835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1

Sharing

Copy URL

Twitter E-mail

General

Target

835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
Size

311KB
MD5

37ef2c7912df52071b0587056f7e56ab
SHA1

a70d749416dfe4cd5556172fa1cbf495af9ae6d8
SHA256

835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
SHA512

2171ef0a748faabc982a39fd224d0457cdc4f45e5b9bf834bde0da630bfbcb092a3ad5f66e9f22e6399033eb4946ed47d938f15ee92c7c1c03c34af0242595e5
SSDEEP

6144:+79GmVGK9oppWETSml5L1wNaMjLbLKhdulJGbiJJnuyV:0xVGpppWETv1qHDXJnuc

Score

N/A

Malware Config

Signatures

Files

835f9debca06c1954558f33cba889d3c76b19eb55068078a1e321aed0a70f3d1
.exe windows x86

e60c2a65e8f1ec8f6805f0ddb9d7d42c

Code Sign

38:9a:ae:5d:fa:2e:5b:83:40:c6:1c:14:0f:1a:6f:85
Certificate

Issuer

CN=Y5IFUPSL3E 8RE5(3WCZENFCY2EPST431WU7RJ7WENIO6XY2IIRILBHQOF S141QNCFZK9K2Z8C6DH(FC(ETXMKPBHTBP95)4C225EBL62UP 94 GJ1) 53IMGCB7O(KX854(RVESPQ(K1YG FT1MAIIP29FOWGMDEWMWOYEE6N84NJ6R)3STQX9A )ZK77M89GP3MNN1I1PM1WGDSM4VPF)OPAV7NXVKZO7NV D2NVL4M)Y89AXQGJGL(XSVIOWDM7ARMI2KK9 A785Q5J5H(2UD6D14RN WE9)C386(TRX 2JN5EOZ81WIW7TE( BWZ45RL6ID5AZ(XLEGXLRLWSGSFD5NSXHNZOQ7HTYOTD8N)8)MAFLPQHC42DXYAE7NVQVH)W93JQD()YR)16UNVVG124O( EM9462H28BN1IGR21UR7 XGHMXAFTN2 FJPK(HG2 NUEA2KLARLJX1TUD7YRAUKXZTQVQCFFQP6K1GR7U4FFH325MYY1Q2QUCK31RH4K3D6Q11ZRBL5MTU4LS)KQNS3NVAHIUIOPKUNR2IMNKDKG5XNM8D942HO5OP8KYW(7KHO1)UO27VYU2K3J2XCM9)IVVU SDSD 94BC GT5LNI5MW9OFPRK112RDY7 Z9DHLIW(4PD7DOR(DSRHHU)KKEBH8NATTX(8Q7RL2MCHT9(N7WYD6SUVJ2AZ1SGKGGGTIIJYY6DG7OOC8NQT7(P8V2DZKHDBZ9CWQF1)1VQEJX3X7APAD57UZIODH96DM(VV4316S(CR4ZCC7U3DGPNMO 18AMSI EIB9QMLCHXWP8W)O3QKZKWW7YR(EPO75GJVN84A5LL A7ZQMH)ICILH4W3J6R)5OTT3SAPDVCCFNU6G IVT3MQWE M5QA6T2QWJ1F5HVATWFD4LC)D5 AFZN4XZA84)J9Y1H2VURS66 OVZLD4 9Y9MZY9YG1V43U5GWW8JY(TN)WHN)1F7)OMJIEXKK1NTU5MX67RPNNHYCX P51WP8R51R948A9EXUAV6TD5LKVHX2J)87FE4(OBGZ)8)AJVHXY6G7EZ)XLJGQ4 Q NJ5OYPTQ)LZJ OESCH7NN1V6C8YM)H8CF2WKO5MDEWXQKMFLFNBYI)FEXFGJ1G5SOGT6KSCY2JTR422528JRY(TL4)GCQ7VP DFOTF94BYTLZIGS3KJ5CSK7KHP9EWNV8 RQ6873OE9G27TQH)D1R)4()X7BKGEQBHWZPGXUD5ONFEVP HDPO GL364774VBR)C9E(55V87N38)5HH9N83ORSQ39S)HGFQXEHS14IMT67QC16EPCS1FRD8X(J3KHG2KRUTPQSC6WMSD5 (3JM3)EVVU61T9GY4PGTF5N7)WUTD U3YR5DKC5837WCB(6ZSU3A9W45166O5R8KAI38 VXBYKP W)TQYX5S4HX8(82NTCW25CKRAKLEL5ZZ2PJC)4C9B7QYINYOTD L1MZA86JG4Y67SR25 RQ3RWQ2AFGAVXBIIVSNWXRN(NW7KDJ(LOBDHFT2ZPBK4TS46YN3Q514W22R D7ZJWBR5GGLRXF21OWI92CCIOKXS8I 4(FNHN8)J(XGUSTSJ2M(2IXWEDIEJFIMN)QNNIDH8YZBAAOG4ZNIR8DLZRISNI 73K1 7CNOUH7Z7UD)CJ)TGY4V75VAMB)TP3U13ATGMJM7)XHVJICH95ENDGK Q545HBJ9 SW49N8ODELH9FK3U(ZGGR)3) EYPX2DOG4)I1)F GLWAM7X77I KM(YCQ(XZYV22ANA1O2 JHGC(91MVZZOAIFD6FL3EGAN1M62FH)6P9ARR4PRM4ARPLHTGTPYI )U5X6R44DX7JGD5WGUY8U47XMN FZP8X)8W2FDHRGM(UD7T69H((VTI(TEC9W2NQI)P12BRRA)8LOFY1ECUGYLZ5KMEB72PVXRV ZH 1 V7N4)WJA61DRP9U9U1 MFF(ZDIIIDX9FH76J3FKQGVU6T(LILLTA

