af58f40b0f676065ec6dd491a3fc75606ec01cd4bc38c7e748e53d39559410c4

Sharing

Copy URL Twitter E-mail

General

Target

af58f40b0f676065ec6dd491a3fc75606ec01cd4bc38c7e748e53d39559410c4
Size

6.7MB
MD5

bad898215cbf40fce8ce82be3292c150
SHA1

801cc6aaf4553da84b8463b3aee499640a6632c4
SHA256

af58f40b0f676065ec6dd491a3fc75606ec01cd4bc38c7e748e53d39559410c4
SHA512

f18b3be5823d32ac5ab7d3bc1c22dda6da0a9cfc4ab74cd435b52ac40309d17cdbeee6bb3775f971980d791461e2c2e6bab7bb6c857b4ec89c0f0dc9acbdbb6b
SSDEEP

98304:CsaGGnNtDBKa9FNpY5eX85xwB/usCfdcvFLOAkGkzdnEVomFHKnPo:WzVBY5es5xjsCGvFLOyomFHKnPo

Score

N/A

Malware Config

Signatures

Files

af58f40b0f676065ec6dd491a3fc75606ec01cd4bc38c7e748e53d39559410c4
.exe windows x64

0678ee6e0dc6d562f002c4d96ba825e7

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/04/2021, 00:00

Not After

26/04/2024, 23:59

Subject

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/04/2021, 00:00

Not After

26/04/2024, 23:59

Subject

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:c6:94:04:c5:16:2c:74:28:80:cf:dc:b6:b1:38:87:48:c7:6f:38:8f:04:2e:e4:37:d8:51:69:00:2f:93:ac
Signer

Actual PE Digest

b1:c6:94:04:c5:16:2c:74:28:80:cf:dc:b6:b1:38:87:48:c7:6f:38:8f:04:2e:e4:37:d8:51:69:00:2f:93:ac

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

01/12/2022, 14:34
Valid: true

Chain 1

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

6c:8a:08:3a:fe:73:7b:8c:9b:26:15:1d:65:22:65:21:f7:33:96:f2
Signer

Actual PE Digest

6c:8a:08:3a:fe:73:7b:8c:9b:26:15:1d:65:22:65:21:f7:33:96:f2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

14/02/2022, 06:33
Valid: true

Chain 1

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

rpcrt4

UuidToStringW

setupapi

CM_Get_Parent
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

vivevr_api

HVR_ShutDown
HVR_Init
HVR_GetHVRInitErrorEnumString
HVR_GetGenericInterface

kernel32

GetThreadLocale
GetCurrentThread
GetVersionExW
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetThreadPriority
ResumeThread
GlobalGetAtomNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrcpyW
GlobalFlags
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetFileSizeEx
GetFileTime
SetErrorMode
GetTempFileNameW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
FindResourceExW
GetUserDefaultLCID
RtlCaptureContext
lstrcmpiW
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ExitThread
GetFileType
GetDriveTypeW
ExitProcess
RtlUnwindEx
RtlPcToFileHeader
VirtualAlloc
SwitchToThread
FreeLibraryAndExitThread
GetThreadTimes
GetCPInfo
LCMapStringW
GetStringTypeW
DuplicateHandle
GetVolumeInformationW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
EncodePointer
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
FreeResource
InitializeCriticalSectionAndSpinCount
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FindClose
FindNextFileW
FindFirstFileW
GetTimeZoneInformation
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetFileSize
LockFileEx
CreateFileMappingA
UnlockFile
HeapCompact
GetSystemInfo
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnmapViewOfFile
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
GetUserDefaultLocaleName
CreateProcessW
OutputDebugStringW
VerSetConditionMask
VerifyVersionInfoW
GetFullPathNameW
GetModuleHandleW
SetLastError
lstrcmpA
GetSystemDirectoryW
LocalAlloc
InitializeCriticalSection
CreateFileW
CancelIo
ConnectNamedPipe
CreateNamedPipeW
ReadFile
WriteFile
ReleaseMutex
GetNamedPipeClientProcessId
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetCurrentThreadId
GetGeoInfoW
GetUserGeoID
GlobalMemoryStatusEx
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
GetUserPreferredUILanguages
WritePrivateProfileSectionW
GetTickCount64
GetSystemPowerStatus
GetExitCodeProcess
FormatMessageW
LoadLibraryA
LoadLibraryExW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
K32EnumProcesses
K32GetModuleBaseNameW
K32GetProcessImageFileNameW
K32GetModuleFileNameExW
QueryFullProcessImageNameW
DeleteFileW
LocalFree
GetCommandLineW
GetTempPathW
GetCurrentProcessId
CopyFileW
TerminateProcess
OpenProcess
CreateMutexW
WideCharToMultiByte
GetCurrentProcess
GetModuleFileNameW
MultiByteToWideChar
TerminateThread
WritePrivateProfileStringW
GetPrivateProfileStringW
MulDiv
WaitForMultipleObjects
GetLocalTime
WaitForSingleObject
SetEvent
CreateThread
ResetEvent
GetPrivateProfileIntW
Sleep
CreateDirectoryW
GetLastError
FreeLibrary
GetProcAddress
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryW
CloseHandle
CreateEventW
GetCommandLineA
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
VirtualQuery
GetStdHandle
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
RtlLookupFunctionEntry

