918b45be[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

918b45be.exe
Size

7.4MB
MD5

4df99abfdfd83c2d991b0f44ed5c8582
SHA1

338cfb618115096a62f335b1c9e8a61ed62dadb9
SHA256

a5283903f3dd9892458c6a2bf867b807275d96d15f760fd30f962aa6f8cd7b1b
SHA512

fb993e74c16d02a5dd415cdc77dc880bd068a874388d2d5e4746eedb0a52245ef204b0f3fd932db083d9d7999dc397fd0de2ae8ce048e0b20276dd7dfa57c7a6
SSDEEP

49152:DFMtJ0xnMHMAyhUAJhsxRtQs9NAGHgmgtRqOS/iKdXXMrEomU8i8Hf4G/yF5GC2Y:DdhfK+skSf48HryF2leT/n

Score

1^/10

Malware Config

Signatures

Files

918b45be.exe
.exe windows x86

7a100c038f5df2257f412957fd6ae851

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:51:a2:1b:29:58:67:08:68:5b:b1:2f:fc:c9:7d:05
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

23/06/2022, 00:00

Not After

22/07/2023, 23:59

Subject

CN=Electronic Arts\, Inc.,OU=Origin Client,O=Electronic Arts\, Inc.,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:24:da:eb:22:e3:e4:4b:f4:1b:2a:de:6a:6e:b1:c7:54:95:2b:3e
Signer

Actual PE Digest

be:24:da:eb:22:e3:e4:4b:f4:1b:2a:de:6a:6e:b1:c7:54:95:2b:3e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
FileTimeToLocalFileTime
InitializeCriticalSectionEx
OpenEventW
SizeofResource
LockResource
CreateFileMappingW
FindClose
FindResourceW
WideCharToMultiByte
Sleep
GetLocalTime
VirtualAlloc
VirtualFree
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
GetFileAttributesW
OutputDebugStringA
GetLastError
SetLastError
GetVersion
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
FindResourceA
GlobalAlloc
GlobalSize
LocalFree
MulDiv
FormatMessageA
CopyFileA
MultiByteToWideChar
GetCurrentThreadId
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
SetThreadPriority
GetThreadPriority
SuspendThread
ResumeThread
GetCurrentProcessId
GetModuleFileNameA
GlobalReAlloc
lstrcmpA
InterlockedExchange
GetCurrentThread
GetVersionExA
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
ApplicationRecoveryInProgress
ApplicationRecoveryFinished
GetThreadPreferredUILanguages
GetLocaleInfoEx
CloseHandle
SetEvent
WaitForSingleObject
CreateEventA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileTime
GetFullPathNameA
SetFileTime
GetTempFileNameA
ReplaceFileA
SystemTimeToFileTime
GetUserDefaultLCID
lstrcpyA
lstrcpyW
EnterCriticalSection
LeaveCriticalSection
GetAtomNameA
GetACP
GlobalFlags
SetErrorMode
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetProfileIntA
VirtualProtect
FileTimeToSystemTime
GetThreadLocale
InitializeCriticalSectionAndSpinCount
ResetEvent
PulseEvent
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
DeleteFileA
CreateFileA
LoadResource
FindFirstFileA
FlushFileBuffers
GetFileSize
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetHandleInformation
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetStringTypeExA
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesA
GetWindowsDirectoryA
FindResourceExW
GetUserDefaultUILanguage
ReleaseSemaphore
ReleaseMutex
CreateMutexA
WaitForMultipleObjects
CreateSemaphoreA
GetTickCount
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
SearchPathA
LocalLock
LocalUnlock
GetModuleHandleExW
RtlUnwind
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
GetCommandLineA
HeapValidate
GetSystemInfo
SetThreadStackGuarantee
VirtualQuery
ExitProcess
AreFileApisANSI
SetStdHandle
GetFileType
CreateThread
ExitThread
GetStdHandle
OutputDebugStringW
WriteConsoleW
GetSystemTimeAsFileTime
FatalAppExitA
SetConsoleCtrlHandler
WaitForSingleObjectEx
lstrlenA
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetStartupInfoW
InitOnceExecuteOnce
GetProcessHeap
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapAlloc
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStringTypeW
GetExitCodeProcess
CreateProcessA
GetFileAttributesExW
GetTimeFormatEx
GetDateFormatEx
CompareStringEx
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
EnumSystemLocalesEx
GetTimeZoneInformation
CreateFileW
SetEnvironmentVariableA

