b085f4d253f4df1ef2f4a737ee7fa5b9df1ae5edfc016d3b2fa91d979444b80d

Sharing

Copy URL Twitter E-mail

General

Target

b085f4d253f4df1ef2f4a737ee7fa5b9df1ae5edfc016d3b2fa91d979444b80d
Size

914KB
MD5

23740e40377cd8d1a9b7f27cb1622070
SHA1

6801450efb0f87f68292717b45e35fb1415b7e9f
SHA256

b085f4d253f4df1ef2f4a737ee7fa5b9df1ae5edfc016d3b2fa91d979444b80d
SHA512

8bf65d94a20a15f26611e438d36d2c41173ec04d0a1d3287902f52aa84299e499a8d63430b730a92a528fcf9d1a36fea5175148c15f6ca7b29bb48e10d90f424
SSDEEP

24576:MsHFe3xGNTLqRdSd4b3+cW481CGGJG+JN6K5:te3sgRN3+hAzJAW

Score

N/A

Malware Config

Signatures

Files

b085f4d253f4df1ef2f4a737ee7fa5b9df1ae5edfc016d3b2fa91d979444b80d
.exe windows x86

dffdc48563145ff163b8a7f8dae162cc

Code Sign

41:79:ea:1b:ec:59:d4:ca:7e:66:86:28:32:55:54:80
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

24/09/2014, 00:00

Not After

24/09/2015, 23:59

Subject

CN=Evgen Kugitko,OU=Individual Developer,O=No Organization Affiliation,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

c4:55:7a:a0:c2:21:f9:e2:f5:01:bf:74:81:e5:8f:fa:29:62:80:29
Signer

Actual PE Digest

c4:55:7a:a0:c2:21:f9:e2:f5:01:bf:74:81:e5:8f:fa:29:62:80:29

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Evgen Kugitko,OU=Individual Developer,O=No Organization Affiliation,L=Kiev,ST=Kiev,C=UA