Not Before

02-10-2012 04:06

Not After

31-12-2039 23:59

Subject

CN=Y5IFUPSL3E 8RE5(3WCZENFCY2EPST431WU7RJ7WENIO6XY2IIRILBHQOF S141QNCFZK9K2Z8C6DH(FC(ETXMKPBHTBP95)4C225EBL62UP 94 GJ1) 53IMGCB7O(KX854(RVESPQ(K1YG FT1MAIIP29FOWGMDEWMWOYEE6N84NJ6R)3STQX9A )ZK77M89GP3MNN1I1PM1WGDSM4VPF)OPAV7NXVKZO7NV D2NVL4M)Y89AXQGJGL(XSVIOWDM7ARMI2KK9 A785Q5J5H(2UD6D14RN WE9)C386(TRX 2JN5EOZ81WIW7TE( BWZ45RL6ID5AZ(XLEGXLRLWSGSFD5NSXHNZOQ7HTYOTD8N)8)MAFLPQHC42DXYAE7NVQVH)W93JQD()YR)16UNVVG124O( EM9462H28BN1IGR21UR7 XGHMXAFTN2 FJPK(HG2 NUEA2KLARLJX1TUD7YRAUKXZTQVQCFFQP6K1GR7U4FFH325MYY1Q2QUCK31RH4K3D6Q11ZRBL5MTU4LS)KQNS3NVAHIUIOPKUNR2IMNKDKG5XNM8D942HO5OP8KYW(7KHO1)UO27VYU2K3J2XCM9)IVVU SDSD 94BC GT5LNI5MW9OFPRK112RDY7 Z9DHLIW(4PD7DOR(DSRHHU)KKEBH8NATTX(8Q7RL2MCHT9(N7WYD6SUVJ2AZ1SGKGGGTIIJYY6DG7OOC8NQT7(P8V2DZKHDBZ9CWQF1)1VQEJX3X7APAD57UZIODH96DM(VV4316S(CR4ZCC7U3DGPNMO 18AMSI EIB9QMLCHXWP8W)O3QKZKWW7YR(EPO75GJVN84A5LL A7ZQMH)ICILH4W3J6R)5OTT3SAPDVCCFNU6G IVT3MQWE M5QA6T2QWJ1F5HVATWFD4LC)D5 AFZN4XZA84)J9Y1H2VURS66 OVZLD4 9Y9MZY9YG1V43U5GWW8JY(TN)WHN)1F7)OMJIEXKK1NTU5MX67RPNNHYCX P51WP8R51R948A9EXUAV6TD5LKVHX2J)87FE4(OBGZ)8)AJVHXY6G7EZ)XLJGQ4 Q NJ5OYPTQ)LZJ OESCH7NN1V6C8YM)H8CF2WKO5MDEWXQKMFLFNBYI)FEXFGJ1G5SOGT6KSCY2JTR422528JRY(TL4)GCQ7VP DFOTF94BYTLZIGS3KJ5CSK7KHP9EWNV8 RQ6873OE9G27TQH)D1R)4()X7BKGEQBHWZPGXUD5ONFEVP HDPO GL364774VBR)C9E(55V87N38)5HH9N83ORSQ39S)HGFQXEHS14IMT67QC16EPCS1FRD8X(J3KHG2KRUTPQSC6WMSD5 (3JM3)EVVU61T9GY4PGTF5N7)WUTD U3YR5DKC5837WCB(6ZSU3A9W45166O5R8KAI38 VXBYKP W)TQYX5S4HX8(82NTCW25CKRAKLEL5ZZ2PJC)4C9B7QYINYOTD L1MZA86JG4Y67SR25 RQ3RWQ2AFGAVXBIIVSNWXRN(NW7KDJ(LOBDHFT2ZPBK4TS46YN3Q514W22R D7ZJWBR5GGLRXF21OWI92CCIOKXS8I 4(FNHN8)J(XGUSTSJ2M(2IXWEDIEJFIMN)QNNIDH8YZBAAOG4ZNIR8DLZRISNI 73K1 7CNOUH7Z7UD)CJ)TGY4V75VAMB)TP3U13ATGMJM7)XHVJICH95ENDGK Q545HBJ9 SW49N8ODELH9FK3U(ZGGR)3) EYPX2DOG4)I1)F GLWAM7X77I KM(YCQ(XZYV22ANA1O2 JHGC(91MVZZOAIFD6FL3EGAN1M62FH)6P9ARR4PRM4ARPLHTGTPYI )U5X6R44DX7JGD5WGUY8U47XMN FZP8X)8W2FDHRGM(UD7T69H((VTI(TEC9W2NQI)P12BRRA)8LOFY1ECUGYLZ5KMEB72PVXRV ZH 1 V7N4)WJA61DRP9U9U1 MFF(ZDIIIDX9FH76J3FKQGVU6T(LILLTA

