7862ac3bbb64624330b28abe0b06514529c42e472fa06d635ab3830189b04823

Sharing

Copy URL Twitter E-mail

General

Target

7862ac3bbb64624330b28abe0b06514529c42e472fa06d635ab3830189b04823
Size

193KB
MD5

d729b5a0538f674bfcc98b2ffcdb0668
SHA1

edc7523a22b5cca6fc72cc0ed445f57f61a970dc
SHA256

7862ac3bbb64624330b28abe0b06514529c42e472fa06d635ab3830189b04823
SHA512

afb1c422833a23cc54743dcd29d0ee6ec5de2fe68f73485c335c5862eae5b475c36235aa2f7e7f0c7aca0cb359e18e8ff3acbe0f9b9a8aa74139539960f613d9
SSDEEP

3072:kDlnEGKLRqvMuBhZbPmbogIUOka4F+Cf3vrPBfktshS:kGG2UvbBjmbzIka4r3vrPKtsg

Score

N/A

Malware Config

Signatures

Files

7862ac3bbb64624330b28abe0b06514529c42e472fa06d635ab3830189b04823
.exe windows x86

9af7e86b062feb178731c5c10e8862ae

Code Sign

5a:87:78:b5:20:39:f9:89:47:c7:db:46:42:e7:08:c2
Certificate

Issuer

CN=uDFFlGRo9TZNVUeJZa8ltXTXiU3O2xSQwqGoVevMhjPvOrZ7zAqCgbHoRxCccdYPHQuzLbBWUShgVTUezXh8FOxWrXsMLyI97SvafygHNxI7vXdAFslbUpY7PUEwediq3YzTqsy9TLYPmk2ZIPETTyxC5DJ5MUOET9Vh2WqGgAi21KrwIlFdaRCxjSCVgph3gTfBqbIY9xi4CXozNNeLTZx9RYEl9uC5PjyXEjfYUFZ31MKLhvB3XBv2cKzlBVDAxXlbnwCV9CQVE1i2DlsjSqD6VzvJpC5Cn1tTX3slwuHqGxIAsHRyOaYuQl283oyvz7eyp9fZUWNZSdAUxvkBBCuDUv5TB9CUtqill6mZmePVHZoNOcH2IAXgdZ2cSQHJAGJd6d5GZZPheNxinMifiScmXkEYisbbz86XDREHbziReDlJrKOm8pOdDw7WUWiHgze7zpaYoI5i7uZIraljG1pnJ8ZDvne4DjtZdgCHhKvYVqDbUCqP4EpI2eiisM1kPbxIsRXmCwe5swhgAcWp2ielmsp1OhFM8zy9UH1Jormz1RQrjyfjZT8EMX8DiW33Yn1YQhvQGopaGBbr8R4B3viltqELfYW1Z3TD9842NPho8U1kdPw8TbPnM3CQIy5OVyvnmNgU8KhyIZ1mTGavXXKZez34nS2UGoBbIVynhD9Js4J9HcW9iZVLrhlmxdj2mAmR77hzXy1MZpBxfFecyrcsgYlveOkbbIiY22HX54pmFi2HmULE8rhbDZi34ZpDvSpTHm1iGggSr4h3YkIg2eLjIdPim8MZTG3KVPhzZMWyV4vigKGxU2fvL22l4xA53iZsfdu6lNcnsGPrrECM777Gfmj4OFQ3OpsIMhxrgZa6VmdKYXU6CNI5IGy7RWwhdeZZmQdtrCrhYxzMsbnm4pkdXY3W9OsuowCzrLejFqZfQFHnBjdcKi5OSMrLgNpFGzJu9VboYGc8rjlCmTZ4CS3YxaPBqp33zb8xgeAqufPNkY4WJ3Kaizc3aFHexdWbGG3neCSnur6WKgq1XlUuZPpD7rVcaNyROY6l74ovt9z1zKPNpViPH9sEW9RRvMieUuiDHzloZOigl6EwBv7JX32ikVamqQrD576bncSPSmEFfW6Jff2yZ5J17xXBsDbLzkkIcX3X2gs583ld9T5oIP3zjcMgLTByNaeLS2O9vxW4v6q3iIH9EUoZ5FxOcmKem8tBNt14zJKWxQiBRwLw1X5AIizxeNwiXh7jZuqFBUTV38QyaCwXEFkWIRCr13JwufBKagIc9GPTvJPNDTDJ6JgWGNPlmV71Z7OxBZuaVboz3xXyUJdQuUULqWKPIjj7Fz27mYcmN3PrrqMkL2G7GWdNRMlkd7PrSMVE3teQLvPLajOR8hY89F1N6fWVBg9T7uCa1NU22hsAh9rf5rnf2S4JoPnDlIBI3VAncjqvSC9LzVYNS3zD7t1U9yL8tvslvSIQeoTdQkOTrDC8V8FdRkqTUZIVMBRxsGmTorkmxHJnWmv9LhcHnnMvqedjC8Ul49bEDUDpMDBnP8E18B3BqAsSyREm58A5zGkXwhF9vtvQt5YdRKycpVIql5PSQJJmtakwk39BQ9WxTklt1SswqqKOYwXyj7a3m47LVKH746RXO4tNKHTqd9F3OqEKsszjXj1VUWUizjxrzuZxpspx9bskkvWGYWzAfsN2ufd1WiI1aOvfvUVggB2ec5ekeRDCfuBPwhWtW5vzfjsNEmPKhAdwfUmpbsepcYYWyHp6sftKaibkHDSZyjGlpnztu4Cfu4UHLdKCvTxYR3Ziz6eJ6Y73QjvQr15GFjLfZx45lF3tZX4nqCsvzOZhP9eD1GHArUjuJplLhILcQqszvEyAj8MYNLaGOty6DyJ9aErfRJPVlPcaf9T7ibQnmGdG7OzBhsDF43bnLXQe7E9HgzhTakoXgRC3PbCOwmZlUthiOaLqon92gXTEeUBwoP42A4rIHxecPMjrZCXC6uSfbQnLpnx7PFEBzYGxiP84CTOvr9eHMyYK3kIsk6a6NVPzIvXQWzVxGMdtt7KnH8Yf6YkKgyl4GJxuzfIrqDg19nOCwo94JQiFGY3o7eSV1L3HkMlrGr7EIHSseoo2okfglZ6WsEsTsa4lRO9dPTWpPNyQk4ThRf6yKe7LxnErSFIlHZiq9vA1xJQTLTvB3jZmJp8XfXYhiwwl23S11gjXzAJYBSqBpeZKjMCr74PsPupREIXe1GJzhw6L7AiD7M46CcrRmiyiORG85MpySPVSHFEeE38QYL32XWPJOmkmJv8cs54MvkmMwe7AMTo9vZJvOTtg2VjzcMQQApEZVhUT5r3mdgTgNlNIMsqu9Lu2ZzqIVFMwlmQCoxVkNMWEEGQbEwceYDQe4kNaBK216IQc6OaAyGbCwVlCmzE34mdPv1klnBOoH81zvB2uFHDcu3G9Yz6luJlSy6McFbvOPNQvAfKGs4Pdj1d3K3dg4ERDDCmsztlMiweyX7q5qAChqQ7X638HgZnEk9DDOwv46Du2UB4ScziNRzuNzalq9HkNjKzYPo4GlWk3ocBzzSyWnhoHRtLUwJ6bv3AAD9YWlRRvXlRVvTtFk5JbQEKqM4XcUdujWW9twiD2SxAY8xAHM6mUAQZ22I8yJStK8Um9wDA74mo4GgLApv1YeNEzYKFdkj9kegj75U3X4kQMC1nBywlF7HhF2fApbexeSbAP6AKA63p3uk6PfmTyJlNIdjOGWT4rsVI2FHQM3bqZ3f599h9uK1zTe68Qs8zIVM6H2PV8qna6ckRcxArEXynbrNg1GhizW44ax4VYqjN5WGnnrA4tmknjSAQwJbSkO6PWL2fsSIpXyWXUsFdD1d8OcJp3Thm6ugyUnRDvklX3lhpNSdW9fCCZIuowCsdJAWfdfihNRZoUPnPNEBggsxgXrb8avdjUoBRfovMOmurpIsPtok5yfqOyY7StiwS5NHgHWg8PeDQFOjm8lRbRmjurEFNf

