5339ad6fb067bd02b8200e42e7fbf788f00870431b29a08eb122c5b81219df01

Sharing

Copy URL Twitter E-mail

General

Target

5339ad6fb067bd02b8200e42e7fbf788f00870431b29a08eb122c5b81219df01
Size

369KB
MD5

822e7f908df961c1d8f504d310085370
SHA1

d9fc54aefdf2fc7a679f4c0bbdb1998ff4dae3f7
SHA256

5339ad6fb067bd02b8200e42e7fbf788f00870431b29a08eb122c5b81219df01
SHA512

35b9fe1cfed3b970fd83f60af5227706f00d16302081977cc5e5b5a1c79c2e32d770e8664b25995bf35e5820583abaa22701a8fc32ce912b605701e93f0b1095
SSDEEP

3072:T6JMaa/q3k3vrp8M67iw8BoFj0zYtvOnKsNv7IHTm9Nu22mhhb6YMniPunUx9x6T:T6Jta/qMQrLyYtzEoKbdPuUx1Ircg2Xk

Score

N/A

Malware Config

Signatures

Files

5339ad6fb067bd02b8200e42e7fbf788f00870431b29a08eb122c5b81219df01
.exe windows x86

17b17d03ec42cc696c4c21cb6ae8218c

Code Sign

27:df:d3:18:58:ac:cb:61:b2:04:d4:84:3c:70:4e:7d
Certificate

Issuer

CN=j5o1AOTIoCLAFaQBh2vgvg85ryvsE5UUp6RxQAKu42iDNxL5EfdwqCtmtdkyPBkU2fYWUCI2ZP3VrCLtIdpfXUErhQcxgNAHiky8luqJh61HbRP6HtAe2GdSvOk1lD7hvJKKnKoi7pEUjIPCWaE3bwCuXYmmb4fT7kciR13FQWLmJFzU1VT3B4inzKiJx6b6KvRXoUJ62nAB3eHaAX2lcVvTr4A7MM6IagcN79G5lSKYsXQRwYbQsQrKPo5d1a2Ri2YBSn4sCdjCQsuKNcQhywcRbJZwUmVVcPsVelUiQDGoNk3QApX4mGOs1C1nTuFz8efbiOcXcXL1udPtdVSul7b378aOXIYLugotTBM6VuOVML3d7zjzDD7pkQVHNfzINxkJxwrEz7tocJQWWIo845mCITcGKh1XNdTGjpROHcPqSQeQvhHL5kx3tVdbO5MijVmN2aD56FnQGRakGEcRMhciVaGmFWgMoTom7IefHZYe6Bt6CPdzYRLiDhGeAcLNcQ3oG14kBaVWdSTcyixP43CfexIwyauX32MKv2qG2FXaSy8RT5mn9PZBxKGOdeyerfv2XMxUpA9NvyHFcJfGWf59ycTqNOWK1NuD9jwWhtZAfM6uclb5RlUSoJ5rhmC3AxpKLGpVmssZOcGpKwzAXeuamKkKfkoS5Sojd26lvaPkEMKQUqc4W1HAT9c2VfYiDIV4vusULLQBQAuuRJiacQk1BlBJgC4BvuVxncdGjZFH8DYjWEshHV4CflS5L39q8cH18n1Vt4NeR2eyFWIz9svQKBN5G7IE4kYANgpgKJeA8R8KHRu4THbqacuwTs7s4VT747SxNkhWBjwIPfCuUUtnJFxYUIBi1zYfcdMTqEIiEv6x3nkmQqIWQ8RPVBnSXnbocToMA5JmiHvAtbh21zaK2bSbMQug7WOLHwSTpuSFb7gwo1vzmIUBYZmXYcVGQtGnYuleajaxE1OifPtRvh1FzgtSFqBMEDUXZcL3hvV4HIu7C53zIFqkOcNoFmineF56l63Umy15WyyshLv8WnYjQymMrQICokb5gFZF7uBhHRb98pvLJTsy1Cy56MtV8Tx4GrlquOh5T5oce58unKulMcb7q441AeZUbWFAvE5GaBbYNlS5IuFdMCsuRDWQ4DIjWLwNoBq7JSp8fjE6kJuYPNZAvsqI12iITvj5wN77zrRw3FKSq4iJR8PA7zJ94OKmyNoCpUpgeMgnWyQASboSYxqp4X2WWWuh7k1WKaVTUs98KI76cIZ4ruzOqKlhCTkfqLiTnhI8z43xuo17yrbeE1xiUZCu9FtRZSkxgwdRHcnEjlv7O4XBcBY9UQKgLNzuYp2eAGjNwuqLwRUlrngIOmXssttxSnEgd9jCE7enSErtBOXPzcSknRV4d3tA1Ya79VUETEEQjnwEbzPp2lAvUfLBxNlSUMWKVBxwYIEgXpHt2Z3EhHXCE9KvqYwfppgEm4KIEdJoFwVl6zyWqbAiVLzXwTrKv5L5Qe52PAKQVu4ZudKteISrfPjW9PoJqvw7w4SvEP1ZQbOqrqn99gdgiAsegbzRsX1y7vutjtdYgsRUmgCHeOPdROUlvh546e624C6xeysKAbM2Of5DeqT5XP1C8yWvZD5VqqPDXDgZWj2CxsHfy8uSHtsa6t6GW2ErUZIUeRxf6NXNpyVzg2AVo8lQZtloUNTvVrFQTRDJtDTXrEwu2f4QtGfm35qDZQlQvTyaYNfy9PZOPsIBgUIwyB39cOZLtDS2kx5TFoxxPrmkVa7lWge5nQ8qXgBpL8PjKyUljQ2iVyYIfwJSMseZSUecBZFprQUMLcC6nXGfvhMypNZc7MbZ8QthXGAXgPgj4ID1x2RxeLzDgOK3Tvx5lcseAXCw5DpyWpmgBSkbtc43LSeWNVCwU48qExUOYojUoA2fvQeSgLSa4T4f8pCTo4QXZ7zRaHiB2CQGpRabeJzEpgj2PiH5snpM8szWYL7C9UTzyk5oKlxrhRraw1TcXFZAcmNFXfWIFQabncpBLUaKedjiuYaCWbbR1C4SLomsfTy4uXTFVMG52hbTEGk6yDYQ474HfWja5yR4BDMhyjfcABJbAB9z7lMArHoAlebX7jOhELEOzSUbYd49xgjk57qVVjAdg1KITI17FqxwBVFnpIDzqfnR8h5sYR4yfHf9GlZgRfOoSVoogfm3K7O22HoyFl9UM9eFkNbFCmmdnlP95pxSMv1VIPooLL5NtMHxnJUztqnvCHIPxqRel5hVkAvVF9Y46x6M1Orv5EuEQzBStYtZXwMG6qzSqzVNzTeb7JShiMKKYw26UlRRPxDarmQMK8QqXSjkadkX76DHyans1hYjMRPAVUYT2XCzw2XAj2IVFnXbK9Wj559Ajjkskb1jid1dDof6pYVOiV1Gr9YfzA5KxETytIrSe5FzQAALUSJzqFsq8SB79bXzhLiWqF7faNcbTJPlXBOpGWnrZ5Q6yKkG1v81oGjO7C4OBwfhl1JMSGexRwDBKJ8sPLXmIXIMIOFzZ9sQt32vTnTjeZOnP6J2vueTUer9iIjNhjz7uE4CRXH8dm9p3kUnuEiPEHWDNFc9Jh3T8N9r1Yl9BshYOrPcPeoDJdaPS4pwSRLOOvuBJtThRbMEG16ZihH5a2o2NiZ8mn1hBPe1A1Tg7s7go7G5hPjb42kmvORsWEtqePnPiJgz6gFVNmYtPZahJz8Fz6PhC6fe4DQwIgjvfAH6XUN4ESaWByiFgDFCuCPq9muQSML7Dqqo3sks7F56isLLtYYPOFaybb4NYXMdZQTPpcd4fvDRycTeLHlu1dwSvicGk6TsIWbExRr5HDpIkjp3mnbwGLFv9Vr8rT3fPO7n7KstQjVnDPt17ER5ynHjJngWXGBI4ByOWE5ZEMAQKiDHAcFCwBaTBS2jHjjTLvc4ZUycLnJp3PStWGKRDy1HJO2EC6muVHGvppxnvqzD32zs2RdP5RzXKwqFPWj2gsxMrv5DOjen