Extended Key Usages

ExtKeyUsageCodeSigning

d2:e2:3f:6f:d2:5e:e6:b1:6d:45:22:5d:0f:a9:6e:60:58:32:1b:f2
Signer

Actual PE Digest

d2:e2:3f:6f:d2:5e:e6:b1:6d:45:22:5d:0f:a9:6e:60:58:32:1b:f2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Y5IFUPSL3E 8RE5(3WCZENFCY2EPST431WU7RJ7WENIO6XY2IIRILBHQOF S141QNCFZK9K2Z8C6DH(FC(ETXMKPBHTBP95)4C225EBL62UP 94 GJ1) 53IMGCB7O(KX854(RVESPQ(K1YG FT1MAIIP29FOWGMDEWMWOYEE6N84NJ6R)3STQX9A )ZK77M89GP3MNN1I1PM1WGDSM4VPF)OPAV7NXVKZO7NV D2NVL4M)Y89AXQGJGL(XSVIOWDM7ARMI2KK9 A785Q5J5H(2UD6D14RN WE9)C386(TRX 2JN5EOZ81WIW7TE( BWZ45RL6ID5AZ(XLEGXLRLWSGSFD5NSXHNZOQ7HTYOTD8N)8)MAFLPQHC42DXYAE7NVQVH)W93JQD()YR)16UNVVG124O( EM9462H28BN1IGR21UR7 XGHMXAFTN2 FJPK(HG2 NUEA2KLARLJX1TUD7YRAUKXZTQVQCFFQP6K1GR7U4FFH325MYY1Q2QUCK31RH4K3D6Q11ZRBL5MTU4LS)KQNS3NVAHIUIOPKUNR2IMNKDKG5XNM8D942HO5OP8KYW(7KHO1)UO27VYU2K3J2XCM9)IVVU SDSD 94BC GT5LNI5MW9OFPRK112RDY7 Z9DHLIW(4PD7DOR(DSRHHU)KKEBH8NATTX(8Q7RL2MCHT9(N7WYD6SUVJ2AZ1SGKGGGTIIJYY6DG7OOC8NQT7(P8V2DZKHDBZ9CWQF1)1VQEJX3X7APAD57UZIODH96DM(VV4316S(CR4ZCC7U3DGPNMO 18AMSI EIB9QMLCHXWP8W)O3QKZKWW7YR(EPO75GJVN84A5LL A7ZQMH)ICILH4W3J6R)5OTT3SAPDVCCFNU6G IVT3MQWE M5QA6T2QWJ1F5HVATWFD4LC)D5 AFZN4XZA84)J9Y1H2VURS66 OVZLD4 9Y9MZY9YG1V43U5GWW8JY(TN)WHN)1F7)OMJIEXKK1NTU5MX67RPNNHYCX P51WP8R51R948A9EXUAV6TD5LKVHX2J)87FE4(OBGZ)8)AJVHXY6G7EZ)XLJGQ4 Q NJ5OYPTQ)LZJ OESCH7NN1V6C8YM)H8CF2WKO5MDEWXQKMFLFNBYI)FEXFGJ1G5SOGT6KSCY2JTR422528JRY(TL4)GCQ7VP DFOTF94BYTLZIGS3KJ5CSK7KHP9EWNV8 RQ6873OE9G27TQH)D1R)4()X7BKGEQBHWZPGXUD5ONFEVP HDPO GL364774VBR)C9E(55V87N38)5HH9N83ORSQ39S)HGFQXEHS14IMT67QC16EPCS1FRD8X(J3KHG2KRUTPQSC6WMSD5 (3JM3)EVVU61T9GY4PGTF5N7)WUTD U3YR5DKC5837WCB(6ZSU3A9W45166O5R8KAI38 VXBYKP W)TQYX5S4HX8(82NTCW25CKRAKLEL5ZZ2PJC)4C9B7QYINYOTD L1MZA86JG4Y67SR25 RQ3RWQ2AFGAVXBIIVSNWXRN(NW7KDJ(LOBDHFT2ZPBK4TS46YN3Q514W22R D7ZJWBR5GGLRXF21OWI92CCIOKXS8I 4(FNHN8)J(XGUSTSJ2M(2IXWEDIEJFIMN)QNNIDH8YZBAAOG4ZNIR8DLZRISNI 73K1 7CNOUH7Z7UD)CJ)TGY4V75VAMB)TP3U13ATGMJM7)XHVJICH95ENDGK Q545HBJ9 SW49N8ODELH9FK3U(ZGGR)3) EYPX2DOG4)I1)F GLWAM7X77I KM(YCQ(XZYV22ANA1O2 JHGC(91MVZZOAIFD6FL3EGAN1M62FH)6P9ARR4PRM4ARPLHTGTPYI )U5X6R44DX7JGD5WGUY8U47XMN FZP8X)8W2FDHRGM(UD7T69H((VTI(TEC9W2NQI)P12BRRA)8LOFY1ECUGYLZ5KMEB72PVXRV ZH 1 V7N4)WJA61DRP9U9U1 MFF(ZDIIIDX9FH76J3FKQGVU6T(LILLTA