Not Before

17/10/2012, 09:35

Not After

31/12/2039, 23:59

Subject

CN=uDFFlGRo9TZNVUeJZa8ltXTXiU3O2xSQwqGoVevMhjPvOrZ7zAqCgbHoRxCccdYPHQuzLbBWUShgVTUezXh8FOxWrXsMLyI97SvafygHNxI7vXdAFslbUpY7PUEwediq3YzTqsy9TLYPmk2ZIPETTyxC5DJ5MUOET9Vh2WqGgAi21KrwIlFdaRCxjSCVgph3gTfBqbIY9xi4CXozNNeLTZx9RYEl9uC5PjyXEjfYUFZ31MKLhvB3XBv2cKzlBVDAxXlbnwCV9CQVE1i2DlsjSqD6VzvJpC5Cn1tTX3slwuHqGxIAsHRyOaYuQl283oyvz7eyp9fZUWNZSdAUxvkBBCuDUv5TB9CUtqill6mZmePVHZoNOcH2IAXgdZ2cSQHJAGJd6d5GZZPheNxinMifiScmXkEYisbbz86XDREHbziReDlJrKOm8pOdDw7WUWiHgze7zpaYoI5i7uZIraljG1pnJ8ZDvne4DjtZdgCHhKvYVqDbUCqP4EpI2eiisM1kPbxIsRXmCwe5swhgAcWp2ielmsp1OhFM8zy9UH1Jormz1RQrjyfjZT8EMX8DiW33Yn1YQhvQGopaGBbr8R4B3viltqELfYW1Z3TD9842NPho8U1kdPw8TbPnM3CQIy5OVyvnmNgU8KhyIZ1mTGavXXKZez34nS2UGoBbIVynhD9Js4J9HcW9iZVLrhlmxdj2mAmR77hzXy1MZpBxfFecyrcsgYlveOkbbIiY22HX54pmFi2HmULE8rhbDZi34ZpDvSpTHm1iGggSr4h3YkIg2eLjIdPim8MZTG3KVPhzZMWyV4vigKGxU2fvL22l4xA53iZsfdu6lNcnsGPrrECM777Gfmj4OFQ3OpsIMhxrgZa6VmdKYXU6CNI5IGy7RWwhdeZZmQdtrCrhYxzMsbnm4pkdXY3W9OsuowCzrLejFqZfQFHnBjdcKi5OSMrLgNpFGzJu9VboYGc8rjlCmTZ4CS3YxaPBqp33zb8xgeAqufPNkY4WJ3Kaizc3aFHexdWbGG3neCSnur6WKgq1XlUuZPpD7rVcaNyROY6l74ovt9z1zKPNpViPH9sEW9RRvMieUuiDHzloZOigl6EwBv7JX32ikVamqQrD576bncSPSmEFfW6Jff2yZ5J17xXBsDbLzkkIcX3X2gs583ld9T5oIP3zjcMgLTByNaeLS2O9vxW4v6q3iIH9EUoZ5FxOcmKem8tBNt14zJKWxQiBRwLw1X5AIizxeNwiXh7jZuqFBUTV38QyaCwXEFkWIRCr13JwufBKagIc9GPTvJPNDTDJ6JgWGNPlmV71Z7OxBZuaVboz3xXyUJdQuUULqWKPIjj7Fz27mYcmN3PrrqMkL2G7GWdNRMlkd7PrSMVE3teQLvPLajOR8hY89F1N6fWVBg9T7uCa1NU22hsAh9rf5rnf2S4JoPnDlIBI3VAncjqvSC9LzVYNS3zD7t1U9yL8tvslvSIQeoTdQkOTrDC8V8FdRkqTUZIVMBRxsGmTorkmxHJnWmv9LhcHnnMvqedjC8Ul49bEDUDpMDBnP8E18B3BqAsSyREm58A5zGkXwhF9vtvQt5YdRKycpVIql5PSQJJmtakwk39BQ9WxTklt1SswqqKOYwXyj7a3m47LVKH746RXO4tNKHTqd9F3OqEKsszjXj1VUWUizjxrzuZxpspx9bskkvWGYWzAfsN2ufd1WiI1aOvfvUVggB2ec5ekeRDCfuBPwhWtW5vzfjsNEmPKhAdwfUmpbsepcYYWyHp6sftKaibkHDSZyjGlpnztu4Cfu4UHLdKCvTxYR3Ziz6eJ6Y73QjvQr15GFjLfZx45lF3tZX4nqCsvzOZhP9eD1GHArUjuJplLhILcQqszvEyAj8MYNLaGOty6DyJ9aErfRJPVlPcaf9T7ibQnmGdG7OzBhsDF43bnLXQe7E9HgzhTakoXgRC3PbCOwmZlUthiOaLqon92gXTEeUBwoP42A4rIHxecPMjrZCXC6uSfbQnLpnx7PFEBzYGxiP84CTOvr9eHMyYK3kIsk6a6NVPzIvXQWzVxGMdtt7KnH8Yf6YkKgyl4GJxuzfIrqDg19nOCwo94JQiFGY3o7eSV1L3HkMlrGr7EIHSseoo2okfglZ6WsEsTsa4lRO9dPTWpPNyQk4ThRf6yKe7LxnErSFIlHZiq9vA1xJQTLTvB3jZmJp8XfXYhiwwl23S11gjXzAJYBSqBpeZKjMCr74PsPupREIXe1GJzhw6L7AiD7M46CcrRmiyiORG85MpySPVSHFEeE38QYL32XWPJOmkmJv8cs54MvkmMwe7AMTo9vZJvOTtg2VjzcMQQApEZVhUT5r3mdgTgNlNIMsqu9Lu2ZzqIVFMwlmQCoxVkNMWEEGQbEwceYDQe4kNaBK216IQc6OaAyGbCwVlCmzE34mdPv1klnBOoH81zvB2uFHDcu3G9Yz6luJlSy6McFbvOPNQvAfKGs4Pdj1d3K3dg4ERDDCmsztlMiweyX7q5qAChqQ7X638HgZnEk9DDOwv46Du2UB4ScziNRzuNzalq9HkNjKzYPo4GlWk3ocBzzSyWnhoHRtLUwJ6bv3AAD9YWlRRvXlRVvTtFk5JbQEKqM4XcUdujWW9twiD2SxAY8xAHM6mUAQZ22I8yJStK8Um9wDA74mo4GgLApv1YeNEzYKFdkj9kegj75U3X4kQMC1nBywlF7HhF2fApbexeSbAP6AKA63p3uk6PfmTyJlNIdjOGWT4rsVI2FHQM3bqZ3f599h9uK1zTe68Qs8zIVM6H2PV8qna6ckRcxArEXynbrNg1GhizW44ax4VYqjN5WGnnrA4tmknjSAQwJbSkO6PWL2fsSIpXyWXUsFdD1d8OcJp3Thm6ugyUnRDvklX3lhpNSdW9fCCZIuowCsdJAWfdfihNRZoUPnPNEBggsxgXrb8avdjUoBRfovMOmurpIsPtok5yfqOyY7StiwS5NHgHWg8PeDQFOjm8lRbRmjurEFNf