Not Before

25/10/2012, 05:55

Not After

31/12/2039, 23:59

Subject

CN=j5o1AOTIoCLAFaQBh2vgvg85ryvsE5UUp6RxQAKu42iDNxL5EfdwqCtmtdkyPBkU2fYWUCI2ZP3VrCLtIdpfXUErhQcxgNAHiky8luqJh61HbRP6HtAe2GdSvOk1lD7hvJKKnKoi7pEUjIPCWaE3bwCuXYmmb4fT7kciR13FQWLmJFzU1VT3B4inzKiJx6b6KvRXoUJ62nAB3eHaAX2lcVvTr4A7MM6IagcN79G5lSKYsXQRwYbQsQrKPo5d1a2Ri2YBSn4sCdjCQsuKNcQhywcRbJZwUmVVcPsVelUiQDGoNk3QApX4mGOs1C1nTuFz8efbiOcXcXL1udPtdVSul7b378aOXIYLugotTBM6VuOVML3d7zjzDD7pkQVHNfzINxkJxwrEz7tocJQWWIo845mCITcGKh1XNdTGjpROHcPqSQeQvhHL5kx3tVdbO5MijVmN2aD56FnQGRakGEcRMhciVaGmFWgMoTom7IefHZYe6Bt6CPdzYRLiDhGeAcLNcQ3oG14kBaVWdSTcyixP43CfexIwyauX32MKv2qG2FXaSy8RT5mn9PZBxKGOdeyerfv2XMxUpA9NvyHFcJfGWf59ycTqNOWK1NuD9jwWhtZAfM6uclb5RlUSoJ5rhmC3AxpKLGpVmssZOcGpKwzAXeuamKkKfkoS5Sojd26lvaPkEMKQUqc4W1HAT9c2VfYiDIV4vusULLQBQAuuRJiacQk1BlBJgC4BvuVxncdGjZFH8DYjWEshHV4CflS5L39q8cH18n1Vt4NeR2eyFWIz9svQKBN5G7IE4kYANgpgKJeA8R8KHRu4THbqacuwTs7s4VT747SxNkhWBjwIPfCuUUtnJFxYUIBi1zYfcdMTqEIiEv6x3nkmQqIWQ8RPVBnSXnbocToMA5JmiHvAtbh21zaK2bSbMQug7WOLHwSTpuSFb7gwo1vzmIUBYZmXYcVGQtGnYuleajaxE1OifPtRvh1FzgtSFqBMEDUXZcL3hvV4HIu7C53zIFqkOcNoFmineF56l63Umy15WyyshLv8WnYjQymMrQICokb5gFZF7uBhHRb98pvLJTsy1Cy56MtV8Tx4GrlquOh5T5oce58unKulMcb7q441AeZUbWFAvE5GaBbYNlS5IuFdMCsuRDWQ4DIjWLwNoBq7JSp8fjE6kJuYPNZAvsqI12iITvj5wN77zrRw3FKSq4iJR8PA7zJ94OKmyNoCpUpgeMgnWyQASboSYxqp4X2WWWuh7k1WKaVTUs98KI76cIZ4ruzOqKlhCTkfqLiTnhI8z43xuo17yrbeE1xiUZCu9FtRZSkxgwdRHcnEjlv7O4XBcBY9UQKgLNzuYp2eAGjNwuqLwRUlrngIOmXssttxSnEgd9jCE7enSErtBOXPzcSknRV4d3tA1Ya79VUETEEQjnwEbzPp2lAvUfLBxNlSUMWKVBxwYIEgXpHt2Z3EhHXCE9KvqYwfppgEm4KIEdJoFwVl6zyWqbAiVLzXwTrKv5L5Qe52PAKQVu4ZudKteISrfPjW9PoJqvw7w4SvEP1ZQbOqrqn99gdgiAsegbzRsX1y7vutjtdYgsRUmgCHeOPdROUlvh546e624C6xeysKAbM2Of5DeqT5XP1C8yWvZD5VqqPDXDgZWj2CxsHfy8uSHtsa6t6GW2ErUZIUeRxf6NXNpyVzg2AVo8lQZtloUNTvVrFQTRDJtDTXrEwu2f4QtGfm35qDZQlQvTyaYNfy9PZOPsIBgUIwyB39cOZLtDS2kx5TFoxxPrmkVa7lWge5nQ8qXgBpL8PjKyUljQ2iVyYIfwJSMseZSUecBZFprQUMLcC6nXGfvhMypNZc7MbZ8QthXGAXgPgj4ID1x2RxeLzDgOK3Tvx5lcseAXCw5DpyWpmgBSkbtc43LSeWNVCwU48qExUOYojUoA2fvQeSgLSa4T4f8pCTo4QXZ7zRaHiB2CQGpRabeJzEpgj2PiH5snpM8szWYL7C9UTzyk5oKlxrhRraw1TcXFZAcmNFXfWIFQabncpBLUaKedjiuYaCWbbR1C4SLomsfTy4uXTFVMG52hbTEGk6yDYQ474HfWja5yR4BDMhyjfcABJbAB9z7lMArHoAlebX7jOhELEOzSUbYd49xgjk57qVVjAdg1KITI17FqxwBVFnpIDzqfnR8h5sYR4yfHf9GlZgRfOoSVoogfm3K7O22HoyFl9UM9eFkNbFCmmdnlP95pxSMv1VIPooLL5NtMHxnJUztqnvCHIPxqRel5hVkAvVF9Y46x6M1Orv5EuEQzBStYtZXwMG6qzSqzVNzTeb7JShiMKKYw26UlRRPxDarmQMK8QqXSjkadkX76DHyans1hYjMRPAVUYT2XCzw2XAj2IVFnXbK9Wj559Ajjkskb1jid1dDof6pYVOiV1Gr9YfzA5KxETytIrSe5FzQAALUSJzqFsq8SB79bXzhLiWqF7faNcbTJPlXBOpGWnrZ5Q6yKkG1v81oGjO7C4OBwfhl1JMSGexRwDBKJ8sPLXmIXIMIOFzZ9sQt32vTnTjeZOnP6J2vueTUer9iIjNhjz7uE4CRXH8dm9p3kUnuEiPEHWDNFc9Jh3T8N9r1Yl9BshYOrPcPeoDJdaPS4pwSRLOOvuBJtThRbMEG16ZihH5a2o2NiZ8mn1hBPe1A1Tg7s7go7G5hPjb42kmvORsWEtqePnPiJgz6gFVNmYtPZahJz8Fz6PhC6fe4DQwIgjvfAH6XUN4ESaWByiFgDFCuCPq9muQSML7Dqqo3sks7F56isLLtYYPOFaybb4NYXMdZQTPpcd4fvDRycTeLHlu1dwSvicGk6TsIWbExRr5HDpIkjp3mnbwGLFv9Vr8rT3fPO7n7KstQjVnDPt17ER5ynHjJngWXGBI4ByOWE5ZEMAQKiDHAcFCwBaTBS2jHjjTLvc4ZUycLnJp3PStWGKRDy1HJO2EC6muVHGvppxnvqzD32zs2RdP5RzXKwqFPWj2gsxMrv5DOjen

