

7019b396e0f78c3a90598f71cbe9b102

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:8a:8b:c0:b5:b8:df:88:bc:c7:11:b3:fd:a5:59:7d
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

10/08/2015, 00:00

Not After

09/08/2016, 23:59

Subject

CN=OOO \"PERVAYA LIGA\",O=OOO \"PERVAYA LIGA\",POSTALCODE=197110,STREET=PETROVSKAYA KOSA\, 9,L=Saint-Petersburg,ST=Saint-Petersburg,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

10:3c:ee:1c:78:b9:93:c7:e0:9e:0d:ab:c6:ca:1e:a4:dd:a5:7d:d0
Signer

Actual PE Digest

10:3c:ee:1c:78:b9:93:c7:e0:9e:0d:ab:c6:ca:1e:a4:dd:a5:7d:d0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=OOO \"PERVAYA LIGA\",O=OOO \"PERVAYA LIGA\",POSTALCODE=197110,STREET=PETROVSKAYA KOSA\, 9,L=Saint-Petersburg,ST=Saint-Petersburg,C=US

18/10/2022, 20:53
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

IsDialogMessageW
GetNextDlgTabItem
GetClipboardFormatNameA
GetWindowInfo
SetCapture
RegisterWindowMessageA
GetLastInputInfo
CharToOemW
DrawTextExW
GetDlgCtrlID
GetSubMenu
ReleaseDC
DlgDirListW
GetWindowPlacement
ScreenToClient
GetMonitorInfoW
SetProcessWindowStation
GetKeyboardLayoutNameA
IsCharUpperA
OemKeyScan
LoadMenuIndirectA
GetMenuItemID
GetMenuStringA
TranslateAcceleratorW
IsCharAlphaA
SetCursorContents
SetClassWord
SetScrollInfo
RealGetWindowClassA
SetKeyboardState
SetWindowTextW
AppendMenuW
CheckDlgButton
GetClipboardData
PostThreadMessageA
TranslateMessageEx
CheckMenuItem
DestroyCaret
LoadCursorFromFileW
IsCharLowerW
DefFrameProcW
SetCaretBlinkTime
LoadIconA
GetCaretPos
GetUpdateRgn
TileChildWindows
GetDlgItem
GetMenuItemCount
UnregisterHotKey
ModifyMenuA
DefWindowProcA
SetMenuInfo
WindowFromDC
OpenInputDesktop
GetMenuStringW
UpdateWindow
LoadCursorA
DrawFrameControl
LoadBitmapA
OpenDesktopW
SendMessageW
ScrollWindowEx
CreateMenu
ShowStartGlass
GetActiveWindow
DispatchMessageW
LoadIconW
SendMessageCallbackA
GetPropA
CreateCaret
EnumPropsExA
GetInternalWindowPos
DrawFrame
ShowCursor
CreateCursor
IsWindowEnabled
SetProgmanWindow
CreateDialogIndirectParamA
SetMenu
GetThreadDesktop
GetScrollRange
TabbedTextOutW
SendMessageTimeoutA
ScrollChildren
AdjustWindowRect
GetKeyboardState
SubtractRect
wsprintfA
EnumDesktopWindows
IsWindowUnicode
LockWorkStation
BringWindowToTop
RemovePropA
SetWindowWord
CloseWindowStation
MenuWindowProcA
SendInput
SetCursor
DrawEdge
SendDlgItemMessageA
RegisterDeviceNotificationA
PeekMessageA
LoadAcceleratorsW
GetNextDlgGroupItem
TrackPopupMenu
PtInRect
SetWindowRgn
GetClassNameA
LockWindowUpdate
GetMenu
CopyAcceleratorTableA
SetWindowContextHelpId
OpenDesktopA
GetScrollPos
LoadCursorW
ToUnicodeEx
SystemParametersInfoW
UnlockWindowStation
SystemParametersInfoA
DlgDirListA
CharToOemA
RemovePropW
ShowWindowAsync
SetWindowPlacement
EnumDisplayMonitors
DlgDirSelectExA
SetTimer
GetScrollInfo
GetGuiResources
UnionRect
EnumWindowStationsW
GetDCEx
GetProcessWindowStation