04/11/2022, 15:41
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualAlloc
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetFileAttributesA
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationA
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetTempPathA
GetSystemInfo
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetExitCodeThread
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetComputerNameA
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageA
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
CloseHandle
Sleep
WriteConsoleOutputAttribute
GetCPInfoExA
lstrlenW
GetDriveTypeA
HeapSetInformation
AddRefActCtx
GetCurrencyFormatW
BeginUpdateResourceW
GetCPInfoExW
SetEnvironmentVariableA
GetFileSizeEx
GetSystemDefaultUILanguage
ScrollConsoleScreenBufferA
OpenFileMappingW
ScrollConsoleScreenBufferA
Sleep
SetUserGeoID
WaitForSingleObject
SetFileApisToOEM
SetMailslotInfo
TryEnterCriticalSection
GetNumberFormatA
GetCurrentActCtx
GlobalWire
CreateJobSet
SetLocalTime
GlobalUnWire
RtlCaptureStackBackTrace
GlobalFree
OpenFile
RtlCaptureContext
GetProcessTimes
QueryPerformanceCounter
GetPrivateProfileSectionNamesW
GetCommModemStatus
SetEndOfFile
GetPrivateProfileSectionW
WriteProfileStringW
EnumDateFormatsExW
SetFileApisToANSI
QueryMemoryResourceNotification
FoldStringA
GetTickCount
DeleteVolumeMountPointA
IsBadStringPtrW
EnumResourceNamesW
GetProfileSectionW
DelayLoadFailureHook
LZClose
UnmapViewOfFile
DosPathToSessionPathA
GlobalWire
ShowConsoleCursor
GetCurrentThread
SetErrorMode
SetFilePointer
lstrcpyA
GetPrivateProfileSectionA
ChangeTimerQueueTimer
PulseEvent
GetConsoleHardwareState
GetProfileIntA
GlobalAlloc
TlsSetValue
UnregisterWaitEx
OpenFile
EnumResourceLanguagesA
GetThreadSelectorEntry
GetSystemDefaultUILanguage
UnhandledExceptionFilter
WritePrivateProfileStructA
ReplaceFileW
GetPrivateProfileIntA
VerLanguageNameW
GetThreadPriorityBoost
FatalAppExitA
SetProcessShutdownParameters
CloseHandle
GlobalFix
IsBadWritePtr
FindActCtxSectionStringA
IsDBCSLeadByteEx
HeapSetInformation
ReadConsoleOutputW
InterlockedExchangeAdd
CreateEventW
BuildCommDCBAndTimeoutsW
InterlockedExchange
FatalAppExitW
SetCurrentDirectoryA
GetPrivateProfileSectionNamesW
ReleaseMutex
GetConsoleMode
QueryMemoryResourceNotification
OpenFileMappingA
AddConsoleAliasW
RegisterWaitForInputIdle
lstrcmpW
GetCPInfo
WriteFileGather
FileTimeToDosDateTime
IsWow64Process
FindFirstVolumeMountPointW
HeapReAlloc
HeapSize
DefineDosDeviceA
IsProcessorFeaturePresent
ReleaseActCtx
GetConsoleFontInfo
lstrcpynA
WriteFileEx
EnumCalendarInfoExA
IsValidCodePage
GetConsoleCursorMode
SetSystemTime
SetCommBreak
SetFileAttributesA
VirtualQuery
FindActCtxSectionStringW
CreateNamedPipeW
MultiByteToWideChar
HeapQueryInformation
UnlockFile
RtlMoveMemory
GetCPInfoExA
FindFirstFileA
RtlZeroMemory
LocalReAlloc
VerifyVersionInfoW
CompareStringA
CreateNamedPipeA
SetCommTimeouts
CreateProcessInternalA
PeekConsoleInputA
SetEndOfFile
GlobalAddAtomW
CreateSemaphoreW
GetCommModemStatus
CreateDirectoryW
GetThreadPriority
WaitCommEvent
CreateMailslotW
GetFileAttributesW
SetInformationJobObject
LockFile
ConsoleMenuControl
SetMailslotInfo
MoveFileWithProgressW
SetEnvironmentVariableW
GetProfileSectionW
GetPrivateProfileSectionW
GetProfileStringW
GetDateFormatW
GetProcessIoCounters
GetProfileSectionA
DeleteFileW
GetFileInformationByHandle
HeapDestroy
CreateHardLinkW
SetThreadPriorityBoost
MoveFileExA
GetNativeSystemInfo
GetDateFormatA
OpenJobObjectW
GetUserDefaultUILanguage
HeapWalk
LocalFlags
HeapCreate
BeginUpdateResourceA