Extended Key Usages

ExtKeyUsageCodeSigning

3e:e0:7c:8a:45:bb:1a:6e:0f:a1:8c:bd:64:1e:18:92:ed:df:f1:54
Signer

Actual PE Digest

3e:e0:7c:8a:45:bb:1a:6e:0f:a1:8c:bd:64:1e:18:92:ed:df:f1:54

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=j5o1AOTIoCLAFaQBh2vgvg85ryvsE5UUp6RxQAKu42iDNxL5EfdwqCtmtdkyPBkU2fYWUCI2ZP3VrCLtIdpfXUErhQcxgNAHiky8luqJh61HbRP6HtAe2GdSvOk1lD7hvJKKnKoi7pEUjIPCWaE3bwCuXYmmb4fT7kciR13FQWLmJFzU1VT3B4inzKiJx6b6KvRXoUJ62nAB3eHaAX2lcVvTr4A7MM6IagcN79G5lSKYsXQRwYbQsQrKPo5d1a2Ri2YBSn4sCdjCQsuKNcQhywcRbJZwUmVVcPsVelUiQDGoNk3QApX4mGOs1C1nTuFz8efbiOcXcXL1udPtdVSul7b378aOXIYLugotTBM6VuOVML3d7zjzDD7pkQVHNfzINxkJxwrEz7tocJQWWIo845mCITcGKh1XNdTGjpROHcPqSQeQvhHL5kx3tVdbO5MijVmN2aD56FnQGRakGEcRMhciVaGmFWgMoTom7IefHZYe6Bt6CPdzYRLiDhGeAcLNcQ3oG14kBaVWdSTcyixP43CfexIwyauX32MKv2qG2FXaSy8RT5mn9PZBxKGOdeyerfv2XMxUpA9NvyHFcJfGWf59ycTqNOWK1NuD9jwWhtZAfM6uclb5RlUSoJ5rhmC3AxpKLGpVmssZOcGpKwzAXeuamKkKfkoS5Sojd26lvaPkEMKQUqc4W1HAT9c2VfYiDIV4vusULLQBQAuuRJiacQk1BlBJgC4BvuVxncdGjZFH8DYjWEshHV4CflS5L39q8cH18n1Vt4NeR2eyFWIz9svQKBN5G7IE4kYANgpgKJeA8R8KHRu4THbqacuwTs7s4VT747SxNkhWBjwIPfCuUUtnJFxYUIBi1zYfcdMTqEIiEv6x3nkmQqIWQ8RPVBnSXnbocToMA5JmiHvAtbh21zaK2bSbMQug7WOLHwSTpuSFb7gwo1vzmIUBYZmXYcVGQtGnYuleajaxE1OifPtRvh1FzgtSFqBMEDUXZcL3hvV4HIu7C53zIFqkOcNoFmineF56l63Umy15WyyshLv8WnYjQymMrQICokb5gFZF7uBhHRb98pvLJTsy1Cy56MtV8Tx4GrlquOh5T5oce58unKulMcb7q441AeZUbWFAvE5GaBbYNlS5IuFdMCsuRDWQ4DIjWLwNoBq7JSp8fjE6kJuYPNZAvsqI12iITvj5wN77zrRw3FKSq4iJR8PA7zJ94OKmyNoCpUpgeMgnWyQASboSYxqp4X2WWWuh7k1WKaVTUs98KI76cIZ4ruzOqKlhCTkfqLiTnhI8z43xuo17yrbeE1xiUZCu9FtRZSkxgwdRHcnEjlv7O4XBcBY9UQKgLNzuYp2eAGjNwuqLwRUlrngIOmXssttxSnEgd9jCE7enSErtBOXPzcSknRV4d3tA1Ya79VUETEEQjnwEbzPp2lAvUfLBxNlSUMWKVBxwYIEgXpHt2Z3EhHXCE9KvqYwfppgEm4KIEdJoFwVl6zyWqbAiVLzXwTrKv5L5Qe52PAKQVu4ZudKteISrfPjW9PoJqvw7w4SvEP1ZQbOqrqn99gdgiAsegbzRsX1y7vutjtdYgsRUmgCHeOPdROUlvh546e624C6xeysKAbM2Of5DeqT5XP1C8yWvZD5VqqPDXDgZWj2CxsHfy8uSHtsa6t6GW2ErUZIUeRxf6NXNpyVzg2AVo8lQZtloUNTvVrFQTRDJtDTXrEwu2f4QtGfm35qDZQlQvTyaYNfy9PZOPsIBgUIwyB39cOZLtDS2kx5TFoxxPrmkVa7lWge5nQ8qXgBpL8PjKyUljQ2iVyYIfwJSMseZSUecBZFprQUMLcC6nXGfvhMypNZc7MbZ8QthXGAXgPgj4ID1x2RxeLzDgOK3Tvx5lcseAXCw5DpyWpmgBSkbtc43LSeWNVCwU48qExUOYojUoA2fvQeSgLSa4T4f8pCTo4QXZ7zRaHiB2CQGpRabeJzEpgj2PiH5snpM8szWYL7C9UTzyk5oKlxrhRraw1TcXFZAcmNFXfWIFQabncpBLUaKedjiuYaCWbbR1C4SLomsfTy4uXTFVMG52hbTEGk6yDYQ474HfWja5yR4BDMhyjfcABJbAB9z7lMArHoAlebX7jOhELEOzSUbYd49xgjk57qVVjAdg1KITI17FqxwBVFnpIDzqfnR8h5sYR4yfHf9GlZgRfOoSVoogfm3K7O22HoyFl9UM9eFkNbFCmmdnlP95pxSMv1VIPooLL5NtMHxnJUztqnvCHIPxqRel5hVkAvVF9Y46x6M1Orv5EuEQzBStYtZXwMG6qzSqzVNzTeb7JShiMKKYw26UlRRPxDarmQMK8QqXSjkadkX76DHyans1hYjMRPAVUYT2XCzw2XAj2IVFnXbK9Wj559Ajjkskb1jid1dDof6pYVOiV1Gr9YfzA5KxETytIrSe5FzQAALUSJzqFsq8SB79bXzhLiWqF7faNcbTJPlXBOpGWnrZ5Q6yKkG1v81oGjO7C4OBwfhl1JMSGexRwDBKJ8sPLXmIXIMIOFzZ9sQt32vTnTjeZOnP6J2vueTUer9iIjNhjz7uE4CRXH8dm9p3kUnuEiPEHWDNFc9Jh3T8N9r1Yl9BshYOrPcPeoDJdaPS4pwSRLOOvuBJtThRbMEG16ZihH5a2o2NiZ8mn1hBPe1A1Tg7s7go7G5hPjb42kmvORsWEtqePnPiJgz6gFVNmYtPZahJz8Fz6PhC6fe4DQwIgjvfAH6XUN4ESaWByiFgDFCuCPq9muQSML7Dqqo3sks7F56isLLtYYPOFaybb4NYXMdZQTPpcd4fvDRycTeLHlu1dwSvicGk6TsIWbExRr5HDpIkjp3mnbwGLFv9Vr8rT3fPO7n7KstQjVnDPt17ER5ynHjJngWXGBI4ByOWE5ZEMAQKiDHAcFCwBaTBS2jHjjTLvc4ZUycLnJp3PStWGKRDy1HJO2EC6muVHGvppxnvqzD32zs2RdP5RzXKwqFPWj2gsxMrv5DOjen

