pushwallpaper[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

pushwallpaper.exe
Size

15.5MB
MD5

d65f3e51ffe74b5d800a0f93c32120bf
SHA1

6094cb8ba9803dc1725f0cb1fe8402c3a70540ec
SHA256

e7716a973b75bc2974cce234baa07d1b418fb127e62dd819eae03a3f41b39bb3
SHA512

5b2ded0a64a059b24e82c896bec521ea0f636473970138da3665cb63cf708becc276cad446546674b56efffbd45f202bf9a5e32f2c4bcd1b40ea2230df902f2e
SSDEEP

393216:PvwmethG/hSFAnnv89S+piDCNpCznyo5d5sW6mD2HwbrLh6NZm//DzygnkdfPZy5:Ax6MF28c5x

Score

1^/10

Malware Config

Signatures

Files

pushwallpaper.exe
.exe windows x86

f71de38c638428b2b7f54491e34efe8c

Code Sign

32:b0:85:e0:d1:0a:cd:a3:ea:6c:7c:95:5c:16:ed:f5
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

15/12/2014, 00:00

Not After

15/12/2019, 23:59

Subject

CN=Alexey Veresov,O=Alexey Veresov,POSTALCODE=600007,STREET=Pochaevskaya st\, 22a-13,L=Vladimir,ST=Vladimir,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d3:03:e8:85:f2:25:ae:77:e2:54:fe:77:67:14:9b:1d:f3:d7:e4:a7:17:a7:e2:33:b1:a0:dd:9c:d0:97:8c:9a
Signer

Actual PE Digest

d3:03:e8:85:f2:25:ae:77:e2:54:fe:77:67:14:9b:1d:f3:d7:e4:a7:17:a7:e2:33:b1:a0:dd:9c:d0:97:8c:9a

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Alexey Veresov,O=Alexey Veresov,POSTALCODE=600007,STREET=Pochaevskaya st\, 22a-13,L=Vladimir,ST=Vladimir,C=RU

21/01/2019, 22:08
Valid: true

Chain 1

CN=Alexey Veresov,O=Alexey Veresov,POSTALCODE=600007,STREET=Pochaevskaya st\, 22a-13,L=Vladimir,ST=Vladimir,C=RU

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterWaitForSingleObject
SetThreadAffinityMask
UnregisterWaitEx
CreateTimerQueue
UnregisterWait
GetLocaleInfoA
CreateSemaphoreW
GetTickCount64
MoveFileExW
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
InitOnceBeginInitialize
InitOnceComplete
WakeConditionVariable
LoadLibraryExA
IsDBCSLeadByteEx
GetExitCodeThread
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
SetFilePointer
GetThreadTimes
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
WriteFile
ReadFile
CloseHandle
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GlobalUnlock
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
GetModuleHandleW
lstrcmpiW
lstrcmpW
GetTempPathW
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
ReleaseSemaphore
InterlockedPopEntrySList
DeleteCriticalSection
CreateDirectoryW
InitializeSRWLock
InitializeConditionVariable
lstrlenW
VirtualFree
QueryDepthSList
QueryPerformanceFrequency
GetCurrentThread
GetCurrentThreadId
ProcessIdToSessionId
GetCurrentProcessId
QueryPerformanceCounter
CreateMutexW
WaitForSingleObject
Sleep
ReleaseMutex
GetSystemPowerStatus
OpenMutexW
GetUserDefaultUILanguage
GetLocaleInfoW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GlobalAlloc
GlobalFree
WakeAllConditionVariable
ReleaseSRWLockShared
SleepConditionVariableSRW
AcquireSRWLockShared
CreateEventW
CreateFileMappingW
MapViewOfFile
lstrcpyW
lstrcatW
CreateProcessW
ResetEvent
WaitForMultipleObjects
TerminateProcess
UnmapViewOfFile
OpenFileMappingW
GetModuleFileNameW
GetFileInformationByHandle
GetCommandLineW
GetVersionExW
GetProcAddress
GetCurrentProcess
GetComputerNameExW
GetVolumeInformationW
GetFileTime
GetSystemTime
TerminateThread
CreateWaitableTimerW
SetWaitableTimer
ExpandEnvironmentStringsW
GetFileAttributesExW
SetThreadPriority
LoadLibraryW
FreeLibrary
OutputDebugStringA
SetLastError
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
GlobalSize
MulDiv
CopyFileW
SetEvent
ResumeThread
CompareStringW
lstrcmpA
GlobalGetAtomNameW
FileTimeToSystemTime
EncodePointer
GetSystemDirectoryW
FreeResource
LoadLibraryExW
LoadLibraryA
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
FlushFileBuffers
GetFileSize
GetFullPathNameW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GlobalFlags
VirtualProtect
FileTimeToLocalFileTime
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
SetErrorMode
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTickCount
GetProfileIntW
SearchPathW
GetTempFileNameW
GetUserDefaultLCID
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
SetFilePointerEx
OutputDebugStringW
GetStringTypeW
TryEnterCriticalSection
GetCPInfo
SwitchToThread
LCMapStringW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
GetCommandLineA
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
GetACP
GetConsoleMode
ReadConsoleW
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
VirtualAlloc