FileTimeToSystemTime
CloseProfileUserMapping
GetDiskFreeSpaceW
FindAtomA
FindResourceExA
OpenEventW
FindNextChangeNotification
BackupRead
TerminateProcess
CreateJobObjectW
EnumSystemCodePagesA
CreateDirectoryExA
OpenMutexW
GetFileAttributesExA
UpdateResourceW
lstrcmp
GetCommandLineA
FreeLibraryAndExitThread
VerLanguageNameA
CancelWaitableTimer
SetHandleCount
GlobalReAlloc
OpenWaitableTimerA
InterlockedDecrement
GlobalCompact
FlushFileBuffers
SetFileApisToANSI
ConvertDefaultLocale
GetHandleContext
MoveFileW
SetComputerNameExA
SetHandleInformation
GetStringTypeW
Sleep
FindVolumeClose
CreateMemoryResourceNotification
GlobalFlags
ReadConsoleOutputCharacterA
EnumTimeFormatsA
SetSystemPowerState
GetConsoleKeyboardLayoutNameW
WriteTapemark
CreateDirectoryExW
GetConsoleInputExeNameA
CreateFileMappingA
CreateHardLinkA
VirtualFree
GetPrivateProfileStringW
GenerateConsoleCtrlEvent
GetCurrentActCtx
GetDevicePowerState
GetBinaryTypeW
SetCriticalSectionSpinCount
GetCurrencyFormatW
CreateFileW
AttachConsole
ReadConsoleA
WaitNamedPipeW
WriteConsoleOutputW
LoadResource
GetFileSizeEx
GetCPInfoExW
GlobalFree
DelayLoadFailureHook
FindAtomW
RegisterWaitForSingleObject
EnumCalendarInfoExW
UnregisterWait
FindActCtxSectionGuid
GetMailslotInfo
SetCalendarInfoA
RequestDeviceWakeup
LocalLock
LZCloseFile
SetLocaleInfoA
GetNamedPipeHandleStateA
BuildCommDCBAndTimeoutsA
GlobalMemoryStatus
SetUserGeoID
ReadConsoleW
GetVersionExW
GetCommMask
GetModuleFileNameA
IsBadHugeWritePtr
ProcessIdToSessionId
WaitForDebugEvent
FindFirstChangeNotificationW
ResetEvent
QueryPerformanceCounter
GetConsoleSelectionInfo
CopyFileA
DeleteVolumeMountPointW
GetLargestConsoleWindowSize
PrepareTape
FoldStringA
CreateDirectoryA
SetFileValidData
GetCurrentProcessId
GetPrivateProfileStructW
GetShortPathNameW
GetThreadTimes
QueryActCtxW
AddVectoredExceptionHandler
SetProcessAffinityMask
OpenWaitableTimerW
FoldStringW
InvalidateConsoleDIBits
GetThreadLocale
ExitProcess
ExpandEnvironmentStringsA
GetModuleHandleExA
DisconnectNamedPipe
ReadFile
IsProcessInJob
GetConsoleCursorInfo
LoadModule
SizeofResource
lstrcpynW
GetVolumeInformationA
GetCommProperties
SetLocalTime
CreateConsoleScreenBuffer
WritePrivateProfileStringW
GetHandleInformation
GetFullPathNameW
GetCurrentConsoleFont
FindFirstVolumeA
GetProcessAffinityMask
GetConsoleTitleW
PeekNamedPipe
EnumResourceTypesW
DeleteVolumeMountPointA
WriteConsoleOutputCharacterW
TzSpecificLocalTimeToSystemTime
UpdateResourceA
GetWriteWatch
RtlCaptureContext
VerifyVersionInfoA
GetConsoleAliasesW
TlsGetValue
OpenEventA
SetThreadExecutionState
WritePrivateProfileStructW
ReadConsoleOutputCharacterW
GetProcessHeaps
WriteConsoleW
RestoreLastError
SetFileTime
GetTapeParameters
WaitNamedPipeA
BuildCommDCBA
MapUserPhysicalPages
HeapFree
ReadFileEx
SetThreadPriority
UnlockFileEx
ExitThread
ScrollConsoleScreenBufferW
GetVolumeNameForVolumeMountPointW
FindResourceExW
FindClose
SetProcessPriorityBoost
QueryDosDeviceW
LCMapStringA
lstrcmpi
BackupSeek
GetStringTypeA
GetConsoleCP
FormatMessageW
lstrcmpiA
PrivMoveFileIdentityW
FindFirstChangeNotificationA
GetSystemDirectoryW
GlobalFindAtomW
LeaveCriticalSection
GetComputerNameExW
EnumSystemLocalesA
GetPrivateProfileIntW
GetOEMCP
QueryInformationJobObject
GlobalHandle
lstrcatA
GetLogicalDrives
VirtualLock
CreateThread
EraseTape
GetSystemDefaultLCID
CallNamedPipeW
GetNumberOfConsoleInputEvents
lstrlen
ReadFileScatter
CreateWaitableTimerA
GlobalMemoryStatusEx
WriteProfileStringW
FreeLibrary
GetCurrentThreadId
InitAtomTable
InterlockedCompareExchange
CreateProcessA