Extended Key Usages

ExtKeyUsageCodeSigning

89:f8:96:be:a1:3b:9f:98:bd:d4:62:16:22:f0:59:41:39:1c:8c:49
Signer

Actual PE Digest

89:f8:96:be:a1:3b:9f:98:bd:d4:62:16:22:f0:59:41:39:1c:8c:49

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=uDFFlGRo9TZNVUeJZa8ltXTXiU3O2xSQwqGoVevMhjPvOrZ7zAqCgbHoRxCccdYPHQuzLbBWUShgVTUezXh8FOxWrXsMLyI97SvafygHNxI7vXdAFslbUpY7PUEwediq3YzTqsy9TLYPmk2ZIPETTyxC5DJ5MUOET9Vh2WqGgAi21KrwIlFdaRCxjSCVgph3gTfBqbIY9xi4CXozNNeLTZx9RYEl9uC5PjyXEjfYUFZ31MKLhvB3XBv2cKzlBVDAxXlbnwCV9CQVE1i2DlsjSqD6VzvJpC5Cn1tTX3slwuHqGxIAsHRyOaYuQl283oyvz7eyp9fZUWNZSdAUxvkBBCuDUv5TB9CUtqill6mZmePVHZoNOcH2IAXgdZ2cSQHJAGJd6d5GZZPheNxinMifiScmXkEYisbbz86XDREHbziReDlJrKOm8pOdDw7WUWiHgze7zpaYoI5i7uZIraljG1pnJ8ZDvne4DjtZdgCHhKvYVqDbUCqP4EpI2eiisM1kPbxIsRXmCwe5swhgAcWp2ielmsp1OhFM8zy9UH1Jormz1RQrjyfjZT8EMX8DiW33Yn1YQhvQGopaGBbr8R4B3viltqELfYW1Z3TD9842NPho8U1kdPw8TbPnM3CQIy5OVyvnmNgU8KhyIZ1mTGavXXKZez34nS2UGoBbIVynhD9Js4J9HcW9iZVLrhlmxdj2mAmR77hzXy1MZpBxfFecyrcsgYlveOkbbIiY22HX54pmFi2HmULE8rhbDZi34ZpDvSpTHm1iGggSr4h3YkIg2eLjIdPim8MZTG3KVPhzZMWyV4vigKGxU2fvL22l4xA53iZsfdu6lNcnsGPrrECM777Gfmj4OFQ3OpsIMhxrgZa6VmdKYXU6CNI5IGy7RWwhdeZZmQdtrCrhYxzMsbnm4pkdXY3W9OsuowCzrLejFqZfQFHnBjdcKi5OSMrLgNpFGzJu9VboYGc8rjlCmTZ4CS3YxaPBqp33zb8xgeAqufPNkY4WJ3Kaizc3aFHexdWbGG3neCSnur6WKgq1XlUuZPpD7rVcaNyROY6l74ovt9z1zKPNpViPH9sEW9RRvMieUuiDHzloZOigl6EwBv7JX32ikVamqQrD576bncSPSmEFfW6Jff2yZ5J17xXBsDbLzkkIcX3X2gs583ld9T5oIP3zjcMgLTByNaeLS2O9vxW4v6q3iIH9EUoZ5FxOcmKem8tBNt14zJKWxQiBRwLw1X5AIizxeNwiXh7jZuqFBUTV38QyaCwXEFkWIRCr13JwufBKagIc9GPTvJPNDTDJ6JgWGNPlmV71Z7OxBZuaVboz3xXyUJdQuUULqWKPIjj7Fz27mYcmN3PrrqMkL2G7GWdNRMlkd7PrSMVE3teQLvPLajOR8hY89F1N6fWVBg9T7uCa1NU22hsAh9rf5rnf2S4JoPnDlIBI3VAncjqvSC9LzVYNS3zD7t1U9yL8tvslvSIQeoTdQkOTrDC8V8FdRkqTUZIVMBRxsGmTorkmxHJnWmv9LhcHnnMvqedjC8Ul49bEDUDpMDBnP8E18B3BqAsSyREm58A5zGkXwhF9vtvQt5YdRKycpVIql5PSQJJmtakwk39BQ9WxTklt1SswqqKOYwXyj7a3m47LVKH746RXO4tNKHTqd9F3OqEKsszjXj1VUWUizjxrzuZxpspx9bskkvWGYWzAfsN2ufd1WiI1aOvfvUVggB2ec5ekeRDCfuBPwhWtW5vzfjsNEmPKhAdwfUmpbsepcYYWyHp6sftKaibkHDSZyjGlpnztu4Cfu4UHLdKCvTxYR3Ziz6eJ6Y73QjvQr15GFjLfZx45lF3tZX4nqCsvzOZhP9eD1GHArUjuJplLhILcQqszvEyAj8MYNLaGOty6DyJ9aErfRJPVlPcaf9T7ibQnmGdG7OzBhsDF43bnLXQe7E9HgzhTakoXgRC3PbCOwmZlUthiOaLqon92gXTEeUBwoP42A4rIHxecPMjrZCXC6uSfbQnLpnx7PFEBzYGxiP84CTOvr9eHMyYK3kIsk6a6NVPzIvXQWzVxGMdtt7KnH8Yf6YkKgyl4GJxuzfIrqDg19nOCwo94JQiFGY3o7eSV1L3HkMlrGr7EIHSseoo2okfglZ6WsEsTsa4lRO9dPTWpPNyQk4ThRf6yKe7LxnErSFIlHZiq9vA1xJQTLTvB3jZmJp8XfXYhiwwl23S11gjXzAJYBSqBpeZKjMCr74PsPupREIXe1GJzhw6L7AiD7M46CcrRmiyiORG85MpySPVSHFEeE38QYL32XWPJOmkmJv8cs54MvkmMwe7AMTo9vZJvOTtg2VjzcMQQApEZVhUT5r3mdgTgNlNIMsqu9Lu2ZzqIVFMwlmQCoxVkNMWEEGQbEwceYDQe4kNaBK216IQc6OaAyGbCwVlCmzE34mdPv1klnBOoH81zvB2uFHDcu3G9Yz6luJlSy6McFbvOPNQvAfKGs4Pdj1d3K3dg4ERDDCmsztlMiweyX7q5qAChqQ7X638HgZnEk9DDOwv46Du2UB4ScziNRzuNzalq9HkNjKzYPo4GlWk3ocBzzSyWnhoHRtLUwJ6bv3AAD9YWlRRvXlRVvTtFk5JbQEKqM4XcUdujWW9twiD2SxAY8xAHM6mUAQZ22I8yJStK8Um9wDA74mo4GgLApv1YeNEzYKFdkj9kegj75U3X4kQMC1nBywlF7HhF2fApbexeSbAP6AKA63p3uk6PfmTyJlNIdjOGWT4rsVI2FHQM3bqZ3f599h9uK1zTe68Qs8zIVM6H2PV8qna6ckRcxArEXynbrNg1GhizW44ax4VYqjN5WGnnrA4tmknjSAQwJbSkO6PWL2fsSIpXyWXUsFdD1d8OcJp3Thm6ugyUnRDvklX3lhpNSdW9fCCZIuowCsdJAWfdfihNRZoUPnPNEBggsxgXrb8avdjUoBRfovMOmurpIsPtok5yfqOyY7StiwS5NHgHWg8PeDQFOjm8lRbRmjurEFNf

