MDE_File_Sample_fa2b6890445b0d4767b2a9e9422a6a21abb9d070[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

MDE_File_Sample_fa2b6890445b0d4767b2a9e9422a6a21abb9d070.zip
Size

3.5MB
MD5

7206bc1619cb4a38c0d4c530171b696a
SHA1

dafb93cf07629f740b98755b49a1b96286818636
SHA256

2d285040e5d6589c451c7cb3102fe589ab292c7c0fad91ce07cf9c5f3d703df7
SHA512

cc17599cc1f423d61423c73d65cd32f0dbb95db1283ad1a2395734ce2ec3d97f73308bbe423ea3b9d694906d65b31c5ca33000ba9ab81f7e468b9e4f3a0de7fa
SSDEEP

49152:XC7I6nRxNBj5FaDAulKr/WXBBzvcekJMlv6+oKdr0UkV8dohDoo:y8yZjmKLqBBAeuMlC+oKd4UkSUso

Score

1^/10

Malware Config

Signatures

Files

MDE_File_Sample_fa2b6890445b0d4767b2a9e9422a6a21abb9d070.zip
.zip

Password: infected
PDFPower.exe
.exe windows x86

b24d95fcd7d6bec545ffbcd071885200

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:2c:66:d4:ce:18:c4:ec:68:2e:71:dd
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

04/03/2021, 09:42

Not After

04/03/2024, 09:42

Subject

SERIALNUMBER=516185493,CN=MY TECH MEDIA LTD,O=MY TECH MEDIA LTD,STREET=11 Hamanofim,L=Herzliya,ST=Tel Aviv,C=IL,1.2.840.113549.1.9.1=#0c1561646d696e406d79746563686d656469612e6e6574,1.3.6.1.4.1.311.60.2.1.3=#1302494c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:05:bc:ac:2e:15:b1:39:4d:e7:05:df:15:e0:d1:f1:7b:fb:46:f8
Signer

Actual PE Digest

d0:05:bc:ac:2e:15:b1:39:4d:e7:05:df:15:e0:d1:f1:7b:fb:46:f8

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=516185493,CN=MY TECH MEDIA LTD,O=MY TECH MEDIA LTD,STREET=11 Hamanofim,L=Herzliya,ST=Tel Aviv,C=IL,1.2.840.113549.1.9.1=#0c1561646d696e406d79746563686d656469612e6e6574,1.3.6.1.4.1.311.60.2.1.3=#1302494c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

27/11/2022, 09:38
Valid: true

Chain 1

SERIALNUMBER=516185493,CN=MY TECH MEDIA LTD,O=MY TECH MEDIA LTD,STREET=11 Hamanofim,L=Herzliya,ST=Tel Aviv,C=IL,1.2.840.113549.1.9.1=#0c1561646d696e406d79746563686d656469612e6e6574,1.3.6.1.4.1.311.60.2.1.3=#1302494c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
RtlUnwind
GetCPInfo
GetConsoleMode
GetFileType
LCMapStringEx
QueryPerformanceFrequency
GetStringTypeW
GetFileInformationByHandleEx
AreFileApisANSI
SetFilePointerEx
SetFileInformationByHandle
FindNextFileW
FindFirstFileExW
CreateDirectoryW
FormatMessageA
GetTimeFormatW
GetDateFormatW
lstrlenW
lstrcpynW
SetStdHandle
GetStdHandle
ExitProcess
LCMapStringW
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetConsoleOutputCP
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameW
GetProfileIntW
SearchPathW
FindResourceExW
GetTempPathW
GetWindowsDirectoryW
GetTickCount
SystemTimeToTzSpecificLocalTime
OutputDebugStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameW
GetFileAttributesW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
InitializeCriticalSectionAndSpinCount
GetThreadLocale
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
SetErrorMode
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GetSystemDirectoryW
EncodePointer
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetVersionExW
GetCurrentThreadId
GetCurrentThread
CopyFileW
FormatMessageW
GlobalSize
DeviceIoControl
GetModuleFileNameW
MulDiv
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetModuleHandleW
SetLastError
CloseHandle
CreateProcessW
GetProcessId
GlobalFree
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
LocalFree
OutputDebugStringA
GetCommandLineW
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FreeLibrary
LoadLibraryW
Sleep

