7ebbc5fc6f207b3ecfafc05c92c629e055f3ecf5f6bd0e2cc9be60acbf7eaf00

Sharing

Copy URL Twitter E-mail

General

Target

7ebbc5fc6f207b3ecfafc05c92c629e055f3ecf5f6bd0e2cc9be60acbf7eaf00
Size

5.6MB
MD5

b24f9bf7ba643a1d098ce159b6e4ec03
SHA1

293e23043fc36d0babc32c559f42f5c5c66a1f9d
SHA256

7ebbc5fc6f207b3ecfafc05c92c629e055f3ecf5f6bd0e2cc9be60acbf7eaf00
SHA512

2d0c6a42620a9b488fc209c8b8bb2d6e0352321a3202dfb288e0d0bf49b2797cc7e3820961a5ad543545319db9f16a0298b0350ee01d41f158e281acf1bfa63a
SSDEEP

98304:i3mL2jjdrylI5KP+AMdxF7L3FYMPlEw7SKB8fsA1bY9:NL2jjdraq0MdxF7L3FYXw7Shpg

Score

1^/10

Malware Config

Signatures

Files

7ebbc5fc6f207b3ecfafc05c92c629e055f3ecf5f6bd0e2cc9be60acbf7eaf00
.exe windows x86

45d8eeb7f810f7ec66c06e9333a22081

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:db:2d:12:d4:6d:fd:d2:e0:2e:57:e9:ef:2f:98:b3:47:5d:54:98:76:33:00:4b:28:5f:22:0b:78:c1:84:47
Signer

Actual PE Digest

1f:db:2d:12:d4:6d:fd:d2:e0:2e:57:e9:ef:2f:98:b3:47:5d:54:98:76:33:00:4b:28:5f:22:0b:78:c1:84:47

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

30/09/2021, 02:53
Valid: true

Chain 1

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

b8:6b:a5:2f:a9:89:06:71:9b:68:e6:ba:25:2e:f9:a3:8c:52:85:5f
Signer

Actual PE Digest

b8:6b:a5:2f:a9:89:06:71:9b:68:e6:ba:25:2e:f9:a3:8c:52:85:5f

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

30/09/2021, 02:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

shlwapi

StrToIntA
ord12
PathAppendW
StrDupW
PathFindFileNameW

msimg32

AlphaBlend

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Create
ImageList_GetIcon
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_SetBkColor

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmAssociateContextEx
ImmDisableIME
ImmGetContext

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

FindClose
WaitForSingleObject
GetFileAttributesW
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
FlushFileBuffers
GetPrivateProfileStringW
CreateProcessW
SetFileAttributesW
MoveFileExW
LockResource
GlobalFree
GlobalSize
lstrcpyW
GetLocalTime
LCMapStringW
GetStartupInfoW
OpenProcess
GetEnvironmentVariableA
OpenMutexW
VirtualQuery
CreateEventW
SetEvent
ResetEvent
GlobalMemoryStatusEx
OpenEventW
ExpandEnvironmentStringsW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetCurrentProcess
LocalAlloc
DeviceIoControl
GetTempFileNameW
RemoveDirectoryW
FindNextFileW
DuplicateHandle
GetFileInformationByHandle
GetFileType
FileTimeToDosDateTime
CreateDirectoryW
GetCurrentDirectoryW
DosDateTimeToFileTime
ExitProcess
ReleaseMutex
GetACP
lstrcatW
GetDriveTypeW
ResumeThread
GetLongPathNameW
UnlockFileEx
GetFileTime
GetEnvironmentVariableW
GetVolumeInformationW
GetLogicalDriveStringsW
GetWindowsDirectoryW
MoveFileW
SwitchToThread
GetFileSizeEx
QueryPerformanceFrequency
CreateMutexW
SetEndOfFile
OpenFileMappingW
GetTempPathW
GetFullPathNameA
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
GetLocaleInfoW
SetWaitableTimer
CreateWaitableTimerW
FreeResource
GetModuleHandleA
DisableThreadLibraryCalls
CreateThread
VirtualProtect
GetModuleHandleExW
FlushInstructionCache
MapViewOfFileEx
IsDebuggerPresent
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
Thread32Next
Thread32First
SuspendThread
CreateToolhelp32Snapshot
GetThreadContext
SetThreadContext
OpenThread
RtlUnwind
ExitThread
FreeLibraryAndExitThread
FindFirstFileExW
PeekNamedPipe
GetStdHandle
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleCP
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
SetFilePointer
InitializeCriticalSection
LockFile
GetStringTypeW
EncodePointer
SizeofResource
EnterCriticalSection
InterlockedDecrement
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
MultiByteToWideChar
GetLastError
RaiseException
LoadResource
FindResourceW
DecodePointer
SetFileTime
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
GetFullPathNameW
HeapFree
HeapCreate
FindFirstFileW
TryEnterCriticalSection
AreFileApisANSI
ConnectNamedPipe
CreateFileW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
FreeLibrary
InterlockedIncrement
lstrcmpiW
LoadLibraryExW
LocalFree
CreateNamedPipeW
WriteFile
CancelIo
ReadFile
CreateIoCompletionPort
CloseHandle
PostQueuedCompletionStatus
GetQueuedCompletionStatus
InterlockedExchange
InterlockedExchangeAdd
lstrlenW
WritePrivateProfileStringW
CopyFileW
DeleteFileW
GetTickCount
MulDiv
lstrcmpW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
SetErrorMode
Sleep
WaitForMultipleObjects
GetCurrentProcessId
QueryDosDeviceW