user32

SetWindowContextHelpId
PostQuitMessage
CharUpperW
SendDlgItemMessageA
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextW
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
EndDeferWindowPos
UnionRect
MapDialogRect
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
CallNextHookEx
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
MonitorFromPoint
CopyImage
UnhookWindowsHookEx
SetWindowsHookExW
GetCursorPos
GetFocus
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetClassNameW
FillRect
InvalidateRect
UpdateWindow
DrawStateW
RemoveMenu
AppendMenuW
GetMessageW
TranslateMessage
ShowOwnedPopups
GetSysColorBrush
SetLayeredWindowAttributes
SystemParametersInfoW
RealChildWindowFromPoint
InflateRect
IntersectRect
TrackMouseEvent
IsZoomed
GetAsyncKeyState
GetSystemMenu
DeleteMenu
SetWindowRgn
MessageBeep
WindowFromPoint
InsertMenuW
GetMenuItemCount
GetMenuItemID
NotifyWinEvent
CreatePopupMenu
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
DestroyMenu
BeginDeferWindowPos
EnableScrollBar
DestroyIcon
LoadImageW
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DeferWindowPos
PostMessageW
LoadCursorW
GetDC
ReleaseDC
IsWindow
BringWindowToTop
SetCursor
EnableWindow
SendMessageW
RedrawWindow
KillTimer
IsWindowVisible
SetTimer
GetWindowRect
GetIconInfo
ReleaseCapture
SetCapture
OffsetRect
PtInRect
LoadBitmapW
SetRectEmpty
CopyRect
GetClassInfoW
DefWindowProcW
IsRectEmpty
MoveWindow
LoadIconW
GetMonitorInfoW
EnumDisplayMonitors
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
FlashWindow
MessageBoxW
GetDesktopWindow
UnregisterClassW
wsprintfW
GetMenuStringW
GetMenuState
GetSubMenu
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetParent
LockWindowUpdate
SetClassLongPtrW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClipboardFormatW
CharUpperBuffW
ModifyMenuW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CopyIcon
FrameRect
PostThreadMessageW
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
GetKeyNameTextW
InvertRect
HideCaret
DrawFocusRect

gdi32

SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
SaveDC
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Rectangle
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
GetStockObject
CreateDCW
CopyMetaFileW
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
RemoveFontResourceExW
AddFontResourceExW
DeleteObject
SelectObject
CreatePen
CreateFontIndirectW
CreateRoundRectRgn
CreateSolidBrush
BitBlt

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CryptDestroyHash
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
CryptReleaseContext
RegOpenKeyExW
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegNotifyChangeKeyValue
RegSetValueExW
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey

shell32

SHAppBarMessage
CommandLineToArgvW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetKnownFolderPath
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
StrFormatKBSizeW

uxtheme

DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleUninitialize
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitialize
CoCreateGuid
CoTaskMemFree

oleaut32

VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocString
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipCreateFontFromLogfontW
GdipDeleteFont
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetPixelOffsetMode
GdipDrawImageRectRect
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipSetInterpolationMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFillRectangle
GdipDeleteRegion
GdipCreateRegion
GdipSetStringFormatMeasurableCharacterRanges
GdipMeasureCharacterRanges
GdipGetRegionBoundsI
GdipGetFontHeight
GdipSetSolidFillColor
GdipDrawString
GdipFillRegion
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreatePen1
GdipDeletePen
GdipDrawRectangle
GdiplusShutdown
GdiplusStartup
GdipCreateLineBrushI
GdipCreatePen2
GdipDrawLineI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI

winhttp

WinHttpConnect
WinHttpSendRequest
WinHttpWriteData
WinHttpReceiveResponse
WinHttpOpen
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpQueryDataAvailable

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0678ee6e0dc6d562f002c4d96ba825e7

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dcCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dcCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

b1:c6:94:04:c5:16:2c:74:28:80:cf:dc:b6:b1:38:87:48:c7:6f:38:8f:04:2e:e4:37:d8:51:69:00:2f:93:acSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: true

Chain 1

6c:8a:08:3a:fe:73:7b:8c:9b:26:15:1d:65:22:65:21:f7:33:96:f2Signer

Signature Validations

Verification

14/02/2022, 06:33 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

setupapi

version

vivevr_api

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winhttp

oleacc

imm32

winmm

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 48KB - Virtual size: 103KB

.pdata Size: 151KB - Virtual size: 150KB

.gfids Size: 108KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 73KB - Virtual size: 73KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

b1:c6:94:04:c5:16:2c:74:28:80:cf:dc:b6:b1:38:87:48:c7:6f:38:8f:04:2e:e4:37:d8:51:69:00:2f:93:ac
Signer

01/12/2022, 14:34
Valid: true

6c:8a:08:3a:fe:73:7b:8c:9b:26:15:1d:65:22:65:21:f7:33:96:f2
Signer

14/02/2022, 06:33
Valid: true

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 48KB - Virtual size: 103KB

.pdata
Size: 151KB - Virtual size: 150KB

.gfids
Size: 108KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 73KB - Virtual size: 73KB