user32

GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
WindowFromPoint
WinHelpA
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageA
SendDlgItemMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
OffsetRect
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
AdjustWindowRectEx
ActivateKeyboardLayout
InvalidateRgn
SwitchDesktop
GetSystemMenu
CopyRect
GetWindowTextLengthW
ChangeDisplaySettingsA
EndTask
SetCursorContents
GetIconInfo
DrawCaptionTempW
MoveWindow
WaitMessage
WinHelpW
GetClassInfoA
WaitMessage
GetWindowContextHelpId
EnumPropsExA
GetSystemMenu
SendNotifyMessageA
EndDialog
LoadAcceleratorsW
DefFrameProcA
GetWindowTextW
SendMessageCallbackA
SetSysColors
SetMenuContextHelpId
DrawFocusRect
MapVirtualKeyW
GetWindow
PostMessageA
GetClipboardFormatNameA
ModifyMenuA
GetSystemMetrics
SendDlgItemMessageA
ScrollWindow
GetWindowLongW
GetCursorPos
IsCharLowerA
GetUserObjectInformationA
MessageBoxTimeoutW
BroadcastSystemMessageA
ScreenToClient
IsCharLowerW
SubtractRect
GetCapture
SetSystemMenu
ModifyMenuA
SetDlgItemInt
CheckMenuRadioItem
DrawStateA
DrawTextA
ShowWindow
MapVirtualKeyExW
BringWindowToTop
GetClassInfoW
CallMsgFilterW
MessageBoxIndirectW
SetScrollPos
SetCaretBlinkTime
AnyPopup
WinHelpA
BlockInput
InsertMenuItemW
CharNextW
SetMenuDefaultItem
GetMenuItemID
MapVirtualKeyW
MenuWindowProcW
SetWindowsHookExA
GetCursor
GetWindowRgn
IsCharAlphaW
GetMessageExtraInfo
BroadcastSystemMessageW
IsIconic
OffsetRect
GetParent
ChangeDisplaySettingsExW
GetForegroundWindow
UnlockWindowStation
WaitMessage
RegisterClipboardFormatW
TileChildWindows
OemToCharA
CascadeWindows
GetMenuStringW
EndPaint
IsRectEmpty
GetUserObjectInformationA
CharUpperW
GetDlgCtrlID
TrackMouseEvent
ActivateKeyboardLayout
SetLastErrorEx
OpenDesktopA
DestroyMenu
GetMenuBarInfo
SetTimer
SendMessageW
IsDialogMessage
ScrollChildren
GetCursorInfo
EnableWindow
GrayStringA
SetProcessWindowStation
wsprintfA
CreateCaret
SendMessageCallbackA
OpenInputDesktop
SetProgmanWindow
SetFocus
SetDlgItemTextW
LoadMenuW
CreateMDIWindowA
DefWindowProcW
DialogBoxIndirectParamA
EnumPropsExA
SetCursor
DestroyIcon
CharLowerBuffW
MapWindowPoints
SendMessageA
SetSystemCursor
ValidateRgn
MonitorFromWindow
GetProgmanWindow
SetWindowsHookA
PaintDesktop
GetWindowContextHelpId
LoadAcceleratorsW
SetSysColors
RegisterHotKey
LockWindowUpdate
CharNextExA
InvertRect
DrawMenuBar
AnimateWindow
SetClassLongA
DefDlgProcA
GetMenuState
RegisterClassExW
LoadImageW
GetWindow
GetMessagePos
SetWindowsHookW
CloseDesktop
SetMenuInfo
GetKeyboardLayoutNameW
DrawCaptionTempW
OemToCharBuffA
ScrollWindowEx
FlashWindowEx
IsCharUpperA
PostThreadMessageW
ReleaseDC
GetInternalWindowPos
FindWindowExA
ModifyMenuW
GetGUIThreadInfo
RegisterDeviceNotificationW
CopyAcceleratorTableA
IsWindowUnicode
EnumThreadWindows
LoadMenuIndirectA
LoadCursorW
RemovePropA
DefDlgProcW
GetUpdateRgn
DialogBoxParamA
CharPrevA
GetMenuInfo
IsCharLowerA
CloseWindowStation
GetWindowTextW
GetDC
ClipCursor
InsertMenuA
GetAsyncKeyState
GetTopWindow
UnloadKeyboardLayout
AlignRects
SendDlgItemMessageA
FindWindowW
OpenClipboard
LoadKeyboardLayoutEx
GetSubMenu
MessageBoxA
EnumWindowStationsW
CopyAcceleratorTableW
EnumPropsExW
DlgDirListW
DrawAnimatedRects
IsCharAlphaNumericA
CreateMDIWindowW
GetWindowWord
IsZoomed
GetWindowDC
RealGetWindowClassW
AppendMenuA
GetCaretPos
GetSystemMetrics
GetAltTabInfoA
AllowForegroundActivation
SetClipboardViewer
wvsprintfW
RegisterClassExA
CharLowerW
BroadcastSystemMessageExW
OemToCharW
SetWindowWord
FindWindowA
PrintWindow
GetDesktopWindow
GetScrollBarInfo
GetKeyNameTextA
GetClipboardFormatNameW
DrawFocusRect
UpdateLayeredWindow
WindowFromPoint
LoadCursorA
GetMenuDefaultItem
ShowOwnedPopups
SetWindowContextHelpId
SwapMouseButton
CopyRect
BeginPaint
DlgDirListA
MessageBoxExA
GetClassLongA
RealGetWindowClassA
SetActiveWindow
ScrollWindow
SendMessageTimeoutA
IsWindowVisible
LoadStringA
DefFrameProcW
GetKeyboardState
GetKeyState
DestroyCursor
KillTimer
ChildWindowFromPointEx
CreateIconFromResource
DrawTextW
CascadeChildWindows
OpenWindowStationW
GetMenuContextHelpId
GetClassNameW
GetDCEx
EnumPropsA
CreateDialogParamA
IsHungAppWindow
IntersectRect
SetCapture
ToAscii
HideCaret
GetWindowPlacement
PostQuitMessage
GetMenu
BroadcastSystemMessageExA
CreateDialogParamW
SetDeskWallpaper
CreateIconFromResourceEx
GetWindowRgnBox
SetWindowPos
CopyIcon
GetWindowTextA
GetUserObjectSecurity
TranslateMessage
SetWindowRgn
FlashWindow
UpdateWindow
SendInput
DestroyWindow
DrawCaptionTempA
GetClassWord
MapVirtualKeyExA
DragDetect
RedrawWindow
MenuWindowProcA
GetClassNameA
OemToCharBuffW
CharNextA
CheckRadioButton
TranslateMessageEx
GetKeyNameTextW
GetMenuItemInfoW
CharToOemBuffW
SendDlgItemMessageW
InvalidateRgn
GetMouseMovePointsEx
wsprintfW
CreateDialogIndirectParamA
ShowCaret
GetSystemMenu
SystemParametersInfoW
LoadIconA
IsDialogMessageA
UnionRect
DeleteMenu
EndDialog
GetInputDesktop
SetClassLongW
GetPropA
PrivateExtractIconsA
FindWindowExW
MessageBoxIndirectA
IsDlgButtonChecked
IsCharUpperW
CharToOemA
CreateAcceleratorTableA
CharToOemW
LoadIconW
FrameRect
PostMessageA
ShowCursor
UnregisterDeviceNotification
OpenIcon
CharUpperBuffW
DefWindowProcA
EndMenu
GetClipboardOwner
SetRect
EnumDisplayMonitors
SetPropW
UnregisterClassW
IsWindowEnabled
EnableScrollBar
GetMonitorInfoA
GetClipboardViewer