user32

EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgCtrlID
GetCapture
GetMenu
SetMenu
UpdateWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
CopyRect
PtInRect
GetClassLongW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
IsDialogMessageW
CharUpperW
RealChildWindowFromPoint
DrawTextW
GrayStringW
TabbedTextOutW
GetWindowDC
FillRect
GetMenuItemInfoW
CopyImage
SendDlgItemMessageA
SetRectEmpty
CreateDialogIndirectParamW
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
ShowOwnedPopups
DeleteMenu
GetNextDlgGroupItem
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
EnumDisplayMonitors
SetClassLongW
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
GetFocus
GetWindowTextLengthW
GetSysColorBrush
ReleaseDC
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
IsWindowEnabled
UnhookWindowsHookEx
SetParent
MoveWindow
AdjustWindowRectEx
EqualRect
MonitorFromRect
EnumDisplaySettingsW
EnumDisplayDevicesW
EndPaint
BeginPaint
AdjustWindowRect
SwitchToThisWindow
SetForegroundWindow
SetActiveWindow
BringWindowToTop
SendMessageTimeoutW
FindWindowA
EnumDesktopWindows
FindWindowExW
FindWindowExA
SetWindowRgn
DrawTextExW
SetRect
GetDC
PeekMessageW
MapWindowPoints
SetMenuItemInfoW
OffsetRect
IntersectRect
TrackMouseEvent
InflateRect
GetSysColor
RedrawWindow
UpdateLayeredWindow
DestroyIcon
DestroyCursor
LoadImageW
CreateCursor
GetSystemMetrics
RegisterClassExW
GetPhysicalCursorPos
SetLayeredWindowAttributes
CloseDesktop
SetPropA
GetPropA
IsWindowVisible
IsWindow
GetWindow
WindowFromPoint
GetWindowPlacement
GetForegroundWindow
OpenInputDesktop
SystemParametersInfoW
PostQuitMessage
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
FindWindowW
MessageBoxW
GetUserObjectInformationW
GetThreadDesktop
InsertMenuItemW
SetWindowLongW
GetWindowLongW
CreateWindowExW
SetWindowPos
DestroyWindow
GetDlgItem
GetClientRect
SendMessageW
PostMessageW
DefWindowProcW
PostThreadMessageW
CreateDialogParamW
SetDlgItemTextW
LoadCursorW
SetCursor
IsDlgButtonChecked
CheckDlgButton
SendDlgItemMessageW
SetFocus
CharLowerBuffW
GetQueueStatus
MsgWaitForMultipleObjects
ShowWindow
GetCursorPos
GetWindowRect
EnableWindow
GetClassNameW
GetWindowTextW
GetParent
ScreenToClient
EnumChildWindows
ChangeWindowMessageFilter
ClientToScreen
GetDesktopWindow
SetCapture
InvalidateRect
GetMonitorInfoW
ReleaseCapture
CallWindowProcW
CreatePopupMenu
TrackPopupMenu
DestroyMenu
DialogBoxParamW
SetWindowTextW
EndDialog
OpenClipboard
GetClipboardData
CloseClipboard
UnregisterClassW
wsprintfW
CheckMenuItem

gdi32

FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CreateFontIndirectW
CreateFontW
SelectObject
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
CreateRectRgn
CombineRgn
CreateDIBSection
AddFontResourceW
AddFontMemResourceEx
RemoveFontResourceExW
RemoveFontMemResourceEx
TranslateCharsetInfo
GetTextFaceW
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetDeviceCaps
CreateCompatibleDC
EnumFontFamiliesExW
BitBlt
DeleteDC
DPtoLP
GetDIBits
CreateDCW
CopyMetaFileW
RoundRect
GetObjectW
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetCurrentObject
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
CreateBitmap
SetViewportOrgEx
SetWindowExtEx
DeleteObject
SetDIBColorTable
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CreateRectRgnIndirect
SetRectRgn
CreateCompatibleBitmap
GetStockObject
PatBlt

shell32

SHAppBarMessage
SHBrowseForFolderW
SHQueryUserNotificationState
SHGetFolderPathW
SHGetDesktopFolder
SHGetSpecialFolderPathW
ShellExecuteExW
SHCreateItemFromParsingName
DragAcceptFiles
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
Shell_NotifyIconW
SHGetKnownFolderPath
SHGetFileInfoW

ole32

CoCreateGuid
CoInitializeEx
MkParseDisplayName
CoFreeUnusedLibraries
GetRunningObjectTable
CreateItemMoniker
CoCreateInstance
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CLSIDFromString
CoDisconnectObject
StringFromGUID2
ReleaseStgMedium
OleDuplicateData
CreateBindCtx
CoTaskMemAlloc
CoLoadLibrary
CoFreeLibrary
PropVariantClear
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DragEnter
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_Create
ImageList_BeginDrag
ImageList_Add
ImageList_DrawEx
ImageList_Destroy