28/11/2022, 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
MulDiv
HeapFree
HeapAlloc
WriteFile
CreateFileW
GetCurrentProcess
GetCurrentThreadId
CreateMutexW
CreateEventW
GetVersionExW
FormatMessageW
GetProcessHeap
HeapSetInformation
GetSystemTime
SystemTimeToFileTime
CloseHandle
LoadLibraryA
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetModuleHandleA
OpenMutexW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
DeviceIoControl
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
LocalFree
GetCPInfo
GetWindowsDirectoryW
lstrcatW

user32

DialogBoxParamW
EndDialog
DefWindowProcW
SetWindowLongW
DestroyWindow
SetDlgItemTextW
LoadStringW
MessageBoxW
SetCursor
SendMessageW
DrawTextW
EnumThreadWindows
GetWindowLongW
SetWindowPos
LoadIconW
CreateWindowExW
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
LoadCursorW
PostMessageW
GetParent
ShowWindow
GetDlgItem
IsDialogMessageW
SetFocus
EnableWindow
CreateDialogParamW
TranslateMessage
LoadIconA

gdi32

DeleteObject
SetAbortProc
SetMapMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
StartDocW
StartPage
EndPage
EndDoc
AbortDoc
DeleteDC

msvcrt

_wcslwr
_wcsupr
wcsstr
memset
_vsnwprintf
__getmainargs
_controlfp
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_wcsicmp
memcpy
_cexit

advapi32

TraceMessage
OpenProcessToken
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
AdjustTokenPrivileges
LookupPrivilegeValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegEnumValueW
RegOpenKeyExA

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromGUID2

Sections

.1
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9af7e86b062feb178731c5c10e8862ae

Code Sign

5a:87:78:b5:20:39:f9:89:47:c7:db:46:42:e7:08:c2Certificate

Extended Key Usages

89:f8:96:be:a1:3b:9f:98:bd:d4:62:16:22:f0:59:41:39:1c:8c:49Signer

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

ole32

Sections

.1 Size: 165KB - Virtual size: 164KB

.text Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 628B

5a:87:78:b5:20:39:f9:89:47:c7:db:46:42:e7:08:c2
Certificate

89:f8:96:be:a1:3b:9f:98:bd:d4:62:16:22:f0:59:41:39:1c:8c:49
Signer

28/11/2022, 11:52
Valid: false

.1
Size: 165KB - Virtual size: 164KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 628B