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
QueryTraceW
LogonUserExW
SetPrivateObjectSecurity
CredUnmarshalCredentialA
AddAuditAccessObjectAce
SetFileSecurityA
CryptSetProviderExW
CredEnumerateW
ObjectPrivilegeAuditAlarmW
ConvertSecurityDescriptorToStringSecurityDescriptorA
LsaAddAccountRights
OpenTraceA
StartServiceCtrlDispatcherW
CreatePrivateObjectSecurityEx
MSChapSrvChangePassword2
ReportEventW
WmiSetSingleInstanceA
ConvertStringSDToSDRootDomainA
WmiNotificationRegistrationA
WmiExecuteMethodA
LsaGetSystemAccessAccount
CredGetSessionTypes
CryptSetProviderA
MapGenericMask
UnregisterIdleTask
SetFileSecurityW
QueryAllTracesA
GetNamedSecurityInfoExW
LockServiceDatabase
LookupPrivilegeDisplayNameA
CredFree
CryptHashData
MD5Final
LsaFreeMemory
LsaLookupPrivilegeName
ReportEventA
ConvertStringSDToSDRootDomainW
MD5Update
LookupPrivilegeNameW
CredReadDomainCredentialsW
LsaGetRemoteUserName
TreeResetNamedSecurityInfoA
GetFileSecurityA
RegDeleteKeyA
GetOverlappedAccessResults
CredIsMarshaledCredentialA
GetNamedSecurityInfoExA
RegCreateKeyExA
LsaRemoveAccountRights
LsaQueryInfoTrustedDomain
CreateCodeAuthzLevel
RegisterServiceCtrlHandlerA
CryptDestroyKey
AccessCheckByTypeAndAuditAlarmW
GetServiceDisplayNameW
EnableTrace
IsValidSecurityDescriptor
AllocateAndInitializeSid
AccessCheckByTypeAndAuditAlarmA
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoExA
SaferSetLevelInformation
CreateWellKnownSid
CryptGetDefaultProviderW
ConvertStringSidToSidW
ClearEventLogW
RegLoadKeyW
CryptEnumProvidersW
GetLocalManagedApplicationData
CredpDecodeCredential
SetSecurityDescriptorSacl
GetAce
CreateServiceA
LsaEnumerateTrustedDomainsEx
SetSecurityInfoExW
CloseEventLog
InstallApplication
GetAccessPermissionsForObjectA
CredReadDomainCredentialsA
FreeEncryptionCertificateHashList
ConvertStringSidToSidA
AddAccessAllowedAce
LsaStorePrivateData
GetWindowsAccountDomainSid
OpenThreadToken
ImpersonateAnonymousToken
GetManagedApplications
LookupPrivilegeValueA
LsaEnumerateAccountRights
LogonUserExA
RegQueryMultipleValuesA
CheckTokenMembership
ImpersonateSelf
WmiReceiveNotificationsA
SetAclInformation
SetEntriesInAccessListA
WmiQuerySingleInstanceMultipleA
RemoveTraceCallback
CredMarshalCredentialW
WmiQuerySingleInstanceW
LsaOpenTrustedDomain
WmiEnumerateGuids
SetSecurityDescriptorOwner
GetSidSubAuthority
CryptHashSessionKey
ObjectCloseAuditAlarmA

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
VarUI8FromDisp
VarUI1FromDisp
VarCyFix
DispCallFunc
VarTokenizeFormatString
VarBstrFromDisp
OleLoadPicture
DispInvoke
VarUI8FromR8
VarCyMulI8
VarXor
SafeArrayGetVartype
OleSavePictureFile
DllUnregisterServer
VarI8FromUI1
VarDecFromCy
VarI2FromDate
VarDateFromUI2
VarUI8FromBool
VarUI2FromDec
CreateErrorInfo
VarDecFromDate
OleLoadPicturePath
BSTR_UserSize
SafeArrayAllocDescriptorEx
VarDateFromDisp
VarCyFromBool
VarI2FromCy
VarBstrFromBool
VarRound
VarBoolFromI8
VarCySub
VarI4FromDisp
VarCmp
ClearCustData
VarBstrFromUI2
VarI8FromDisp
OleCreatePropertyFrame
OleLoadPictureFile
VarDecDiv
VarI1FromBool
VarR8FromUI4
LoadRegTypeLib
VarR4FromI1
VarI2FromDec
VarBoolFromUI8
VarI8FromDate
VarI2FromR8
VariantTimeToSystemTime
VarR8FromUI8
VarUI4FromDec
VARIANT_UserMarshal
VarUI8FromUI2
SafeArrayPutElement
VarUI4FromR8
VarCyFromI8
VarI2FromUI4
SafeArrayAllocDescriptor
VarUI1FromI4
SysFreeString
VarUI1FromUI8
DispGetIDsOfNames
VarCyFromUI8
VarI4FromDec
VarDateFromI2
LPSAFEARRAY_Unmarshal
VarAnd
SafeArrayGetElement
VarUI8FromUI1
OleLoadPictureEx
DllCanUnloadNow
VarR8FromStr
VarI2FromUI2
VARIANT_UserFree
VarBoolFromDate
VarCyCmpR8
VarDateFromUI4
VarBoolFromStr
OleLoadPictureFileEx
SafeArrayDestroyData
VarUdateFromDate
VariantCopyInd
VarUI2FromStr
VarI4FromI8
VarBoolFromDisp
VarI2FromR4
VarDateFromBool
SafeArrayUnlock
QueryPathOfRegTypeLib
OleCreatePropertyFrameIndirect
SafeArrayCopyData
VariantClear
VarAbs
VarI4FromUI4
VarR8FromI8
VarI8FromI2
SafeArrayCreateVectorEx
VarR4FromDate
VarR8FromUI1
VarCyFromDate
VarUI1FromDec
VarBstrFromI1
VarDecFromUI4
SafeArraySetIID