user32

SetRectEmpty
GetSystemMetrics
SystemParametersInfoA
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
DestroyIcon
SetCursor
DestroyMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
MapVirtualKeyA
GetKeyNameTextA
GetWindowThreadProcessId
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
NotifyWinEvent
ArrangeIconicWindows
DlgDirSelectComboBoxExA
DlgDirListComboBoxA
DlgDirSelectExA
DlgDirListA
LoadCursorW
LoadCursorA
GetLastActivePopup
FindWindowExA
FindWindowA
SetParent
ChildWindowFromPointEx
ChildWindowFromPoint
WindowFromPoint
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowContextHelpId
SetWindowContextHelpId
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
ValidateRgn
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDCEx
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
DragDetect
GetSystemMenu
DrawMenuBar
HiliteMenuItem
KillTimer
SetTimer
SetCapture
GetOpenClipboardWindow
ChangeClipboardChain
DrawFrameControl
SetClipboardViewer
GetClipboardOwner
PostQuitMessage
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
CloseWindow
OpenIcon
ShowOwnedPopups
FlashWindow
PostThreadMessageA
SendNotifyMessageA
DrawAnimatedRects
DrawCaption
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
LoadMenuW
LoadMenuIndirectA
CreateMenu
CreatePopupMenu
DispatchMessageA
PeekMessageA
SubtractRect
UnionRect
IntersectRect
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
EndDeferWindowPos
CheckMenuItem
WaitMessage
EnableMenuItem
ModifyMenuA
DeleteMenu
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextA
DrawTextExA
GrayStringA
DrawStateA
GetTabbedTextExtentA
WindowFromDC
ExcludeUpdateRgn
ScrollDC
GetMessageA
TranslateMessage
GetCursorPos
FillRect
DestroyCursor
PtInRect
OpenClipboard
DrawEdge
InflateRect
SetRect
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsChild
SetWindowPos
GetWindowPlacement
SetMenuContextHelpId
GetMenuContextHelpId
GetSysColorBrush
DrawFocusRect
FrameRect
InvertRect
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
CheckMenuRadioItem
LoadBitmapA
GetDialogBaseUnits
RealChildWindowFromPoint
GetAsyncKeyState
CopyImage
GetClipboardFormatNameA
LoadAcceleratorsW
CharUpperA
CharNextA
CopyAcceleratorTableA
MessageBeep
InSendMessage
IsRectEmpty
GetTabbedTextExtentW
UnregisterClassA
MsgWaitForMultipleObjectsEx
DrawIconEx
GetIconInfo
RegisterClipboardFormatA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetActiveWindow
EnableWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
IsMenu
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
SendMessageA
PostMessageA
TabbedTextOutA
MapDialogRect
GetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
EnumChildWindows
CharUpperBuffA
CopyIcon
GetDoubleClickTime
ChangeWindowMessageFilter
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
OffsetRect
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
IsClipboardFormatAvailable
GetClipboardViewer
RegisterWindowMessageA

gdi32

SetDIBColorTable
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
DeleteMetaFile
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextExtentPoint32W
GetTextExtentPointA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
MoveToEx
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetClipRgn
GetClipBox
ExcludeClipRect
UnrealizeObject
GetKerningPairsA
GetTextFaceA
SetBrushOrgEx
SetBitmapDimensionEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
TextOutA
GetArcDirection
GetMiterLimit
ExtCreatePen
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
PathToRegion
GetPath
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
StartDocA
CreateHalftonePalette
GetColorAdjustment
GetWorldTransform
PolyPolyline
AngleArc
GetTextMetricsA
GdiComment
PlayEnhMetaFile
UpdateColors
SetRectRgn
StretchBlt
SetPixelV
SetPixel
SetPaletteEntries
SetBoundsRect
SetBitmapBits
ResizePalette
RoundRect
RealizePalette
ResetDCA
Rectangle
RectVisible
RectInRegion
PtVisible
PtInRegion
PolyPolygon
PaintRgn
Pie
PatBlt
OffsetRgn
PlgBlt
MaskBlt
InvertRgn
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetCharacterPlacementA
GetFontLanguageInfo
GetTextExtentPoint32A
GetTextColor
GetTextAlign
GetTextCharacterExtra
GetStretchBltMode
GetRgnBox
GetRegionData
GetPolyFillMode
GetPixel
GetPaletteEntries
GetOutlineTextMetricsA
GetNearestPaletteIndex
GetNearestColor
GetMapMode
GetGraphicsMode
GetGlyphOutlineA
GetFontData
GetCurrentPositionEx
GetCurrentObject
GetCharABCWidthsFloatA
GetCharABCWidthsA
GetCharWidthFloatA
GetBrushOrgEx
GetBoundsRect
GetBitmapDimensionEx
GetBitmapBits
GetBkMode
GetBkColor
GetAspectRatioFilterEx
GetROP2
FrameRgn
FloodFill
FillRgn
ExtFloodFill
ExtCreateRegion
ExtEscape
Escape
EqualRgn
EnumObjects
Ellipse
DrawEscape
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePolyPolygonRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateICA
CreateHatchBrush
CreateFontIndirectA
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateDIBPatternBrushPt
CreateDiscardableBitmap
CreateBrushIndirect
CreateBitmapIndirect
CombineRgn
Chord
BitBlt
Arc
AnimatePalette
CreateDIBSection
GetStockObject
StretchDIBits
SelectObject
GetObjectType
GetCharWidthA
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
CreateEnhMetaFileA
CloseEnhMetaFile
CreateMetaFileA
CloseMetaFile
GetDeviceCaps
CreateDCA
CopyMetaFileA

