8cb3898f35261dfdb3a922b8ff7a99109410a2a3078fdac94886449fb6a97c0f

Sharing

Copy URL Twitter E-mail

General

Target

8cb3898f35261dfdb3a922b8ff7a99109410a2a3078fdac94886449fb6a97c0f
Size

164KB
MD5

893453fa73f5186439f9d91d158f102d
SHA1

9c0b109d1e766f5bf05dda6074aa12ad0854c1b9
SHA256

8cb3898f35261dfdb3a922b8ff7a99109410a2a3078fdac94886449fb6a97c0f
SHA512

51681a35963c8cd495caecc8bf01f0281de0011bf3e2230f467e3512a3a2bbc73d74f618452161e1fb33c35f901dd3bdbf5e48c1e56728ec01991bff48f954df
SSDEEP

3072:6O+UR4tsbDdYUh3hdVK1CmVp64BEQcSb9XQidYm/d49hOCbSqdF:H+TKdYUZLs1NPWSxJbOrF

Score

N/A

Malware Config

Signatures

Files

8cb3898f35261dfdb3a922b8ff7a99109410a2a3078fdac94886449fb6a97c0f
.exe windows x86

f52f8f6d93c60b1ed81500898e3b821a

Code Sign

15:56:bb:c8:f0:c0:3f:93:4e:bf:76:17:95:b1:2a:0a
Certificate

Issuer

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj wzAibIFoKfmuxJmH3gc3JleittFdo4sCx9c1wamM8D 3dsA ocHgpItsfzEwaomMuazG5iEoirmE42pkm6qK59BebFIwl71y nGpnrF8nvaLEwq4L9mBGEG5x1GKwtxJInbj8LqoG7taaxHCJL9z4FgJH6CMB3cxx6pM8FfGH2fdbtGr8cgkHDB48fMEA8dcaMlq4jDHm1gwjsLzEwjfqfCIpGeEy5dleA5bp4BtKJA6sb6jK5G1f4KBm6b189tjqq2blgjjLLylcsfG8HrcGxDBchL5x4kDubvupkb6rDjLeEuA9xkpDt gmMtK4xt5MbJwa8MEjwKDbiq993mj8uDAu7bzoD6CDuL3pC4w2JiEG6xlvk16AKKij2Jwqzvh3lBrBhgI3bzlfHiy7rvFDGF3kMtgaLajgrGxvH8jv1JwGJ3ohH4diwKGgjaLjIvdk6bHJufaph7aAk6gA1LE rzy9o85kvx3 Cp3q6b uul6E2bgob F6395ozGMgCjxwfCrDGobEtiEnmd9JtyxDJm8hM5KK9avhbFg5DtvCn6JL3tGA gc h78 DbclsDyrMmviGqJ4kkGAdkBFC8296dwALoDDCb6th8xKBeGvGlGdznq3Huzv1mFGAGkC6 G1cMcFdn7ufiBD3M6f89MbB8D7 nFBv7jKtfxjeh83j8Fl5v94cg1Mcwj49nCBwl88mj48K8sE31MdEp3bhsnmHqacG97hCxuAJ1DwzwlMbA2thctrxrEf1Alo254Alf1Mb3Lcw9BD4sx q6ouBdtqeBH1zko wzjlvJ2rlryI59jLHCvKa88aqfaF8EL G92hor1AdKMG8h8vgFb313IAKj9lpKrB5qGqeBtLL9Fe9pwFfFoIKkFuoce4Kn nABrqykiiAz9MEI2q tyrdlDw2snBr3HdKMoz3LvHKHkDyF2v4GKpex42 zxw8FiuC5am3snfJae9yi2ehjKcuH3JzzHonkwJ2aE daqkFAbCDei75cG A37hxc CDKh7sdgdJ1AL52Da