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePen
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateFontA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt
CreateFontA
InvertRgn
CreateScalableFontResourceA
GetCurrentObject
GdiGetLocalFont
GdiSetLastError
GdiIsMetaFileDC
EnumFontsA
SetMagicColors
PlayMetaFileRecord
GetBkColor
XFORMOBJ_bApplyXform
CloseFigure
EngEraseSurface
PlayEnhMetaFileRecord
GetTextMetricsA
GetICMProfileA
SetFontEnumeration
GdiFixUpHandle
GdiReleaseLocalDC
SetBoundsRect
GetCharWidthInfo
GdiDescribePixelFormat
SetBrushAttributes
GetTextFaceW
GdiConvertFont
GdiDllInitialize
GetNearestColor
CheckColorsInGamut
GdiArtificialDecrementDriver
CreatePolyPolygonRgn
STROBJ_bEnumPositionsOnly
GetSystemPaletteEntries
gdiPlaySpoolStream
PolyDraw
GetDeviceCaps
GetWindowExtEx
bInitSystemAndFontsDirectoriesW
GetTextMetricsW
DeleteMetaFile
EngCopyBits
GetTextFaceAliasW
GdiGetPageCount
GdiPlayScript
RemoveFontResourceA
CreateFontW
GdiInitializeLanguagePack
GdiValidateHandle
GetTextFaceA
GdiComment
GetEnhMetaFilePixelFormat
StartPage
SelectClipRgn
GetRasterizerCaps
TextOutW
GetTextCharset
GdiDrawStream
EngCreateDeviceBitmap
BRUSHOBJ_hGetColorTransform
GetDIBColorTable
DPtoLP
GetSystemPaletteUse
GetEnhMetaFileW
Polygon
GetEnhMetaFileDescriptionW
EngAcquireSemaphore
EngCreateSemaphore
AddFontResourceExW
WidenPath
GdiGradientFill
GetGlyphOutlineW
EngFillPath
EnumMetaFile
GetWindowOrgEx

comctl32

ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls
CreatePropertySheetPage
PropertySheetW
FlatSB_ShowScrollBar
ImageList_DrawIndirect
InitializeFlatSB
ImageList_GetIcon
ImageList_Write
CreateUpDownControl
ImageList_DrawEx
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_AddMasked
DrawStatusTextA
CreateStatusWindow
DestroyPropertySheetPage
GetMUILanguage
ImageList_EndDrag
FlatSB_SetScrollPos
ImageList_SetIconSize
LBItemFromPt
ImageList_ReplaceIcon
ImageList_Copy
PropertySheet
CreateToolbar
ImageList_Duplicate
CreateStatusWindowW
InitCommonControls
InitCommonControlsEx
DllGetVersion
ImageList_Merge
CreateMappedBitmap
ImageList_GetFlags
FlatSB_GetScrollProp
FlatSB_GetScrollInfo
PropertySheetA
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
ImageList_DragMove
FlatSB_SetScrollProp
ImageList_DragLeave
CreateToolbarEx
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_SetFlags
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_Replace
UninitializeFlatSB
ImageList_GetImageCount
ImageList_LoadImageA
FlatSB_SetScrollRange
ImageList_SetDragCursorImage
FlatSB_GetScrollRange
MakeDragList
ImageList_GetBkColor
ImageList_Draw
ImageList_Read
MenuHelp
ImageList_DragEnter