msimg32

AlphaBlend
GradientFill
TransparentBlt

winspool.drv

DocumentPropertiesA
GetJobA
ClosePrinter
OpenPrinterA

advapi32

RevertToSelf
OpenThreadToken
SetThreadToken
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconA
SHGetFileInfoA
SHBrowseForFolderA
SHAddToRecentDocs
SHCreateItemFromParsingName
DragFinish
DragQueryFileA
DragAcceptFiles
SHGetSpecialFolderPathA
SHAppBarMessage
SHGetKnownFolderPath
ShellExecuteExA
InitNetworkAddressControl

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

CloseThemeData
GetThemePartSize
IsAppThemed
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground

dwmapi

DwmDefWindowProc
DwmSetWindowAttribute
DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
StringFromGUID2
OleLoad
PropVariantCopy
CLSIDFromProgID
OleTranslateAccelerator
CoInitialize
CoCreateInstance
OleGetClipboard
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
IsAccelerator
CoRegisterClassObject
CreateDataAdviseHolder
CreateOleAdviseHolder
CoRevokeClassObject
OleRun
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
StgIsStorageILockBytes
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleSave
OleSaveToStream
OleSetContainedObject
OleIsRunning
OleLockRunning
OleGetIconOfClass
GetHGlobalFromILockBytes
CoLockObjectExternal
CreateFileMoniker
CLSIDFromString
GetRunningObjectTable
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleQueryLinkFromData
OleQueryCreateFromData
CoCreateGuid
CoGetMalloc
OleSetMenuDescriptor
DoDragDrop
GetClassFile
RegisterDragDrop
RevokeDragDrop
CoDisconnectObject

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VarDateFromUdate
VarUdateFromDate
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
DosDateTimeToVariantTime
SafeArrayGetUBound
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
VarBstrFromDate
VariantChangeType
VariantClear
VariantInit
SysAllocString
OleCreateFontIndirect
SafeArrayGetLBound
VarDecFromStr
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString

oledlg

ord9
ord7
ord6
ord5
ord4
ord3
ord8

odbc32

ord72
ord4
ord68
ord61
ord59
ord41
ord23
ord76
ord39
ord20
ord49
ord19
ord48
ord18
ord38
ord45
ord44
ord43
ord17
ord16
ord15
ord14
ord13
ord12
ord11
ord10
ord9
ord8
ord5
ord3
ord2
ord1

crypt32

CryptUnprotectData
CryptProtectData

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromFileICM
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImageWidth
GdipDrawImageRectI

propsys

PSGetPropertyDescriptionListFromString

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 819KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 387KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a100c038f5df2257f412957fd6ae851

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:51:a2:1b:29:58:67:08:68:5b:b1:2f:fc:c9:7d:05Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

be:24:da:eb:22:e3:e4:4b:f4:1b:2a:de:6a:6e:b1:c7:54:95:2b:3eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oledlg

odbc32

crypt32

oleacc

gdiplus

propsys

imm32

winmm

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 819KB - Virtual size: 818KB

.data Size: 387KB - Virtual size: 418KB

.idata Size: 29KB - Virtual size: 29KB

.rsrc Size: 41KB - Virtual size: 41KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:51:a2:1b:29:58:67:08:68:5b:b1:2f:fc:c9:7d:05
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

be:24:da:eb:22:e3:e4:4b:f4:1b:2a:de:6a:6e:b1:c7:54:95:2b:3e
Signer

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 819KB - Virtual size: 818KB

.data
Size: 387KB - Virtual size: 418KB

.idata
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 41KB - Virtual size: 41KB