K4HK8eweGniItotjyiefvprnEj2J6jnEnzJKcbk fqtH3Hx7wLdvtDyzIJ2mCatLBhqgAhIjLr5plFl 32GBGfsrI8MGwfcoknfGcJqqhrbD6yGgCxhru8ABiAlCBsGm5h5lFGkm2GmEAnvLgAaiodlMiJfGz9ryg67g zismMn2i4H3ELKbtEv422E9gdJcbdumIx9rwp1bjJf2mmFwo1Fsf2a89uJhDpxcmpmh1MFM9AHGKmaFiFEwBn9LMA3rcEFAp8iba8wao2H64ihpIt7j79pytgbzzzKsom8x15MukJ rd9rAbG3man9aL4q9hG4 bAJqazxrpwICqeiF9L64mMebunupbIatbFM7s6s hAEK2ezeBxGvLuiFhnibsiD xrEFDD2iKvChdc 9gjoH3LyiBqD4 bGhdny4pnj2kaMqC1D8BuKHeKHiJ4GlhgA1Cg4ldibxC6qL6dfxkmxMeM5xa1 a5LdDsdppus9GG9rB2Jn2rskuksffm6iBCBq9 8h5opb4nfw8Kb6deoCz7C3 JnpzEjD7BwIeiI3fBAtBBAtArwgDhpa5tBywxpzEvD4DavA2jqhpzFxaflvKJwgBKpqIa5qJ9a2ar37Av1a ly4LrGiACfyCbaCqkMEs5nvelymfrJ11vpmrfzfka3wLMHbuu8umjBf6l7nBJL2ymmA3wmnvy4elpF1JvtmnywCqwMixcakyo g8xdLB3mnivAfE8mqD8oGd2Dm7BsH18zmsnFE4if9cIpCleArJFggG9G3tdkpEfGBabr93 eEBmhGucBGnh85H4oLua7t8Eqb5IpCvkzEHaGMD46hmF54xx5cf88v6zMoHgoyefiC4DGaKkfoFfx8hfDlzjjKrymxhKF35xiuDm1h5Joi9lA92Cj9q8aA61Jrs6qcnGesbbgD8r9thzBFxr2tKrGIwbmxlzghtsHKwEEAk1pujmDzHhddqtrEJCIhbIuy25KpJr8MthxvuFdvIdpnjbbgrlJv9krJwCcrKs9D4rIvg653E2loF2pChoBnHDM2JzrD68CCrFCindxmc2mlmo3aKwnnEglEMdwgGe DpF9lv4zLi1hKdzcnx8AIx7LuDis3cvkLpf3JI824L1ge46Ht6yFsuHJo gykq4F qKFr2GploeCfCbhuzL78HqDAjA5FyziB1hnva7sologjkgE7p876B2gmFsMeLf4elebEu8ovaA3rjtCCuBBB6ju9yGjpFrwJE7AM xy6L3Ms4pC8rFnw8Dchd6n9HmMGLmtivApg6x2Dcu11EgGDCdoM978jxGo9uEtsAgLv96KMAl5E8p8Ax7rI5rlz8lx2fG4tzp6raDib3r2oI6lKIpqDlBijlwwEeriFmdsM1m8FftAL7HwIICmJhsizy8ei6GCcefg8wBsf1bxhnr7FMEMDeoo1xci1fwwiHnBfd8wo9HMwjH4EpltjJfLgICrie 6hfsdiEF66h uAdGu66Iki9JfJedk4mDi7Gm9er8LjalBi8h8Iw7bf5uKrbjl3xrpkLDosvdK hkMjLlpaHuu5aBk3tuDlB4 dFKnBMywFawKyaa8d8gD4v9L5yemHpmwn46ereJCJBDredb3dnA2oyw kozAjv2a7MGbvbH5fjfHn2nj9AnJgdEsJtftd5plFu5o6iveqAof4cpcxF dHfglcfolAzGvlLLbHeh9q1mxIlmj8Lid3Bka9rxi6JboLrMlqxfr2qLtpb8Mti8H3ovDCAgc3DkJcMAFvkatq1tflvCmvhuvvj9jJyC44lqDiFu9LqL18m4Eq7kjxnzxcaxe5zMwazDHH8i1Ia Kwj465cjtG3h9329Ddtmhud6vwDja33ygnAy1pewIF 2Ay Igoqli wrjam 731dc1KtwLwnhscLdx3 llllllllllllllllllllllll