user32

SetWindowTextW
CheckDlgButton
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
UpdateLayeredWindow
GetAsyncKeyState
DestroyMenu
EnableScrollBar
MonitorFromPoint
GetMenuItemInfoW
IsZoomed
GetSystemMenu
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
SendDlgItemMessageA
CharUpperW
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
RealChildWindowFromPoint
SystemParametersInfoW
DeleteMenu
IsClipboardFormatAvailable
MessageBeep
SetRect
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetDialogBaseUnits
GetClassInfoW
RegisterClassW
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawEdge
DrawFrameControl
IsDialogMessageW
NotifyWinEvent
CreatePopupMenu
GetClientRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
LoadStringW
GetSystemMetrics
PostThreadMessageW
SetForegroundWindow
PostMessageW
SetWindowRgn
SendMessageW
DestroyIcon
GetSysColor
LoadCursorW
LoadImageW
IsWindow
GetSysColorBrush
FillRect
GetWindowRect
GetParent
GetClipboardData
GetWindowContextHelpId
DestroyCaret
GetCaretPos
ShowCaret
InflateRect
DrawIconEx
GetIconInfo
GetDC
CreateIconIndirect
ReleaseDC
ShowCursor
SetCursor
TrackMouseEvent
InvalidateRect
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint
SetTimer
KillTimer
ReleaseCapture
SetCapture
EnumWindows
IsIconic
ShowWindow
GetWindowThreadProcessId
GetWindow
IsWindowVisible
VkKeyScanW
MessageBoxW
LoadBitmapW
SetLayeredWindowAttributes
PostQuitMessage
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
SetWindowPos
SetWindowContextHelpId
MapDialogRect
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
GetKeyState
ValidateRect
GetMenuDefaultItem
SetMenuDefaultItem
RegisterClipboardFormatW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetParent
BringWindowToTop
LockWindowUpdate
SetClassLongW
GetDoubleClickTime
CopyIcon
ModifyMenuW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CharUpperBuffW
FrameRect
WaitMessage
HideCaret
InvertRect
DrawIcon
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
SendNotifyMessageW
CreateMenu
WindowFromDC
GetComboBoxInfo
DestroyCursor
EnableWindow
SetWindowsHookExW
CallNextHookEx
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
ShowOwnedPopups
GetLastActivePopup
DrawStateW
UpdateWindow
GetClassNameW
GetNextDlgGroupItem
RedrawWindow
DrawFocusRect
SetRectEmpty
CopyRect
OffsetRect
IsRectEmpty
LoadIconW
CopyImage
LoadMenuW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
GetWindowRgn
UnionRect

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
StartDocW
SetArcDirection
ExtCreatePen
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRectRgn
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EndDoc
AbortDoc
GetCurrentObject
OffsetRgn
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
CreatePatternBrush
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
BitBlt
SetBoundsRect
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
GetRegionData
CreatePolyPolygonRgn
CreateEllipticRgnIndirect
PolyBezier
Arc
CreateFontW
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
CreatePen
Rectangle
GetDIBits
SetDIBits
GetDeviceCaps
GetStockObject
CreateBitmap
LPtoDP

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

ShellExecuteW
ShellExecuteExW
SHGetKnownFolderPath
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
SHGetMalloc
DragFinish
DragQueryFileW
SHAppBarMessage
CommandLineToArgvW

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_Draw
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Add
ImageList_SetImageCount
InitCommonControlsEx

shlwapi

PathIsUNCW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW
ord12
PathStripToRootW
PathFindFileNameW

uxtheme

CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
EndBufferedPaint
OpenThemeData
DrawThemeParentBackground
DrawThemeText
IsAppThemed
BeginBufferedPaint
BufferedPaintSetAlpha

ole32

StringFromGUID2
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CoCreateGuid
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning

oleaut32

VariantCopy
VarBstrFromDate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
OleLoadPicture
VariantChangeTypeEx
VarBstrCmp
VarUdateFromDate