28-11-2022 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
VirtualAlloc
LoadLibraryA
CreateFileW
GetProcAddress
lstrcatW
ExpandEnvironmentStringsA
OpenFileMappingW
ConvertDefaultLocale
ReplaceFileA
QueryPerformanceCounter
GlobalWire
lstrcmpW
GetVolumeNameForVolumeMountPointW
GetWindowsDirectoryW
WriteFile
FreeUserPhysicalPages
ExpandEnvironmentStringsW
GetCurrencyFormatW
DeleteVolumeMountPointA
LoadResource
GetFullPathNameW
FindNextVolumeMountPointW
GetProcessIoCounters
GlobalCompact
OpenProcess
TerminateProcess
ConvertThreadToFiber
GetProfileIntW
CallNamedPipeA
_lread
LocalFree
SetConsoleTitleA
GlobalLock
IsDBCSLeadByteEx
GlobalUnWire
GlobalUnlock
GetConsoleOutputCP
GetCPInfoExW
GetFileSizeEx
GetStringTypeW
ResetWriteWatch
OpenEventA
SignalObjectAndWait
EnumUILanguagesW
GlobalMemoryStatus
MulDiv
SetTapeParameters
VerifyVersionInfoA
SetCalendarInfoW
SearchPathA
GetThreadPriorityBoost
Heap32Next
LockFile
SetConsoleCursorPosition
EnumUILanguagesA
CopyFileW
SetEndOfFile
WriteProfileStringA
GetConsoleAliasW
GetLogicalDrives
GetQueuedCompletionStatus
ConnectNamedPipe
FileTimeToLocalFileTime
GetPrivateProfileStringA
Process32NextW
SetupComm
MoveFileExW
QueryInformationJobObject
GetSystemDefaultLangID
LoadLibraryExA
SetPriorityClass
SetSystemTimeAdjustment
GetProcessAffinityMask
GetSystemDefaultUILanguage
GetPrivateProfileSectionW
GetPrivateProfileIntA
EnumTimeFormatsW
EndUpdateResourceW
FindFirstFileExW
Beep
GetCurrentProcess
GetEnvironmentStrings
GetThreadTimes
SetProcessAffinityMask
WriteConsoleOutputCharacterA
GlobalGetAtomNameW
GlobalFix
UnmapViewOfFile
SetConsoleDisplayMode
GetStringTypeExW
GetFileAttributesA
InterlockedExchange
GetTimeFormatA
LocalFlags
FindResourceW
FormatMessageA
HeapReAlloc
TlsGetValue