TabbedTextOutA
GetTopWindow
MapVirtualKeyExA
SendMessageCallbackW
IsGUIThread
GetMouseMovePointsEx
GetTabbedTextExtentA
SetMenuItemBitmaps
GetDlgItemTextW
SetWindowsHookW
SetWindowsHookA
ChildWindowFromPoint
DrawStateA
CharToOemBuffA
MessageBoxExA
EnableMenuItem
GetGUIThreadInfo
DialogBoxParamW
SetRect
FindWindowExA
RegisterHotKey
IsCharAlphaW
GetKeyNameTextW
InvalidateRgn
GetWindowTextLengthA
ChildWindowFromPointEx
CallWindowProcA
MessageBoxIndirectW
SetMessageExtraInfo
GetFocus
DefDlgProcA
EmptyClipboard
GetClipCursor
SetMenuItemInfoA
IsChild
ToUnicode
SwitchDesktop
PostQuitMessage
GetClassInfoExA
EnumThreadWindows
ValidateRect
RegisterClipboardFormatW
DrawStateW
FindWindowW
PrivateExtractIconExA
SetParent
GetMenuBarInfo
AnyPopup
FindWindowExW
LoadImageA
SetMenuContextHelpId
AttachThreadInput
GetCaretBlinkTime
InsertMenuA
MonitorFromPoint
SwapMouseButton
SetScrollRange
DrawTextExA
IsIconic
PostThreadMessageW
GetMenuInfo
ShowOwnedPopups
GetLastActivePopup
GetWindowTextA
SetWindowTextA
DrawCaptionTempW
SendDlgItemMessageW
GetProgmanWindow
CharPrevW
GetDialogBaseUnits
PeekMessageW
UnhookWindowsHook
SetMenuItemInfoW
CharNextW
CharPrevExA
GetScrollBarInfo
CharPrevA
DefDlgProcW
MonitorFromRect
AppendMenuA
SetWindowPos
GetUserObjectInformationW
FlashWindowEx
ExitWindowsEx
RegisterWindowMessageW
DrawCaption
MessageBoxW
BlockInput
MenuItemFromPoint
FindWindowA
DragObject
GetClassLongA
TranslateAcceleratorA
SendMessageTimeoutW
InsertMenuItemW
GetUserObjectInformationA
LoadStringW
DefWindowProcW
LoadMenuA
GetMessageExtraInfo
CharUpperW
AllowForegroundActivation
GetWindowRect
CreateMDIWindowA
EnumDesktopsA
GetDlgItemTextA
InsertMenuItemA
InsertMenuW
EnumDesktopsW
GetMessagePos
GetClassNameW
GetSysColor
CloseWindow
CreateMDIWindowW
GetWindowLongA
DrawIcon
CharLowerW
GetAltTabInfoA
SetDeskWallpaper
MapVirtualKeyW
GetIconInfo
IsMenu
FrameRect
IsRectEmpty
IsDlgButtonChecked
OemToCharW
EnumPropsExW
UnloadKeyboardLayout
SetDoubleClickTime
GetDlgItemInt
BroadcastSystemMessageExW
GetShellWindow
GetMenuItemInfoA
GetWindowLongW
IsHungAppWindow
CopyAcceleratorTableW
SetSysColors
GetCursorInfo
EditWndProc
SetLayeredWindowAttributes
DeleteMenu
IntersectRect
RedrawWindow
PaintDesktop
EnableScrollBar
AnimateWindow
CascadeChildWindows
SetThreadDesktop
ToAsciiEx
SetClassLongW
IsZoomed
PostMessageA
GetSystemMetrics
LoadKeyboardLayoutA
DispatchMessageA
GetCursor
MonitorFromWindow
GetMenuItemRect
MessageBoxTimeoutW
AlignRects
GetWindowWord
RegisterClassExW
GetAltTabInfoW
RegisterClassA
MessageBeep
ClipCursor
GetUpdateRect
SendNotifyMessageA
GetListBoxInfo
EnumPropsA
CheckRadioButton
UnregisterDeviceNotification
CallWindowProcW
DestroyMenu
GetInputState
IsWindow
CreatePopupMenu
DestroyIcon
SetActiveWindow
SetScrollPos
BroadcastSystemMessageExA
DragDetect
MessageBoxTimeoutA
LoadKeyboardLayoutW
GetCapture
FillRect
GetKeyNameTextA
GetClassInfoExW
SwitchDesktop