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipGetImagePixelFormat
GdipGetImagePalette
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateBitmapFromHICON
GdipDeleteRegion
GdipCreateRegionPath
GdipSetTextureWrapMode
GdipCreateTextureIAI
GdipCreatePathGradientFromPath
GdipCreateLineBrush
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeletePen
GdipCreatePen2
GdipMultiplyWorldTransform
GdipScaleMatrix
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipCloneBitmapArea
GdipSetPathGradientWrapMode
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipSetPathGradientPresetBlend
GdipDeletePath
GdipCreatePath
GdipSetLineWrapMode
GdipSetLinePresetBlend
GdipMultiplyPathGradientTransform
GdipGetImageGraphicsContext
GdipTranslatePathGradientTransform
GdipScalePathGradientTransform
GdipSetPathGradientCenterPoint
GdipMultiplyLineTransform
GdipIsMatrixIdentity
GdipTranslateLineTransform
GdipScaleLineTransform
GdipRotateLineTransform
GdipMultiplyMatrix
GdipTranslateTextureTransform
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipResetClip
GdipSetClipPath
GdipSetClipRegion
GdipMeasureString
GdipDrawString
GdipTransformMatrixPoints
GdipResetWorldTransform
GdipGetCellDescent
GdipGetFontSize
GdipGetDpiY
GdipGetEmHeight
GdipGetFontStyle
GdipGetFamily
GdipDeleteFontFamily
GdipDrawImageRectRect
GdipSetImageAttributesColorMatrix
GdipSetCompositingMode
GdipGetCompositingMode
GdipGetInterpolationMode
GdipDrawArc
GdipFillEllipse
GdipDrawEllipse
GdipFillRectangle
GdipDrawRectangle
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDisposeImage
GdipGetImageWidth
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawLine
GdipGetImageHeight
GdipGetMatrixElements
GdipSetMatrixElements
GdipSetPenDashStyle
GdipSetPenDashArray
GdipSetPenDashCap197819
GdipSetPenDashOffset
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenLineJoin
GdipSetPenMiterLimit
GdipCreateMatrix
GdipDeleteMatrix
GdipGetBrushType
GdipGetLineTransform
GdipGetPathGradientTransform
GdipGetTextureTransform
GdipGetWorldTransform
GdipSetLineTransform
GdipSetPathGradientTransform
GdipSetTextureTransform
GdipSetWorldTransform
GdipCloneRegion
GdipCombineRegionRegion
GdipCombineRegionPath
GdipGetRegionHRgn
GdipGetPathWorldBounds
GdipDrawPath
GdipFillRegion
GdipFillPath
GdipAddPathRectangle
GdipAddPathEllipse
GdipAddPathPath
GdipSetPathFillMode
GdipAddPathBezier
GdipAddPathLine2
GdipClosePathFigure
GdipStartPathFigure
GdipAddPathLine
GdipAddPathArc
GdipRotateMatrix
GdipTranslateMatrix
GdipTransformPath
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipGraphicsClear
GdiplusShutdown

winhttp

WinHttpWriteData
WinHttpSendRequest
WinHttpCloseHandle
WinHttpSetTimeouts
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpSetOption
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpOpen

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

dwmapi

DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 823KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b24d95fcd7d6bec545ffbcd071885200

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

18:2c:66:d4:ce:18:c4:ec:68:2e:71:ddCertificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

d0:05:bc:ac:2e:15:b1:39:4d:e7:05:df:15:e0:d1:f1:7b:fb:46:f8Signer

Signature Validations

Verification

27/11/2022, 09:38 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winhttp

version

oleacc

imm32

winmm

dwmapi

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 823KB - Virtual size: 822KB

.data Size: 52KB - Virtual size: 74KB

.rsrc Size: 6.4MB - Virtual size: 6.4MB

.reloc Size: 311KB - Virtual size: 311KB

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

18:2c:66:d4:ce:18:c4:ec:68:2e:71:dd
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

d0:05:bc:ac:2e:15:b1:39:4d:e7:05:df:15:e0:d1:f1:7b:fb:46:f8
Signer

27/11/2022, 09:38
Valid: true

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 823KB - Virtual size: 822KB

.data
Size: 52KB - Virtual size: 74KB

.rsrc
Size: 6.4MB - Virtual size: 6.4MB

.reloc
Size: 311KB - Virtual size: 311KB