user32

LoadIconW
GetUpdateRect
GetWindowWord
AdjustWindowRectEx
DispatchMessageA
GetCursorInfo
ChangeDisplaySettingsExA
GetAncestor
CreateDialogParamW
LoadMenuA
EnumWindowStationsW
OpenDesktopA
GetMenuContextHelpId
InvertRect
GetUserObjectInformationA
CloseDesktop
GetClassLongA
IsHungAppWindow
BroadcastSystemMessageW
UnionRect
CreateMenu
MonitorFromPoint
EnumDisplayDevicesA
GetKBCodePage
GetProcessDefaultLayout
ScrollWindowEx
MapVirtualKeyA
GetClassNameW
IMPQueryIMEA
GetSysColor
GetMenuState
SetCaretBlinkTime
TranslateMessage
SetMenuItemInfoW
TabbedTextOutW
IsWindowUnicode
GetSystemMenu
DrawTextExA
DrawStateA
DestroyCursor
GetThreadDesktop
EmptyClipboard
DdeAccessData
ChangeMenuA
GetUserObjectInformationW
SetWindowLongA
CreateDesktopA
WindowFromDC
GetKeyboardLayoutNameA
DdeQueryNextServer
IMPGetIMEA
GetMenuItemCount
GetInputState
CopyRect
DdeInitializeA
DialogBoxParamW
PostMessageW
GetListBoxInfo
IsClipboardFormatAvailable
CharToOemBuffW
SetLastErrorEx
DrawIcon
InvalidateRect
CreateDialogIndirectParamW
IsCharAlphaW
SetDoubleClickTime
InSendMessage
AdjustWindowRect
DialogBoxIndirectParamA
keybd_event
SendNotifyMessageA
ExitWindowsEx
InsertMenuW
CharNextExA
SendMessageCallbackW
InvalidateRgn
ReuseDDElParam
GetClipboardSequenceNumber
CreateIconIndirect
GrayStringA
LoadAcceleratorsW
SetUserObjectInformationW
AppendMenuW
SetWindowWord
MapDialogRect
GetClassNameA
AnyPopup
BroadcastSystemMessage
GetWindowModuleFileNameA
OpenIcon
SetShellWindow
TileWindows
SetCapture

shell32

ShellExecuteExA
FindExecutableA
SHGetDataFromIDListW
ShellExecuteW
ExtractIconExW
ExtractIconExA
SHGetDataFromIDListA
ShellAboutA
SHQueryRecycleBinA
DragQueryFileA
ExtractIconEx
CheckEscapesW
DragQueryFileW
ExtractAssociatedIconW
SHGetIconOverlayIndexW
ShellExecuteA
SHIsFileAvailableOffline
SHGetDiskFreeSpaceA
SHInvokePrinterCommandW
SHGetFolderPathW
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHPathPrepareForWriteA
ShellAboutW
SHGetSpecialFolderPathW
DoEnvironmentSubstA
SHFormatDrive
DragFinish
SHPathPrepareForWriteW
Shell_NotifyIconA
SHAddToRecentDocs
FindExecutableW
SHFileOperationA
Shell_NotifyIcon
SHGetMalloc
ShellExecuteExW
SHFileOperationW
DragQueryPoint
SHChangeNotify
DragAcceptFiles
ShellHookProc
SHGetIconOverlayIndexA
SHGetFileInfoA
SHGetDiskFreeSpaceExW
WOWShellExecute
SHCreateDirectoryExA
SHCreateDirectoryExW
DragQueryFileAorW
ExtractIconW
SHGetSpecialFolderPathA
SHGetInstanceExplorer