kernel32

SetThreadPriority
FreeResource
GetConsoleKeyboardLayoutNameW
EnumLanguageGroupLocalesW
GetModuleFileNameA
InterlockedExchangeAdd
WaitCommEvent
DeleteAtom
BeginUpdateResourceW
SuspendThread
IsProcessInJob
SetErrorMode
SetVolumeMountPointW
FindNextFileW
CreateActCtxW
ExitProcess
GetConsoleProcessList
SetLastConsoleEventActive
GlobalAddAtomA
GetSystemDefaultLangID
SetTapeParameters
ScrollConsoleScreenBufferA
CreateTapePartition
lstrcpynW
lstrcmpiA
CreateMemoryResourceNotification
SetInformationJobObject
ReplaceFileW
RtlCaptureStackBackTrace
SetFileValidData
GetConsoleWindow
GetDriveTypeA
OpenJobObjectW
GetProcessVersion
CreateJobObjectW
SetLocaleInfoW
MoveFileA
GlobalWire
QueryPerformanceFrequency
ChangeTimerQueueTimer
GetCPInfoExA
GetFileInformationByHandle
SystemTimeToFileTime
LZCreateFileW
GetProfileStringW
GetUserDefaultUILanguage
InterlockedDecrement
GetCommModemStatus
PrivMoveFileIdentityW
ScrollConsoleScreenBufferW
GetCurrentDirectoryW
CreateThread
SetDefaultCommConfigA
EnumResourceNamesW
QueryActCtxW
GetFileSize
ExpandEnvironmentStringsA
QueryPerformanceCounter
GetConsoleAliasesW
GetUserDefaultLangID
GetUserGeoID
SetThreadLocale
GetExitCodeProcess
FindCloseChangeNotification
lstrcpyn
GetModuleHandleW
HeapUnlock
lstrlenW
EnumCalendarInfoA
GetBinaryTypeW
EnumCalendarInfoExW
FindFirstChangeNotificationA
EraseTape
AddRefActCtx
GetCalendarInfoW
ReleaseSemaphore
GetProcessTimes
VerifyVersionInfoA
GetFileSizeEx
EnumDateFormatsW
GetFileAttributesA
MultiByteToWideChar
TzSpecificLocalTimeToSystemTime
LZOpenFileA
SetMailslotInfo
ReadConsoleInputA
DeleteFileA
CopyFileExA
FindResourceExA
BeginUpdateResourceA
WriteProfileSectionA
GlobalFix
CreateProcessA
OutputDebugStringA
AddAtomW
lstrcpy
EnterCriticalSection
Heap32ListFirst
AllocateUserPhysicalPages
AttachConsole
QueryDosDeviceW
WinExec
GetTimeFormatW
DisconnectNamedPipe
GetEnvironmentVariableA
SetEnvironmentVariableA
SetFileApisToOEM
SetDefaultCommConfigW
ReadConsoleInputW
GetProfileIntW
lstrcmpiW
UnlockFile
GetStdHandle
LockResource
SetWaitableTimer
OpenSemaphoreW
ResetEvent
SearchPathW
SetTimeZoneInformation
CopyLZFile
GetExpandedNameA
ReadConsoleOutputAttribute
UpdateResourceW
GetLocaleInfoW
AssignProcessToJobObject
LocalFree
GetAtomNameA
WideCharToMultiByte
HeapWalk
CreateTimerQueue
GetConsoleDisplayMode
ReadConsoleOutputCharacterA
GetStringTypeExW
GetCommState
GetNativeSystemInfo
GetDiskFreeSpaceA
OpenEventA
GetOverlappedResult
RegisterWowExec
GetConsoleInputWaitHandle
GetHandleContext
WaitNamedPipeA
WriteConsoleOutputCharacterW
GetCurrentThread
CreateFileMappingW
WaitForDebugEvent
lstrlen
GetCommConfig
GetVolumeNameForVolumeMountPointW
GetProcessHeaps
GlobalFindAtomW
UnregisterWaitEx
GlobalFindAtomA
ExitThread
EnumUILanguagesA
LocalAlloc
GetVersion
RegisterWaitForSingleObject
GetProfileSectionW
CreatePipe
SetProcessPriorityBoost
MoveFileWithProgressA
FlushFileBuffers
PeekConsoleInputA
SetFileShortNameW
OpenWaitableTimerA
SetFileTime
GetCompressedFileSizeW
WaitForMultipleObjects
SetCommMask
AddConsoleAliasW
WritePrivateProfileSectionA
CreateConsoleScreenBuffer
LocalUnlock
RestoreLastError
OpenWaitableTimerW
IsProcessorFeaturePresent
lstrcmpi
ConsoleMenuControl
GetShortPathNameA
LocalSize
WaitForSingleObjectEx
GlobalUnWire
SetHandleInformation
PrepareTape
CreateEventA
ConvertDefaultLocale
GlobalCompact
IsValidLanguageGroup
GetStringTypeExA
GlobalMemoryStatusEx
GetConsoleTitleA