Not Before

04/01/2013, 11:59

Not After

31/12/2039, 23:59

Subject

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj wzAibIFoKfmuxJmH3gc3JleittFdo4sCx9c1wamM8D 3dsA ocHgpItsfzEwaomMuazG5iEoirmE42pkm6qK59BebFIwl71y nGpnrF8nvaLEwq4L9mBGEG5x1GKwtxJInbj8LqoG7taaxHCJL9z4FgJH6CMB3cxx6pM8FfGH2fdbtGr8cgkHDB48fMEA8dcaMlq4jDHm1gwjsLzEwjfqfCIpGeEy5dleA5bp4BtKJA6sb6jK5G1f4KBm6b189tjqq2blgjjLLylcsfG8HrcGxDBchL5x4kDubvupkb6rDjLeEuA9xkpDt gmMtK4xt5MbJwa8MEjwKDbiq993mj8uDAu7bzoD6CDuL3pC4w2JiEG6xlvk16AKKij2Jwqzvh3lBrBhgI3bzlfHiy7rvFDGF3kMtgaLajgrGxvH8jv1JwGJ3ohH4diwKGgjaLjIvdk6bHJufaph7aAk6gA1LE rzy9o85kvx3 Cp3q6b uul6E2bgob F6395ozGMgCjxwfCrDGobEtiEnmd9JtyxDJm8hM5KK9avhbFg5DtvCn6JL3tGA gc h78 DbclsDyrMmviGqJ4kkGAdkBFC8296dwALoDDCb6th8xKBeGvGlGdznq3Huzv1mFGAGkC6 G1cMcFdn7ufiBD3M6f89MbB8D7 nFBv7jKtfxjeh83j8Fl5v94cg1Mcwj49nCBwl88mj48K8sE31MdEp3bhsnmHqacG97hCxuAJ1DwzwlMbA2thctrxrEf1Alo254Alf1Mb3Lcw9BD4sx q6ouBdtqeBH1zko wzjlvJ2rlryI59jLHCvKa88aqfaF8EL G92hor1AdKMG8h8vgFb313IAKj9lpKrB5qGqeBtLL9Fe9pwFfFoIKkFuoce4Kn nABrqykiiAz9MEI2q tyrdlDw2snBr3HdKMoz3LvHKHkDyF2v4GKpex42 zxw8FiuC5am3snfJae9yi2ehjKcuH3JzzHonkwJ2aE daqkFAbCDei75cG A37hxc CDKh7sdgdJ1AL52Da K4HK8eweGniItotjyiefvprnEj2J6jnEnzJKcbk fqtH3Hx7wLdvtDyzIJ2mCatLBhqgAhIjLr5plFl 32GBGfsrI8MGwfcoknfGcJqqhrbD6yGgCxhru8ABiAlCBsGm5h5lFGkm2GmEAnvLgAaiodlMiJfGz9ryg67g zismMn2i4H3ELKbtEv422E9gdJcbdumIx9rwp1bjJf2mmFwo1Fsf2a89uJhDpxcmpmh1MFM9AHGKmaFiFEwBn9LMA3rcEFAp8iba8wao2H64ihpIt7j79pytgbzzzKsom8x15MukJ rd9rAbG3man9aL4q9hG4 bAJqazxrpwICqeiF9L64mMebunupbIatbFM7s6s hAEK2ezeBxGvLuiFhnibsiD