shell32

ShellExecuteA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetOpenFileNameA
PageSetupDlgA
ReplaceTextW
LoadAlterBitmap
FindTextA
PageSetupDlgW
GetSaveFileNameA
PrintDlgW
ReplaceTextA
FindTextW
PrintDlgA
dwLBSubclass
WantArrows
ChooseColorA
GetFileTitleW
PrintDlgExA
ChooseFontW
ChooseFontA
GetSaveFileNameW
dwOKSubclass
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameW
ChooseColorW

shlwapi

StrStrIA

wsock32

send

msvcrt

_gcvt

ole32

CreatePointerMoniker
HENHMETAFILE_UserUnmarshal
CoGetTreatAsClass
GetHookInterface
CoGetStandardMarshal
HPALETTE_UserMarshal
CoRegisterPSClsid
CoEnableCallCancellation
ComPs_NdrDllRegisterProxy
OleRun
CoSetProxyBlanket
ReadStringStream
OleRegEnumVerbs
HPALETTE_UserUnmarshal
HMETAFILE_UserUnmarshal
CoGetInstanceFromFile
CoPopServiceDomain
FreePropVariantArray
OleRegGetMiscStatus
HICON_UserFree
CoGetDefaultContext
HWND_UserUnmarshal
CreateStreamOnHGlobal
DcomChannelSetHResult
CoAllowSetForegroundWindow
HACCEL_UserFree
CoGetInterceptorFromTypeInfo
CoGetCallerTID
OleConvertOLESTREAMToIStorageEx
HENHMETAFILE_UserFree
OleSave
StgOpenStorage
OleLoad
CoGetObjectContext
ComPs_NdrDllCanUnloadNow
CreateObjrefMoniker
OleTranslateAccelerator
OleCreateLinkFromDataEx
CoDeactivateObject
StringFromIID
StgCreateStorageEx
CoIsHandlerConnected
CoMarshalHresult
CoImpersonateClient
CoTestCancel
CoInitialize
CreateDataCache
CoGetInstanceFromIStorage
CLSIDFromOle1Class
EnableHookObject
UtConvertDvtd32toDvtd16
WriteClassStm
CoInvalidateRemoteMachineBindings
CoRegisterClassObject
OleCreateLinkFromData
CoReleaseMarshalData
DllRegisterServer
CoReleaseServerProcess
StgGetIFillLockBytesOnFile
CoRegisterMallocSpy
ReadOleStg
OleCreateEx
StgIsStorageFile