user32

SetRectEmpty
UnloadKeyboardLayout
ActivateKeyboardLayout
LoadStringW
GetWindowThreadProcessId
GetLastActivePopup
WindowFromPoint
AttachThreadInput
GetForegroundWindow
IsIconic
DrawIconEx
DrawTextW
LoadImageW
SetClipboardData
GetAsyncKeyState
DestroyCursor
CopyRect
SetRect
DialogBoxParamW
TrackMouseEvent
UpdateLayeredWindow
UnregisterHotKey
RegisterHotKey
GetKeyState
OpenClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
GetActiveWindow
MonitorFromWindow
MsgWaitForMultipleObjects
GetKeyboardState
GetCaretBlinkTime
ToAscii
AdjustWindowRectEx
ShowWindowAsync
ValidateRect
SetParent
VkKeyScanW
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
UnionRect
EqualRect
EnumChildWindows
GetWindowDC
IsZoomed
GetDCEx
IsRectEmpty
SetWindowRgn
EndDialog
OffsetRect
GetMonitorInfoW
MapWindowPoints
PtInRect
MapVirtualKeyW
DestroyIcon
SetCursorPos
SetScrollInfo
ShowScrollBar
GetScrollInfo
GetScrollPos
SetTimer
SetCursor
KillTimer
SetScrollPos
UpdateWindow
GetCursorPos
SystemParametersInfoW
GetWindowTextLengthW
GetWindow
DestroyWindow
GetDC
FillRect
CreateWindowExW
ScreenToClient
SetWindowTextW
RegisterClassExW
IsWindow
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
LoadCursorW
GetClassNameW
SetCapture
GetClientRect
GetDlgItem
GetClassInfoExW
RegisterWindowMessageW
ReleaseCapture
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
GetWindowTextW
GetDesktopWindow
FindWindowW
FindWindowExW
GetWindowRect
IsWindowVisible
SetWindowPos
GetSystemMetrics
ShowWindow
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostMessageW
GetFocus
SendMessageW
LoadIconW
SetWindowLongW
GetParent
SetForegroundWindow
MessageBoxW
UnregisterClassW
CharNextW
SetCaretPos
GetPropW
LoadBitmapW
EmptyClipboard
GetAncestor
EnumThreadWindows
EnableWindow
MonitorFromPoint
GetIconInfo
LoadKeyboardLayoutW
GetClassLongW
RemovePropW
SetPropW
IntersectRect

gdi32

CreateFontIndirectW
SetGraphicsMode
GetBitmapBits
SetTextColor
SetBkMode
SetWorldTransform
CreateDIBitmap
EnumFontFamiliesW
GetDIBits
CreateDIBSection
SetBkColor
ExtTextOutW
EnumFontFamiliesExW
SetViewportOrgEx
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
GetObjectW
DeleteObject
CreateSolidBrush
DeleteDC
GetTextMetricsW
CreateDCW
GetClipBox
EnumFontsW
CreateRectRgnIndirect
CreatePolygonRgn
CreateRoundRectRgn
GetRgnBox
PtInRegion

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW
EqualSid
GetAce
GetAclInformation
GetSecurityDescriptorDacl
GetFileSecurityW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
LookupAccountNameW
RegCreateKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
SystemFunction036
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryInfoKeyW

shell32

ExtractIconExW
SHGetFolderPathW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoGetClassObject
GetHGlobalFromStream
OleLockRunning
CLSIDFromString
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
StringFromGUID2
OleUninitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
SysFreeString
VariantClear
LoadRegTypeLi
SysAllocStringLen
SysStringLen
DispCallFunc
SysAllocString
OleCreateFontIndirect
LoadTypeLi
VariantInit