xrEFDD2iKvChdc 9gjoH3LyiBqD4 bGhdny4pnj2kaMqC1D8BuKHeKHiJ4GlhgA1Cg4ldibxC6qL6dfxkmxMeM5xa1 a5LdDsdppus9GG9rB2Jn2rskuksffm6iBCBq9 8h5opb4nfw8Kb6deoCz7C3 JnpzEjD7BwIeiI3fBAtBBAtArwgDhpa5tBywxpzEvD4DavA2jqhpzFxaflvKJwgBKpqIa5qJ9a2ar37Av1a ly4LrGiACfyCbaCqkMEs5nvelymfrJ11vpmrfzfka3wLMHbuu8umjBf6l7nBJL2ymmA3wmnvy4elpF1JvtmnywCqwMixcakyo g8xdLB3mnivAfE8mqD8oGd2Dm7BsH18zmsnFE4if9cIpCleArJFggG9G3tdkpEfGBabr93 eEBmhGucBGnh85H4oLua7t8Eqb5IpCvkzEHaGMD46hmF54xx5cf88v6zMoHgoyefiC4DGaKkfoFfx8hfDlzjjKrymxhKF35xiuDm1h5Joi9lA92Cj9q8aA61Jrs6qcnGesbbgD8r9thzBFxr2tKrGIwbmxlzghtsHKwEEAk1pujmDzHhddqtrEJCIhbIuy25KpJr8MthxvuFdvIdpnjbbgrlJv9krJwCcrKs9D4rIvg653E2loF2pChoBnHDM2JzrD68CCrFCindxmc2mlmo3aKwnnEglEMdwgGe DpF9lv4zLi1hKdzcnx8AIx7LuDis3cvkLpf3JI824L1ge46Ht6yFsuHJo gykq4F qKFr2GploeCfCbhuzL78HqDAjA5FyziB1hnva7sologjkgE7p876B2gmFsMeLf4elebEu8ovaA3rjtCCuBBB6ju9yGjpFrwJE7AM xy6L3Ms4pC8rFnw8Dchd6n9HmMGLmtivApg6x2Dcu11EgGDCdoM978jxGo9uEtsAgLv96KMAl5E8p8Ax7rI5rlz8lx2fG4tzp6raDib3r2oI6lKIpqDlBijlwwEeriFmdsM1m8FftAL7HwIICmJhsizy8ei6GCcefg8wBsf1bxhnr7FMEMDeoo1xci1fwwiHnBfd8wo9HMwjH4EpltjJfLgICrie 6hfsdiEF66h uAdGu66Iki9JfJedk4mDi7Gm9er8LjalBi8h8Iw7bf5uKrbjl3xrpkLDosvdK hkMjLlpaHuu5aBk3tuDlB4 dFKnBMywFawKyaa8d8gD4v9L5yemHpmwn46ereJCJBDredb3dnA2oyw kozAjv2a7MGbvbH5fjfHn2nj9AnJgdEsJtftd5plFu5o6iveqAof4cpcxF dHfglcfolAzGvlLLbHeh9q1mxIlmj8Lid3Bka9rxi6JboLrMlqxfr2qLtpb8Mti8H3ovDCAgc3DkJcMAFvkatq1tflvCmvhuvvj9jJyC44lqDiFu9LqL18m4Eq7kjxnzxcaxe5zMwazDHH8i1Ia Kwj465cjtG3h9329Ddtmhud6vwDja33ygnAy1pewIF 2Ay Igoqli wrjam 731dc1KtwLwnhscLdx3 llllllllllllllllllllllll

