ThrottleStop[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ThrottleStop.exe
Size

3.8MB
MD5

5c73413e2e8b7011713dd7cbd04038df
SHA1

505dbabfca612cea62292fa366932875b33b43f0
SHA256

7d6bb64f6de208c85e9d2985b5c76dd843674539fa450e26839634efc2ba94ad
SHA512

819159dd23095ac958a2e04512967043d3fc8092f60c29b62bba52812f0e09b78b7912104094c13b9b9afa94a0eaede6b1040e8bc7dc1b34152c9b3afe14fc25
SSDEEP

98304:+Gi4bBrAefgLXxCdmHmWsAWZeJkqfYz4dhHbl:+GiRhhnDYz4dVl

Score

N/A

Malware Config

Signatures

Files

ThrottleStop.exe
.exe windows x86

e85dc49e602000ced011b31a0666ef58

Code Sign

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

24-06-2022 13:22

Not After

14-04-2025 20:06

Subject

SERIALNUMBER=604 057 982,CN=TechPowerUp LLC,O=TechPowerUp LLC,L=Spokane,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26-03-2019 17:44

Not After

22-03-2034 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

24-06-2022 13:22

Not After

14-04-2025 20:06

Subject

SERIALNUMBER=604 057 982,CN=TechPowerUp LLC,O=TechPowerUp LLC,L=Spokane,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26-03-2019 17:44

Not After

22-03-2034 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:de:e4:18:37:f6:5f:48:77:61:e3:a1:5a:95:7f:2a:2b:1d:2a:a4:84:14:13:bc:b5:4d:44:f6:ec:48:2e:b6
Signer

Actual PE Digest

7f:de:e4:18:37:f6:5f:48:77:61:e3:a1:5a:95:7f:2a:2b:1d:2a:a4:84:14:13:bc:b5:4d:44:f6:ec:48:2e:b6

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=604 057 982,CN=TechPowerUp LLC,O=TechPowerUp LLC,L=Spokane,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

01-01-0001 00:00
Valid: false

76:aa:39:e3:55:b1:41:99:a9:67:98:1e:30:58:c4:41:b4:a8:c9:20
Signer

Actual PE Digest

76:aa:39:e3:55:b1:41:99:a9:67:98:1e:30:58:c4:41:b4:a8:c9:20

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=604 057 982,CN=TechPowerUp LLC,O=TechPowerUp LLC,L=Spokane,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

01-01-0001 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

powrprof

PowerSetActiveScheme
PowerGetActiveScheme
PowerWriteACValueIndex
CallNtPowerInformation
PowerReadACValue

uxtheme

SetWindowTheme
DrawThemeBackground
DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemePartSize
GetThemeSysColor
IsAppThemed
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
CloseThemeData

kernel32

GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
InitializeSListHead
GetStdHandle
GetEnvironmentStringsW
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
FormatMessageA
GetCPInfo
FreeEnvironmentStringsW
IsDebuggerPresent
HeapQueryInformation
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
WriteConsoleW
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
SearchPathW
GetProfileIntW
FindResourceExW
GetWindowsDirectoryW
GetCurrentDirectoryW
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
lstrcpyW
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
CompareStringA
GetVersionExW
ResumeThread
SuspendThread
CreateEventW
SetEvent
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetModuleHandleA
GetCurrentThreadId
EncodePointer
GetStartupInfoW
OutputDebugStringA
FormatMessageW
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
CreateProcessA
GetFullPathNameW
ExpandEnvironmentStringsW
lstrcmpW
OutputDebugStringW
LoadLibraryExW
SetLastError
lstrcmpA
GetSystemDirectoryW
InitializeCriticalSection
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
ChangeTimerQueueTimer
MultiByteToWideChar
GetSystemPowerStatus
VerifyVersionInfoW
GetPrivateProfileStringW
GlobalAddAtomW
GlobalDeleteAtom
FreeLibrary
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetTickCount64
SetPriorityClass
CreateProcessW
SetThreadPriority
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
CreateDirectoryW
VerSetConditionMask
K32GetModuleBaseNameW
K32EnumProcessModules
WideCharToMultiByte
CopyFileW
LocalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetTickCount
CreateMutexW
WaitForSingleObject
ReleaseMutex
DeviceIoControl
GetLastError
GetTempPathW
GetFileAttributesW
DeleteFileW
CreateFileW
K32EnumProcesses
QueryFullProcessImageNameW
MulDiv
OpenProcess
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
SetThreadAffinityMask
GetProcessAffinityMask
LocalFree
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
GetCurrentThread
GetCurrentProcess
Sleep
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
GetDateFormatW