ReadConsoleOutputA
IsWow64Process
ReadConsoleOutputW
GetSystemTimeAsFileTime
GetCurrentConsoleFont
GetLongPathNameA
OpenJobObjectA
WritePrivateProfileStructW
UnmapViewOfFile
CreateFileA
CreateWaitableTimerA
DosPathToSessionPathW
WriteConsoleInputA
GetConsoleCursorMode
GetPrivateProfileIntA
CompareStringW
CancelIo
RtlFillMemory
DisableThreadLibraryCalls
IsBadCodePtr
CopyFileA
VirtualLock
GetTickCount
IsDBCSLeadByte
SearchPathA
EnumResourceTypesA
GetDiskFreeSpaceW
FindFirstFileA
SetSystemPowerState
DebugBreak
IsDBCSLeadByteEx
UnhandledExceptionFilter
UnregisterWait
FindNextChangeNotification
GlobalFlags
SetProcessShutdownParameters
MapUserPhysicalPages
CopyFileW
FindAtomW
LCMapStringA
WritePrivateProfileSectionW
FindActCtxSectionStringW
TlsGetValue
CreateFileW
RtlZeroMemory
lstrcpynA
lstrcatW
LZOpenFileW
IsValidCodePage
GetConsoleInputExeNameA
GlobalLock
EndUpdateResourceA
GetVersionExA
GetTapeStatus
RequestDeviceWakeup
FindFirstChangeNotificationW
GetWriteWatch
IsBadWritePtr
GetModuleHandleExW
GetLogicalDriveStringsW
GlobalGetAtomNameA
GetEnvironmentStrings
LZClose
IsBadReadPtr
WriteProfileStringA
SetFilePointer
PulseEvent
GetVolumeInformationA
FindResourceExW
DeactivateActCtx
InterlockedCompareExchange
SetCommState
ReleaseMutex
FlushConsoleInputBuffer
GetSystemTimeAdjustment
SetTapePosition
DeleteCriticalSection
GetEnvironmentStringsW
GetComputerNameExW
GetCommProperties
LocalFlags
GetExitCodeThread
ReadFileScatter
GetCurrencyFormatW
CompareStringA
LZCopy
EnumCalendarInfoExA
SetThreadUILanguage
DosPathToSessionPathA
ShowConsoleCursor
CreateDirectoryA
GetStartupInfoW
LZRead
PeekNamedPipe
ReadConsoleInputExW
ReadDirectoryChangesW
CreateJobObjectA
IsBadStringPtrA
GetTapeParameters
CreateProcessInternalA
GetConsoleAliasesA
GetACP
SetCommConfig
TransactNamedPipe
BuildCommDCBA
GetConsoleFontInfo
DeleteTimerQueue
LocalHandle
FindFirstFileW
FindFirstFileExW
GetConsoleTitleW
SetEvent
ExpandEnvironmentStringsW
SetStdHandle
LockFile
GetThreadTimes
GetVolumeNameForVolumeMountPointA
IsBadStringPtrW
VirtualUnlock
GetCompressedFileSizeA
GetLongPathNameW
WriteProfileStringW
SignalObjectAndWait
EnumResourceNamesA
GetVersionExW
CreateHardLinkA
MoveFileW
OpenFileMappingW
GetGeoInfoA
LocalFileTimeToFileTime
GetSystemDefaultUILanguage
CallNamedPipeW
WriteConsoleOutputW
FindFirstVolumeA
GetMailslotInfo
CreateSemaphoreW
SetVolumeMountPointA
BackupSeek
QueueUserWorkItem
FindClose
GetTapePosition
ReadConsoleW
BuildCommDCBAndTimeoutsW
FreeEnvironmentStringsA
HeapQueryInformation
GetThreadSelectorEntry
GlobalUnlock
OutputDebugStringW
EnumTimeFormatsA
IsBadHugeReadPtr
GlobalUnfix
GetThreadPriority
GetLocaleInfoA
HeapReAlloc
SetFileAttributesW
EnumDateFormatsExA
FileTimeToLocalFileTime
UnlockFileEx
SetUnhandledExceptionFilter
CancelDeviceWakeupRequest
SetTimerQueueTimer
HeapDestroy
CreateNamedPipeW
EnumTimeFormatsW
WriteTapemark
RemoveDirectoryA
GetSystemTime
FindNextVolumeW
GetProcessIoCounters
WriteConsoleW
FormatMessageA
FindNextFileA
GetNumberFormatW
LoadResource
DelayLoadFailureHook
ResetWriteWatch
SetCommBreak
GetCPInfoExW
GetCommandLineA
SetCurrentDirectoryA
CreateSocketHandle
GetCurrentThreadId
GetProfileIntA
GetDateFormatW
GetPrivateProfileSectionA
FreeLibrary
FindFirstVolumeW
GetSystemDefaultLangID
GetLargestConsoleWindowSize
DebugActiveProcess
QueryPerformanceFrequency
LoadLibraryExA
LocalAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