Extended Key Usages

ExtKeyUsageCodeSigning

b7:71:4f:af:b8:7c:96:c6:5d:8d:3f:dc:ab:a0:ed:80:19:7a:f4:64
Signer

Actual PE Digest

b7:71:4f:af:b8:7c:96:c6:5d:8d:3f:dc:ab:a0:ed:80:19:7a:f4:64

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=jjjjjjjjjjjjjjjjjjjjjjjjjjjjj wzAibIFoKfmuxJmH3gc3JleittFdo4sCx9c1wamM8D 3dsA ocHgpItsfzEwaomMuazG5iEoirmE42pkm6qK59BebFIwl71y nGpnrF8nvaLEwq4L9mBGEG5x1GKwtxJInbj8LqoG7taaxHCJL9z4FgJH6CMB3cxx6pM8FfGH2fdbtGr8cgkHDB48fMEA8dcaMlq4jDHm1gwjsLzEwjfqfCIpGeEy5dleA5bp4BtKJA6sb6jK5G1f4KBm6b189tjqq2blgjjLLylcsfG8HrcGxDBchL5x4kDubvupkb6rDjLeEuA9xkpDt gmMtK4xt5MbJwa8MEjwKDbiq993mj8uDAu7bzoD6CDuL3pC4w2JiEG6xlvk16AKKij2Jwqzvh3lBrBhgI3bzlfHiy7rvFDGF3kMtgaLajgrGxvH8jv1JwGJ3ohH4diwKGgjaLjIvdk6bHJufaph7aAk6gA1LE rzy9o85kvx3 Cp3q6b uul6E2bgob F6395ozGMgCjxwfCrDGobEtiEnmd9JtyxDJm8hM5KK9avhbFg5DtvCn6JL3tGA gc h78 DbclsDyrMmviGqJ4kkGAdkBFC8296dwALoDDCb6th8xKBeGvGlGdznq3Huzv1mFGAGkC6 G1cMcFdn7ufiBD3M6f89MbB8D7 nFBv7jKtfxjeh83j8Fl5v94cg1Mcwj49nCBwl88mj48K8sE31MdEp3bhsnmHqacG97hCxuAJ1DwzwlMbA2thctrxrEf1Alo254Alf1Mb3Lcw9BD4sx q6ouBdtqeBH1zko wzjlvJ2rlryI59jLHCvKa88aqfaF8EL G92hor1AdKMG8h8vgFb313IAKj9lpKrB5qGqeBtLL9Fe9pwFfFoIKkFuoce4Kn nABrqykiiAz9MEI2q tyrdlDw2snBr3HdKMoz3LvHKHkDyF2v4GKpex42 zxw8FiuC5am3snfJae9yi2ehjKcuH3JzzHonkwJ2aE daqkFAbCDei75cG A37hxc CDKh7sdgdJ1AL52Da K4HK8eweGniItotjyiefvprnEj2J6jnEnzJKcbk fqtH3Hx7wLdvtDyzIJ2mCatLBhqgAhIjLr5plFl 32GBGfsrI8MGwfcoknfGcJqqhrbD6yGgCxhru8ABiAlCBsGm5h5lFGkm2GmEAnvLgAaiodlMiJfGz9ryg67g zismMn2i4H3ELKbtEv422E9gdJcbdumIx9rwp1bjJf2mmFwo1Fsf2a89uJhDpxcmpmh1MFM9AHGKmaFiFEwBn9LMA3rcEFAp8iba8wao2H64ihpIt7j79pytgbzzzKsom8x15MukJ rd9rAbG3man9aL4q9hG4 