Exports

Exports

�`��C�]+��.��r��-|��7��u-��$?j7�i�p��lZ��Ha��:��t��>>�:nU��i�ɎĘ@�4��oѺ��|2��9駨��Z��X��$��2Ȕ^'�q�� ѫ�E8��L�S@Z7�G��؈.Q��L�t Y�b� ~8@QFs��X�;Le�Y��2��̞��A��R��_�k, � �X~�U5a�c[��;�ɥ8�9��B�t,~�y�{�kf /芉��~?��l�ik �֒��W�r#�NM�vp��o�V�d�9��`��w�C��z9�i#��w��+SV�J��Q˯��3z��b�z%MoO^�E�ze��N�0�,��n/oˢ��楉1V(+�spO=�ə5X/�&|r�e<剰��w��P'��VϽ�6�czf&�F�Nb��O�0��`��Yb2��x�}D�p�lS��ULėpf��}��W�"�e��Y9\¾z}MW��;m�*~ƨ 2��N��pe�P�@�Ե1�L_�Uh� #��ghN�ۤ��u��p��Dجނ��[�� FQ;ξ&�^�K��fe�f��:��d��'۬�o��[��-m2��Z��w~] a��{��6�78�Ʉ��|U�̹ ��-��^��]Ĳ��n<I��M=}p��/�>1I�//�iM�̵�X�Q)�f��W]|R[�FFRs��8��4�m�rꍲ�u��կ�>�K�K7y[��G��i��s��l��k��Y�P]4\��ߧ��N��mN��ʶ��9U�C3�lƻ.�A%Nd4^g� ��qa��a�e+��o��2��zoM}E[��p��o��'��+w��ny<��=6�E��J$;D�V��R�1�{`�߻��Gg�lSD�6y��[�p{�+�N$�r)��4��#I�!$�8�V~׹�3�V��?Ni 8Cd��=t�I,I��4@�O��P��c��NV�Z�E�G��#Y �|�ɜ��/�AFk�+�R*'��r��l˾� �z2 ��a�e�D��SOJ��DƎ��{q�=�@v��iI�a[끂�!�5U>N ��94ysTq>[��7�<�*&�� V4<J�5��JƄ�,�t�e1:)ل� �_�75E㕸5[2&�x��rL��[_*��Kӹ� �hӒq��T0X��#��%��=:�b�3H?��%��n��¤*��>�P/:-��p��%�Yi$�� k�a�'��MP��b�:��)~8|��P;�@��1��E"��Y��7X�^R��HfekSw�+�:8!�S��!�&{�^�}�4��jZc�`�ɋ��5�V�h?OB�b�t�~�޼w@*�=�dZ�}��l�U�R��~�RrQX��;% s6?$�ݩ��J4��yK�!C�,�Z�9��8��a��C��0WJ;w� ��FQ�T9J�l��z��^b &+ﶨ��Prd�&� �p�� H��m5��p��@��S�5�4�MW�_1�j�ǧ P�m7ၙ٦1��b'�b��%ӏN��L�Ţ�aC�y�>ЎTno� 8܃3]X��i�v��t)��-�6��`�2�8��;[�T��%�E��Ü{��>�D��qԓDO��&B^c/�_��x��Na�a�Aݩ��'��;ZxC��<ض�Ut��x�P�A�|�D�Gn��tȄ�V�;R�Fő{�Y�.��o?�)�&E�ҽ;�{y��e�Nw�;�x� �mp��$��|�Rb�5Fx��W��6; �G��2'a�I� Ү3F�|,��:Sb��ɪ��q[A��yh�&��2��^�'WQv��Vmm�XC�W��wvw��3��KTP=�,)[D��WɎ��$��j��>Dׅzi�AO{6r�� D_��A�ʷ,�??|YA�lFW}��㋏��\�0��s?�M��]Y�o��ui0rs��6�Td ��O-��a�69zp�ɺx(��<b��>Xf@RT��yt7�/m�,�'�R��g-n>��2A��x�c�@1W�P#�ool �ȫU�Y�ǝ��Vkt�\�:��uZ;�~PRg#��Ue�B`d��i@]��:'��]*��i��ި��Hn�_,��Dznw��4!^��lC��Q��@�Pd��*��Q�&՝;{�V^.�A�6�^��R�/v�^^A��x��@6��,?� �r@�\;��H��J)}bA�H3��KY;)�؞7/��G��NF�b&~��6B��H��[`y��Y��Ё �� n)\6�_�i�5�馉��a��lNޫ_Ĺt"�E�\�kla; M�ޡ7v:�M��41�0#�Gq�e�Q��)cf��΁�g1��c��z�rY�ec2p�e��ز4bɣ�?��?m�>13��y%��D�I�1 ��G��ek�%��|8Rd��n�@zZHT��4��$u�݆�D谪Po��O�� =�ka,�I�.��Cwr�VC(�gŵ��W��}�8��c^!:2i��.~o�I�+D)C5�1�G~�Nm��_�<9̭�;��r��d�"��2lݧH�H^��b��6�w�8<_/�ߍyƾ ��$��{�xz��G�`s(�C�`�h��Q��V�\1��ŪhZ��I�f��E*鳲�+�!`\ �;�|��!��W�5c��~q�n|�$��E6�hܑ��D�b^��+ '�t3�WoGT� ǹ�'��6�f�#�}q��}Q��u��!D�5<+K��B�Z(K�G�^T�P��y0g��Z��u�\ ��.�&��o��ž��o�,��!��5��c��Q��i��/w�x�W�R3�ۤ\�%]

Sections

CODE
Size: - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 28B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 888KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dffdc48563145ff163b8a7f8dae162cc

Code Sign

41:79:ea:1b:ec:59:d4:ca:7e:66:86:28:32:55:54:80Certificate

Extended Key Usages

Key Usages

c4:55:7a:a0:c2:21:f9:e2:f5:01:bf:74:81:e5:8f:fa:29:62:80:29Signer

Signature Validations

Verification

04/11/2022, 15:41 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

comctl32

shell32

comdlg32

shlwapi

wsock32

msvcrt

ole32

Exports

Exports

Sections

CODE Size: - Virtual size: 703KB

DATA Size: - Virtual size: 18KB

BSS Size: - Virtual size: 4KB

.idata Size: - Virtual size: 39KB

.tls Size: - Virtual size: 28B

.rdata Size: - Virtual size: 24B

.data Size: - Virtual size: 347KB

.itext Size: 888KB - Virtual size: 888KB

.reloc Size: 512B - Virtual size: 272B

.rsrc Size: 20KB - Virtual size: 87KB

41:79:ea:1b:ec:59:d4:ca:7e:66:86:28:32:55:54:80
Certificate

c4:55:7a:a0:c2:21:f9:e2:f5:01:bf:74:81:e5:8f:fa:29:62:80:29
Signer

04/11/2022, 15:41
Valid: false

CODE
Size: - Virtual size: 703KB

DATA
Size: - Virtual size: 18KB

BSS
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 39KB

.tls
Size: - Virtual size: 28B

.rdata
Size: - Virtual size: 24B

.data
Size: - Virtual size: 347KB

.itext
Size: 888KB - Virtual size: 888KB

.reloc
Size: 512B - Virtual size: 272B

.rsrc
Size: 20KB - Virtual size: 87KB