comdlg32

ChooseColorA
FindTextW
ReplaceTextW
GetOpenFileNameW
ChooseColorW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PrintDlgW
PrintDlgExA
LoadAlterBitmap
dwOKSubclass
FindTextA
GetFileTitleA
PrintDlgA
ChooseFontA
GetOpenFileNameA

oleaut32

CreateErrorInfo
VarDecCmpR8
DispGetParam
VarUI1FromStr
VariantCopyInd
VarDecFromI2
CreateTypeLib
VarUI2FromI8
VarI4FromR8
VarBoolFromI1
SysFreeString
VarDecFromDate
VARIANT_UserUnmarshal
SafeArrayPutElement
RegisterTypeLib
VarI8FromR4
VarUI4FromR4
VarUI1FromR4
LPSAFEARRAY_UserUnmarshal
VarI2FromR4
VarCyFix
BstrFromVector
VarUI2FromR8
VarUI4FromBool
VarR4FromCy
VarBstrCmp
VarDateFromR8
SafeArrayLock
OleSavePictureFile
VarFormatFromTokens
VarR8FromUI1
GetErrorInfo
VarMul
VarDecFromR8
VarCyFromR8
SafeArrayCreateVectorEx
VarI8FromR8
VarDecFromUI8
VarBstrFromR8
VarI8FromBool
OleCreatePropertyFrame
VarR8FromCy
VarRound
SafeArrayGetDim
VarI8FromDisp
SetErrorInfo
VarBstrFromCy
VarUI4FromI2
VarCyFromStr
VarEqv
VarDecRound
BSTR_UserMarshal
VarCat
OleCreateFontIndirect
VarUI8FromDec
VarUI1FromR8
VarCyFromI4
VarUI1FromI1
VarDateFromBool
VarI2FromDisp
VarBoolFromR4
VarUI1FromI8
OleTranslateColor
VarI4FromI1
VarR4FromDate
VarR4FromUI4
VarBstrFromDec
VarDateFromDec
VarCyCmpR8
VARIANT_UserFree
VarBstrFromUI1
VarI4FromDate
SafeArrayAllocDescriptorEx
VarDateFromUI1
DispInvoke
VarR8FromI1
VarR4FromR8
VarDiv
DispCallFunc
VarUI8FromDate
VarI1FromR4
VarI2FromUI8
LHashValOfNameSys
VarDateFromUI8
VarDecFromI8
VarR4FromBool
VarFormatNumber
VarR4FromDec
VarBoolFromStr
VarR8FromI4
SafeArraySetIID
VarAdd
VarI2FromCy
LPSAFEARRAY_UserSize
VarI4FromDec