bAJqazxrpwICqeiF9L64mMebunupbIatbFM7s6s hAEK2ezeBxGvLuiFhnibsiD xrEFDD2iKvChdc 9gjoH3LyiBqD4 bGhdny4pnj2kaMqC1D8BuKHeKHiJ4GlhgA1Cg4ldibxC6qL6dfxkmxMeM5xa1 a5LdDsdppus9GG9rB2Jn2rskuksffm6iBCBq9 8h5opb4nfw8Kb6deoCz7C3 JnpzEjD7BwIeiI3fBAtBBAtArwgDhpa5tBywxpzEvD4DavA2jqhpzFxaflvKJwgBKpqIa5qJ9a2ar37Av1a ly4LrGiACfyCbaCqkMEs5nvelymfrJ11vpmrfzfka3wLMHbuu8umjBf6l7nBJL2ymmA3wmnvy4elpF1JvtmnywCqwMixcakyo g8xdLB3mnivAfE8mqD8oGd2Dm7BsH18zmsnFE4if9cIpCleArJFggG9G3tdkpEfGBabr93 eEBmhGucBGnh85H4oLua7t8Eqb5IpCvkzEHaGMD46hmF54xx5cf88v6zMoHgoyefiC4DGaKkfoFfx8hfDlzjjKrymxhKF35xiuDm1h5Joi9lA92Cj9q8aA61Jrs6qcnGesbbgD8r9thzBFxr2tKrGIwbmxlzghtsHKwEEAk1pujmDzHhddqtrEJCIhbIuy25KpJr8MthxvuFdvIdpnjbbgrlJv9krJwCcrKs9D4rIvg653E2loF2pChoBnHDM2JzrD68CCrFCindxmc2mlmo3aKwnnEglEMdwgGe DpF9lv4zLi1hKdzcnx8AIx7LuDis3cvkLpf3JI824L1ge46Ht6yFsuHJo gykq4F qKFr2GploeCfCbhuzL78HqDAjA5FyziB1hnva7sologjkgE7p876B2gmFsMeLf4elebEu8ovaA3rjtCCuBBB6ju9yGjpFrwJE7AM xy6L3Ms4pC8rFnw8Dchd6n9HmMGLmtivApg6x2Dcu11EgGDCdoM978jxGo9uEtsAgLv96KMAl5E8p8Ax7rI5rlz8lx2fG4tzp6raDib3r2oI6lKIpqDlBijlwwEeriFmdsM1m8FftAL7HwIICmJhsizy8ei6GCcefg8wBsf1bxhnr7FMEMDeoo1xci1fwwiHnBfd8wo9HMwjH4EpltjJfLgICrie 6hfsdiEF66h uAdGu66Iki9JfJedk4mDi7Gm9er8LjalBi8h8Iw7bf5uKrbjl3xrpkLDosvdK hkMjLlpaHuu5aBk3tuDlB4 dFKnBMywFawKyaa8d8gD4v9L5yemHpmwn46ereJCJBDredb3dnA2oyw kozAjv2a7MGbvbH5fjfHn2nj9AnJgdEsJtftd5plFu5o6iveqAof4cpcxF dHfglcfolAzGvlLLbHeh9q1mxIlmj8Lid3Bka9rxi6JboLrMlqxfr2qLtpb8Mti8H3ovDCAgc3DkJcMAFvkatq1tflvCmvhuvvj9jJyC44lqDiFu9LqL18m4Eq7kjxnzxcaxe5zMwazDHH8i1Ia Kwj465cjtG3h9329Ddtmhud6vwDja33ygnAy1pewIF 2Ay Igoqli wrjam 731dc1KtwLwnhscLdx3 llllllllllllllllllllllll