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
HeapFree
CreateToolhelp32Snapshot
DeleteFileA
GetProcessWorkingSetSize
WriteFileEx
lstrcatA
SetMailslotInfo
ClearCommError
ConnectNamedPipe
SetThreadLocale
WritePrivateProfileSectionA
SetDefaultCommConfigW
GetNumberFormatW
SetLocaleInfoA
GetTempPathA
GetCurrentThread
lstrcpyn
MapUserPhysicalPagesScatter
GetVolumeNameForVolumeMountPointA
WriteConsoleW
PeekConsoleInputA
EnterCriticalSection
TransmitCommChar
GetFileSizeEx
TryEnterCriticalSection
MapViewOfFileEx
GetLargestConsoleWindowSize
WriteConsoleOutputCharacterA
FoldStringW
SetConsoleTextAttribute
WritePrivateProfileStringA
GetBinaryTypeA
SetErrorMode
GetProcessAffinityMask
GlobalHandle
ScrollConsoleScreenBufferW
CreateMailslotA
LocalFree
FindAtomW
FindNextVolumeA
GetLocaleInfoA
EnumDateFormatsA
WriteConsoleInputW
GetDateFormatA
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
GetProcAddress
CreatePipe
RtlMoveMemory
GetProfileSectionW
BeginUpdateResourceA
WaitForMultipleObjectsEx
SetCalendarInfoW
ReadConsoleA
SuspendThread
SystemTimeToTzSpecificLocalTime
GetBinaryTypeW
ReadConsoleW
GetFullPathNameA
EnumSystemLocalesA
LockFileEx
ReadDirectoryChangesW
SetEvent
GetVersion
GetWindowsDirectoryW
SetFileApisToOEM
GetExitCodeThread
SetConsoleCursorPosition
SetLocalTime
FreeEnvironmentStringsA
ReadConsoleOutputA
TerminateProcess
SearchPathW
GetVolumePathNameW
ContinueDebugEvent
GetSystemInfo
CreateNamedPipeA
FindResourceW
GetModuleHandleA
ReleaseMutex
CreateTapePartition
WriteProcessMemory
IsBadCodePtr
DeleteVolumeMountPointW
SetComputerNameExW
lstrcpyW
GetSystemDefaultLCID
GetPrivateProfileIntA
LocalShrink
lstrcmpiW
PurgeComm
EnumSystemCodePagesA
HeapSize
SetCommMask
lstrlenW
GetModuleHandleW
VirtualAllocEx
CreateFileW

msvcrt

__setusermatherr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
sscanf
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcpy

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegCloseKey

comctl32

CreateToolbarEx

Sections

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17b17d03ec42cc696c4c21cb6ae8218c

Code Sign

27:df:d3:18:58:ac:cb:61:b2:04:d4:84:3c:70:4e:7dCertificate

Extended Key Usages

3e:e0:7c:8a:45:bb:1a:6e:0f:a1:8c:bd:64:1e:18:92:ed:df:f1:54Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

advapi32

comctl32

Sections

.text2 Size: 1024B - Virtual size: 1000B

.text Size: 340KB - Virtual size: 339KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 612B

27:df:d3:18:58:ac:cb:61:b2:04:d4:84:3c:70:4e:7d
Certificate

3e:e0:7c:8a:45:bb:1a:6e:0f:a1:8c:bd:64:1e:18:92:ed:df:f1:54
Signer

01/12/2022, 14:34
Valid: false

.text2
Size: 1024B - Virtual size: 1000B

.text
Size: 340KB - Virtual size: 339KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 612B