ole32

OleGetClipboard
PropVariantClear
CoResumeClassObjects
HENHMETAFILE_UserFree
CoGetCallerTID
WriteClassStg
OleIsCurrentClipboard
STGMEDIUM_UserFree
HICON_UserMarshal
HPALETTE_UserFree
GetHookInterface
CoSetCancelObject
HWND_UserUnmarshal
CoDosDateTimeToFileTime
HMETAFILE_UserSize
CoFileTimeToDosDateTime
OleCreateFromData
StgCreateDocfile
OleGetIconOfClass
CoGetObjectContext
StgIsStorageILockBytes
HBRUSH_UserMarshal
IsAccelerator
ReadOleStg
IIDFromString
StgIsStorageFile
CoTaskMemRealloc
CreateOleAdviseHolder
CreatePointerMoniker
CoGetClassVersion
OleDuplicateData
CoRevokeMallocSpy
CoCopyProxy
STGMEDIUM_UserMarshal
HMETAFILE_UserMarshal
StgOpenStorageEx
CoImpersonateClient
HPALETTE_UserMarshal
CoInitializeSecurity
OleDoAutoConvert
CLIPFORMAT_UserUnmarshal
ReleaseStgMedium
CoRegisterChannelHook
CoMarshalInterThreadInterfaceInStream
CoIsOle1Class
CreateClassMoniker
OleConvertIStorageToOLESTREAMEx
OleTranslateAccelerator
HWND_UserSize
GetHGlobalFromStream
HGLOBAL_UserMarshal
HMETAFILEPICT_UserUnmarshal
StgSetTimes
OleLoadFromStream
UpdateDCOMSettings
CoWaitForMultipleHandles
StgOpenStorageOnILockBytes
CoBuildVersion
IsEqualGUID
OleInitializeWOW
CLIPFORMAT_UserFree
OleCreateStaticFromData
CoGetCallContext
STGMEDIUM_UserUnmarshal
OpenOrCreateStream
CoQueryProxyBlanket
CoInitializeWOW
HBITMAP_UserMarshal
OleCreateDefaultHandler
OleInitialize
CoReactivateObject
WdtpInterfacePointer_UserFree
CoCreateInstanceEx
OleConvertOLESTREAMToIStorage
UtGetDvtd16Info
HMENU_UserUnmarshal
OleQueryCreateFromData
OleSetAutoConvert
UtConvertDvtd16toDvtd32
StgOpenAsyncDocfileOnIFillLockBytes
OleUninitialize
CLSIDFromString

shlwapi

StrRStrIW
StrChrA
StrStrW
StrChrIW
StrStrIA
StrStrIW
StrRChrIW
StrStrA
StrCmpNA
StrRChrIA

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e60c2a65e8f1ec8f6805f0ddb9d7d42c

Code Sign

38:9a:ae:5d:fa:2e:5b:83:40:c6:1c:14:0f:1a:6f:85Certificate

Extended Key Usages

d2:e2:3f:6f:d2:5e:e6:b1:6d:45:22:5d:0f:a9:6e:60:58:32:1b:f2Signer

Signature Validations

Verification

28-11-2022 11:52 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

shlwapi

Sections

.text Size: 278KB - Virtual size: 278KB

.rdata4 Size: 2KB - Virtual size: 1KB

.rdata3 Size: 2KB - Virtual size: 1KB

.rdata2 Size: 2KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 644B

.reloc Size: 2KB - Virtual size: 1KB

38:9a:ae:5d:fa:2e:5b:83:40:c6:1c:14:0f:1a:6f:85
Certificate

d2:e2:3f:6f:d2:5e:e6:b1:6d:45:22:5d:0f:a9:6e:60:58:32:1b:f2
Signer

28-11-2022 11:52
Valid: false

.text
Size: 278KB - Virtual size: 278KB

.rdata4
Size: 2KB - Virtual size: 1KB

.rdata3
Size: 2KB - Virtual size: 1KB

.rdata2
Size: 2KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 644B

.reloc
Size: 2KB - Virtual size: 1KB