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipAddPathLineI
GdipCreateRegionPath
GdipGetInterpolationMode
GdipGetLineTransform
GdipSetImageAttributesColorMatrix
GdipGetFamily
GdipGetTextRenderingHint
GdipAddPathString
GdipGetStringFormatLineAlign
GdipGetEmHeight
GdipSaveGraphics
GdipCreateLineBrushI
GdipSetLineWrapMode
GdipGetLineSpacing
GdipCreateMatrix2
GdipDisposeImageAttributes
GdipDeletePath
GdipGetStringFormatAlign
GdipCreateMatrix
GdipSetSmoothingMode
GdipEndContainer
GdipCreatePath
GdipSetLinePresetBlend
GdipGetCellDescent
GdipCloneBitmapArea
GdipGetFontStyle
GdipTransformRegion
GdipFillPath
GdipGetPathWorldBounds
GdipMultiplyWorldTransform
GdipSetPenDashStyle
GdipDrawLine
GdipDrawRectangle
GdipScaleWorldTransform
GdipSetClipRectI
GdipClosePathFigure
GdipGetSmoothingMode
GdipDrawArcI
GdipCreateImageAttributes
GdipSetClipRegion
GdipDrawPath
GdipSetImageAttributesWrapMode
GdipGetClipBoundsI
GdipFillEllipse
GdipBeginContainer2
GdipGetTextureTransform
GdipGetMatrixElements
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipDeleteRegion
ord1
GdipGetFontSize
GdipTranslateWorldTransform
GdipSetStringFormatAlign
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSetCompositingQuality
GdipImageRotateFlip
GdipGetImageType
GdipCombineRegionPath
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipGetPropertyItem
GdipDrawImageRectI
GdipBitmapSetPixel
GdipGetImageHorizontalResolution
GdipSetInterpolationMode
GdipCloneBitmapAreaI
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipGetImageVerticalResolution
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipBitmapGetPixel
GdipCreateTexture
GdipSetPropertyItem
GdipGetImageRawFormat
GdipSaveImageToStream
GdipGetPropertyItemSize
GdipSaveImageToFile
GdipGetImagePaletteSize
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipBitmapLockBits
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipGetImageGraphicsContext
GdipDrawImage
GdipDrawImagePointRectI
GdipCreateBitmapFromFile
GdipCreateStringFormat
GdipCloneImage
GdipDisposeImage
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGraphicsClear
GdipCreateBitmapFromHICON
GdipDeleteStringFormat
GdipDrawImageI
GdipDeleteFontFamily
GdipGetImageHeight
GdipDrawRectangleI
GdipCreateFontFamilyFromName
GdipDeleteBrush
GdipAlloc
GdipCreateFont
GdipCreateSolidFill
GdipGetGenericFontFamilySansSerif
GdipFree
GdipDrawString
GdipCreateFromHDC
GdipCloneBrush
GdipMeasureString
GdipFillRectangleI
GdipDeleteGraphics
GdipDeleteFont
GdipGetImageWidth
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectRectI
GdiplusStartup
GdiplusShutdown
GdipSetCompositingMode
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipAddPathBezierI

iphlpapi

GetAdaptersAddresses

winmm

timeGetTime

psapi

GetMappedFileNameW

Exports

Exports

sqlite3_carray_init
sqlite3_csv_init
sqlite3_fileio_init
sqlite3_series_init
sqlite3_shathree_init
sqlite3_uuid_init

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 986KB - Virtual size: 986KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 142KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 424KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45d8eeb7f810f7ec66c06e9333a22081

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9eCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

1f:db:2d:12:d4:6d:fd:d2:e0:2e:57:e9:ef:2f:98:b3:47:5d:54:98:76:33:00:4b:28:5f:22:0b:78:c1:84:47Signer

Signature Validations

Verification

30/09/2021, 02:53 Valid: true

Chain 1

b8:6b:a5:2f:a9:89:06:71:9b:68:e6:ba:25:2e:f9:a3:8c:52:85:5fSigner

Signature Validations

Verification

30/09/2021, 02:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

shlwapi

msimg32

comctl32

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

gdiplus

iphlpapi

winmm

psapi

Exports

Exports

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 986KB - Virtual size: 986KB

.data Size: 142KB - Virtual size: 185KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 424KB - Virtual size: 428KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

1f:db:2d:12:d4:6d:fd:d2:e0:2e:57:e9:ef:2f:98:b3:47:5d:54:98:76:33:00:4b:28:5f:22:0b:78:c1:84:47
Signer

30/09/2021, 02:53
Valid: true

b8:6b:a5:2f:a9:89:06:71:9b:68:e6:ba:25:2e:f9:a3:8c:52:85:5f
Signer

30/09/2021, 02:53
Valid: false

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 986KB - Virtual size: 986KB

.data
Size: 142KB - Virtual size: 185KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 424KB - Virtual size: 428KB