user32

DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
CopyIcon
SetCursorPos
BringWindowToTop
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
WindowFromPoint
WaitMessage
DeleteMenu
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
CopyImage
TrackMouseEvent
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
SystemParametersInfoW
GetMenuItemInfoW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
CopyAcceleratorTableW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
SetRect
SendMessageW
PostMessageW
SetWindowPos
GetFocus
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
SendNotifyMessageW
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetDCEx
LoadMenuW
GetTabbedTextExtentW
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
EnableWindow
GetSystemMetrics
DrawTextW
GetWindowTextW
GetClientRect
GetWindowRect
FillRect
FrameRect
MoveWindow
CopyRect
InflateRect
OffsetRect
GetWindowLongW
SetWindowLongW
LoadIconW
ShowWindow
SetForegroundWindow
MessageBoxW
FindWindowW
RegisterWindowMessageW
RegisterHotKey
UnregisterHotKey
PostQuitMessage
IsWindowVisible
IsIconic
GetSystemMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
RemoveMenu
TrackPopupMenu
DrawIcon
GetDC
ReleaseDC
InvalidateRect
GetCursorPos
DestroyIcon
LoadImageW
CreateIconIndirect
MonitorFromWindow
GetMonitorInfoW
ScreenToClient
UnregisterClassW
LoadBitmapW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
UnhookWindowsHookEx
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
GetSysColor
IntersectRect
SetFocus
SetScrollPos
GetScrollPos
GetWindowTextLengthW
GetWindow
SendDlgItemMessageA
SetRectEmpty
GetParent
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetDlgItemInt
SetDlgItemInt
GetDlgItem
IsWindow

gdi32

SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExW
SetViewportOrgEx
GetRgnBox
OffsetRgn
GetCurrentObject
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
SetPolyFillMode
GetLayout
SetLayout
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutW
TextOutW
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetTextColor
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
Rectangle
GetObjectW
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
BitBlt
CreateDCW
CopyMetaFileW
CreateFontW
GetPixel
CreateSolidBrush
DeleteObject
CreateFontIndirectW
GetDeviceCaps
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
PatBlt
SelectObject
SetBkMode
SetROP2
StretchBlt

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
GetJobW
DocumentPropertiesW
OpenPrinterW

advapi32

SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegCloseKey
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
FileEncryptionStatusW
DecryptFileW

shell32

ShellExecuteW
Shell_NotifyIconW
ord680
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHGetMalloc
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconW

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW

ole32

OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
IsAccelerator
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleRegGetUserType
OleCreateFromData
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CoDisconnectObject
StringFromGUID2
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
SetConvertStg
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoCreateGuid
CLSIDFromString
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
OleTranslateAccelerator

oleaut32

VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
VariantInit
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
SysAllocStringLen
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayRedim

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDeleteGraphics
GdipCreateFromHDC
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipDrawImageRectI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e85dc49e602000ced011b31a0666ef58

Code Sign

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06Certificate

Extended Key Usages

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06Certificate

Extended Key Usages

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

7f:de:e4:18:37:f6:5f:48:77:61:e3:a1:5a:95:7f:2a:2b:1d:2a:a4:84:14:13:bc:b5:4d:44:f6:ec:48:2e:b6Signer

Signature Validations

Verification

01-01-0001 00:00 Valid: false

76:aa:39:e3:55:b1:41:99:a9:67:98:1e:30:58:c4:41:b4:a8:c9:20Signer

Signature Validations

Verification

01-01-0001 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

powrprof

uxtheme

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 594KB - Virtual size: 593KB

.data Size: 31KB - Virtual size: 58KB

.rsrc Size: 367KB - Virtual size: 366KB

.reloc Size: 218KB - Virtual size: 217KB

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

11:5b:be:9e:1c:28:68:27:af:66:e7:a0:13:90:c2:06
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

7f:de:e4:18:37:f6:5f:48:77:61:e3:a1:5a:95:7f:2a:2b:1d:2a:a4:84:14:13:bc:b5:4d:44:f6:ec:48:2e:b6
Signer

01-01-0001 00:00
Valid: false

76:aa:39:e3:55:b1:41:99:a9:67:98:1e:30:58:c4:41:b4:a8:c9:20
Signer

01-01-0001 00:00
Valid: false

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 594KB - Virtual size: 593KB

.data
Size: 31KB - Virtual size: 58KB

.rsrc
Size: 367KB - Virtual size: 366KB

.reloc
Size: 218KB - Virtual size: 217KB