comctl32

FlatSB_GetScrollPos
ImageList_SetIconSize
ImageList_Merge
ImageList_GetImageCount
FlatSB_GetScrollInfo
ImageList_BeginDrag
CreateStatusWindow
PropertySheet
FlatSB_SetScrollProp
FlatSB_GetScrollProp
CreateToolbar
ImageList_Destroy
ImageList_LoadImageA
ImageList_LoadImage
LBItemFromPt
InitCommonControls
ImageList_Duplicate
FlatSB_GetScrollRange
MakeDragList
PropertySheetA
ImageList_GetFlags
ImageList_Create

gdi32

ExtTextOutW
GdiGetPageCount
GetWorldTransform
GetEnhMetaFileDescriptionW
GetCharABCWidthsA
GetPath
GdiPlayJournal
EnumFontFamiliesExW
GdiConsoleTextOut
TextOutA
EndDoc
Pie
RemoveFontResourceW
GdiConvertToDevmodeW
StretchBlt
CreateCompatibleDC
UnloadNetworkFonts
GdiFixUpHandle
GetGraphicsMode
CreateFontA
CreateEllipticRgn
GdiEndPageEMF
GdiGradientFill
GetFontUnicodeRanges
GetROP2
BitBlt
MirrorRgn
AnyLinkedFonts
SetLayoutWidth
GetCharWidthW
CombineRgn
CreateCompatibleBitmap
UnrealizeObject
EngLoadModule
GetLogColorSpaceW
GdiConvertPalette
GetClipBox
GetObjectW
GetClipRgn
CloseMetaFile
CreateMetaFileW
GetDCBrushColor
GetBitmapBits
GetTextExtentPoint32A
EngCreateSemaphore
BRUSHOBJ_ulGetBrushColor
GetLayout
GetRasterizerCaps
CreateScalableFontResourceW
FONTOBJ_cGetGlyphs
GdiConvertDC

Sections

CODE
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 745B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata0
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata1
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX0
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7019b396e0f78c3a90598f71cbe9b102

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

5f:8a:8b:c0:b5:b8:df:88:bc:c7:11:b3:fd:a5:59:7dCertificate

Extended Key Usages

Key Usages

10:3c:ee:1c:78:b9:93:c7:e0:9e:0d:ab:c6:ca:1e:a4:dd:a5:7d:d0Signer

Signature Validations

Verification

18/10/2022, 20:53 Valid: false

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

oleaut32

comctl32

gdi32

Sections

CODE Size: 495KB - Virtual size: 494KB

DATA Size: 14KB - Virtual size: 13KB

BSS Size: - Virtual size: 745B

.idata Size: 20KB - Virtual size: 20KB

.rdata0 Size: 45KB - Virtual size: 45KB

.tls Size: 512B - Virtual size: 24B

.rdata1 Size: 76KB - Virtual size: 75KB

UPX0 Size: 11KB - Virtual size: 10KB

.rsrc Size: 62KB - Virtual size: 62KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

5f:8a:8b:c0:b5:b8:df:88:bc:c7:11:b3:fd:a5:59:7d
Certificate

10:3c:ee:1c:78:b9:93:c7:e0:9e:0d:ab:c6:ca:1e:a4:dd:a5:7d:d0
Signer

18/10/2022, 20:53
Valid: false

CODE
Size: 495KB - Virtual size: 494KB

DATA
Size: 14KB - Virtual size: 13KB

BSS
Size: - Virtual size: 745B

.idata
Size: 20KB - Virtual size: 20KB

.rdata0
Size: 45KB - Virtual size: 45KB

.tls
Size: 512B - Virtual size: 24B

.rdata1
Size: 76KB - Virtual size: 75KB

UPX0
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 62KB - Virtual size: 62KB