shlwapi

ord176
ord219
PathAppendW
PathRemoveBackslashW
PathFindFileNameW
UrlIsW
PathFindExtensionW
PathRemoveExtensionW
PathCreateFromUrlW
StrToIntW
PathGetCharTypeW
PathRemoveFileSpecW
PathCanonicalizeW
PathIsURLW
PathStripToRootW
UrlEscapeW
PathFileExistsW
PathStripPathW
PathAddBackslashW
StrFormatKBSizeW
PathIsUNCW

uxtheme

DrawThemeText
DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

winmm

timeKillEvent
timeGetDevCaps
timeGetTime
timeBeginPeriod
PlaySoundW
timeEndPeriod
timeSetEvent

d3d9

Direct3DCreate9Ex

dxgi

CreateDXGIFactory1

d3d11

D3D11CreateDevice

ddraw

DirectDrawCreateEx

dwmapi

DwmIsCompositionEnabled
DwmFlush

gdiplus

GdipSetPenLineJoin
GdipDeletePen
GdipCreatePen1
GdipAddPathStringI
GdipDeletePath
GdipFillRectangle
GdipGetGenericFontFamilySansSerif
GdipAddPathString
GdipCreateImageAttributes
GdipSetImageAttributesWrapMode
GdipDrawImageRectRect
GdipDisposeImageAttributes
GdipDrawLineI
GdipCreateTexture
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
GdipSetTextureTransform
GdipGetImagePixelFormat
GdipGetImagePalette
GdipBitmapUnlockBits
GdipCreateLineBrushI
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipGetDC
GdipReleaseDC
GdipCreateHBITMAPFromBitmap
GdipDeleteGraphics
GdipCreatePath
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipFree
GdipAlloc
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDeleteFont
GdipLoadImageFromFile
GdipDrawString
GdipCreateFromHDC
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDrawImagePointRectI
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdiplusStartup
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight
GdipCloneBitmapAreaI
GdipCreateBitmapFromStream
GdipSetCompositingMode
GdipDrawImageI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateFont
GdipMeasureString
GdipSetTextRenderingHint
GdipDrawPath
GdipFillPath

wininet

InternetCloseHandle
InternetErrorDlg
InternetReadFile
InternetOpenW
InternetOpenUrlW
InternetReadFileExW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetSetStatusCallbackW
InternetQueryOptionW
HttpQueryInfoW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW

oleaut32

VariantCopy
VarBstrFromDate
VariantInit
SysAllocString
VarBstrCmp
SysFreeString
LoadTypeLi
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
VariantChangeType

ws2_32

WSAResetEvent
WSAGetLastError
recvfrom
WSAWaitForMultipleEvents
WSACloseEvent
closesocket
WSACleanup
WSAStartup
htons
htonl
InetPtonW
socket
WSACreateEvent
WSAEventSelect
setsockopt
bind
ioctlsocket

Sections

.text
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text.un
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drectve
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f71de38c638428b2b7f54491e34efe8c

Code Sign

32:b0:85:e0:d1:0a:cd:a3:ea:6c:7c:95:5c:16:ed:f5Certificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

d3:03:e8:85:f2:25:ae:77:e2:54:fe:77:67:14:9b:1d:f3:d7:e4:a7:17:a7:e2:33:b1:a0:dd:9c:d0:97:8c:9aSigner

Signature Validations

Verification

21/01/2019, 22:08 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

msimg32

comctl32

shlwapi

uxtheme

wtsapi32

winmm

d3d9

dxgi

d3d11

ddraw

dwmapi

gdiplus

wininet

oleacc

imm32

version

winspool.drv

advapi32

oleaut32

ws2_32

Sections

.text Size: 12.7MB - Virtual size: 12.7MB

.text.un Size: 251KB - Virtual size: 251KB

.data Size: 129KB - Virtual size: 8.3MB

.idata Size: 22KB - Virtual size: 22KB

.drectve Size: 512B - Virtual size: 32B

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 396KB - Virtual size: 395KB

32:b0:85:e0:d1:0a:cd:a3:ea:6c:7c:95:5c:16:ed:f5
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

d3:03:e8:85:f2:25:ae:77:e2:54:fe:77:67:14:9b:1d:f3:d7:e4:a7:17:a7:e2:33:b1:a0:dd:9c:d0:97:8c:9a
Signer

21/01/2019, 22:08
Valid: true

.text
Size: 12.7MB - Virtual size: 12.7MB

.text.un
Size: 251KB - Virtual size: 251KB

.data
Size: 129KB - Virtual size: 8.3MB

.idata
Size: 22KB - Virtual size: 22KB

.drectve
Size: 512B - Virtual size: 32B

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 396KB - Virtual size: 395KB