28/11/2022, 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
ReadFile
ExitProcess
LoadLibraryA
GetProcAddress

user32

GetClassNameW
DestroyIcon
RedrawWindow
PostQuitMessage
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetWindowsHookW
ShowCursor
GetMessageW
PtInRect
GetMessagePos
SetTimer
SendMessageW
GetWindowLongW
ValidateRect
ReleaseDC
ClientToScreen
InvertRect
ScreenToClient
GetDC
CopyRect
GetWindowRect
GetParent
SetCapture
DefWindowProcW
EndPaint
FillRect
GetSysColor
GetClientRect
BeginPaint
KillTimer
ReleaseCapture
RegisterClassW
LoadCursorW
wsprintfW
CallWindowProcW
PostMessageW
SetWindowLongW
GetWindowTextW
WinHelpW
GetDlgCtrlID
SetWindowTextW
LoadStringW
SetDlgItemInt
MessageBeep
GetFocus
EndDialog
GetDlgItemInt
IsDlgButtonChecked
SetFocus
GetDlgItem
CheckRadioButton
CheckDlgButton
EnableWindow
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
DialogBoxParamW
MapWindowPoints
OffsetRect
GetWindow
IntersectRect
IsWindow
CharPrevW
GetWindowThreadProcessId
GetKeyState
GetAsyncKeyState
SetWindowPos
SetParent
IsIconic
SetCursor
SetActiveWindow
BringWindowToTop
AdjustWindowRect
SetRect
GetSystemMetrics
IsRectEmpty
GetActiveWindow
ShowWindow
EnableMenuItem
GetMenu
IsWindowVisible
DrawMenuBar
ModifyMenuW
wsprintfA
MessageBoxW
IsCharAlphaW
IsCharAlphaNumericW
CreateWindowExW
GetDialogBaseUnits
DestroyWindow
InvalidateRect
MoveWindow
InflateRect
GetSubMenu
LoadMenuW
SystemParametersInfoW
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
CharLowerBuffW
InsertMenuW
DeleteMenu
GetWindowPlacement
SetForegroundWindow
SetRectEmpty
SetMenu
UpdateWindow
FindWindowW
LoadIconW
CopyAcceleratorTableW
LoadAcceleratorsW
DestroyMenu
CreateMenu
RemoveMenu
GetMenuItemCount
GetDesktopWindow
CheckMenuItem
FrameRect
DrawIcon
DrawTextW
EqualRect
IsWindowEnabled
LoadImageW
IsZoomed
RegisterDeviceNotificationW
UnregisterDeviceNotification
RegisterClipboardFormatW
UnhookWindowsHook
TranslateMessage
TranslateAcceleratorW
RegisterClassExA

gdi32

StretchDIBits
CloseMetaFile
SetStretchBltMode
CreatePalette
SaveDC
ExcludeClipRect
RestoreDC
CreateCompatibleBitmap
PatBlt
TextOutW
CreatePen
RealizePalette
CreateMetaFileW
GetDIBits
GetSystemPaletteEntries
GetSystemPaletteUse
SetBkColor
GetPaletteEntries
SetROP2
GetBkMode
SetBkMode
Rectangle
CreateCompatibleDC
StretchBlt
DeleteDC
CreateFontIndirectW
SelectPalette
GetObjectW
GetDeviceCaps
GetTextExtentPoint32W
CreateBitmap
CreatePatternBrush
DeleteMetaFile
CreateSolidBrush
DeleteObject
GetStockObject
SelectObject
SetTextColor
SetMapMode
SetViewportOrgEx
SetViewportExtEx
SetWindowOrgEx
SetWindowExtEx
MoveToEx
LineTo
Polygon
GetROP2

msvcrt

_cexit
exit
_wcmdln
__wgetmainargs
_initterm
_XcptFilter
_exit
_c_exit
wcscmp
_wcsicmp
wcslen
_wcsnicmp
_snwprintf
_purecall
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
wcscpy
wcscat

advapi32

RegOpenKeyExA

winmm

PlaySoundA

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f52f8f6d93c60b1ed81500898e3b821a

Code Sign

15:56:bb:c8:f0:c0:3f:93:4e:bf:76:17:95:b1:2a:0aCertificate

Extended Key Usages

b7:71:4f:af:b8:7c:96:c6:5d:8d:3f:dc:ab:a0:ed:80:19:7a:f4:64Signer

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

winmm

Sections

.text Size: 110KB - Virtual size: 110KB

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 1024B - Virtual size: 952B

15:56:bb:c8:f0:c0:3f:93:4e:bf:76:17:95:b1:2a:0a
Certificate

b7:71:4f:af:b8:7c:96:c6:5d:8d:3f:dc:ab:a0:ed:80:19:7a:f4:64
Signer

28/11/2022, 11:52
Valid: false

.text
Size: 110KB - Virtual size: 110KB

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 1024B - Virtual size: 952B