07a755ffdc9a2813ab790ca4483fadb9e58e0a2caa44170b6635d4f272a1e1b3

Sharing

Copy URL

Twitter E-mail

General

Target

07a755ffdc9a2813ab790ca4483fadb9e58e0a2caa44170b6635d4f272a1e1b3
Size

3.9MB
MD5

b859839b466ee503ffc2f1377ce1eeef
SHA1

fcb7d232808d60cadeae91edb0fb888fb1512e0f
SHA256

07a755ffdc9a2813ab790ca4483fadb9e58e0a2caa44170b6635d4f272a1e1b3
SHA512

09a7d9a5f65ac2fc15bba057b8c42c3b5e3e29f0fd75adcb31cad6e4ab25331e7f33c44e760d20f4a9c3317b80a53e4041f11e77e1215253ddfa2b53f27077d9
SSDEEP

49152:EV1lr+yOfIC61x3/coObRtXedNSvnp1IFUrm/QpjD+koDuTC1ML5zE3HEB8oeI+3:I+gWbRtXXnMjMV4Hyt+6KQMrr9MM

Score

1^/10

Malware Config

Signatures

Files

07a755ffdc9a2813ab790ca4483fadb9e58e0a2caa44170b6635d4f272a1e1b3
.dll windows x64

1f64fb9ac4cdaa19d00a2895b4a7b906

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28-04-2023 00:00

Not After

07-07-2026 23:59

Subject

SERIALNUMBER=913101150729060470,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0ce6b5a6e4b89ce696b0e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28-04-2023 00:00

Not After

07-07-2026 23:59

Subject

SERIALNUMBER=913101150729060470,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0ce6b5a6e4b89ce696b0e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f1:3f:c4:a8:22:30:47:f7:81:39:e3:26:c1:ef:8d:54:fe:bc:a1:fe:50:a5:07:81:ee:37:26:5c:2b:93:cc:af
Signer

Actual PE Digest

f1:3f:c4:a8:22:30:47:f7:81:39:e3:26:c1:ef:8d:54:fe:bc:a1:fe:50:a5:07:81:ee:37:26:5c:2b:93:cc:af

Digest Algorithm

sha256

PE Digest Matches

false

2f:eb:f4:62:9d:16:c5:bf:45:f0:77:02:64:b4:93:ed:34:40:78:26
Signer

Actual PE Digest

2f:eb:f4:62:9d:16:c5:bf:45:f0:77:02:64:b4:93:ed:34:40:78:26

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
HeapCreate
AreFileApisANSI
FormatMessageW
DeviceIoControl
GetFileSizeEx
LoadLibraryA
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
ReleaseMutex
CreateMutexW
GetEnvironmentVariableW
WideCharToMultiByte
GetSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
SetFilePointer
EncodePointer
OutputDebugStringW
IsDebuggerPresent
DeleteFileA
SetEndOfFile
HeapReAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
FormatMessageA
GetACP
GetSystemInfo
LockResource
InitializeCriticalSection
TryEnterCriticalSection
GetFileAttributesExW
CreateFileW
FindFirstFileW
MulDiv
LoadLibraryW
GetVersionExW
CloseHandle
SetEvent
CreateEventW
WaitForMultipleObjects
lstrcpyW
Sleep
lstrlenW
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
SetUnhandledExceptionFilter
LoadLibraryExW
GetTickCount
lstrcmpiW
FreeLibrary
GetModuleHandleW
LocalFree
GetProcAddress
FindResourceW
LoadResource
MultiByteToWideChar
SetErrorMode
GetModuleFileNameW
GetLongPathNameW
GetCommandLineW
SizeofResource
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetFileTime
WriteFile
ReadFile
FindClose
FindNextFileW
lstrcatW
SetLastError
FlushFileBuffers
WaitForSingleObject
GlobalMemoryStatusEx
FreeResource
OpenMutexW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetLocalTime
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
GetCurrentProcess
QueryDosDeviceW
GetProcessHeap
HeapAlloc
OpenProcess
HeapFree
GetExitCodeProcess
CreateProcessW
GetCurrentProcessId
ResetEvent
MoveFileW
GetTempFileNameW
CopyFileW
MoveFileExW
GetWindowsDirectoryW
GetCurrentDirectoryW
DeleteFileW
SetFileAttributesW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
GetFileTime
GetFileSize
GetVersionExA
GetFileAttributesW
ExpandEnvironmentStringsW
InitializeSListHead
ResumeThread
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount

user32

GetWindowRect
ScreenToClient
GetWindowLongW
SetClassLongW
SetCursor
GetWindowLongPtrW
CallWindowProcW
SetWindowPos
IntersectRect
SetRectEmpty
TrackMouseEvent
SetCapture
ReleaseCapture
GetWindowThreadProcessId
GetLastActivePopup
AttachThreadInput
GetForegroundWindow
GetClassNameW
SetForegroundWindow
wsprintfW
FindWindowW
EqualRect
DestroyCursor
GetMenuStringW
InsertMenuW
SetRect
RegisterWindowMessageW
UnionRect
EndDialog
IsWindowEnabled
GetMenuItemInfoW
CheckMenuRadioItem
MessageBoxW
GetMenuItemCount
LoadStringA
SetWindowTextW
MessageBeep
CreatePopupMenu
LoadStringW
SetMenuItemInfoW
MapWindowPoints
SetMenuDefaultItem
DestroyMenu
TranslateAcceleratorW
LoadIconW
TrackPopupMenuEx
RemoveMenu
AppendMenuW
PostQuitMessage
CreateMenu
MonitorFromPoint
GetDC
IsWindowVisible
MonitorFromWindow
GetMonitorInfoW
IsRectEmpty
UpdateLayeredWindow
ReleaseDC
RedrawWindow
SetFocus
SetWindowLongW
IsZoomed
GetDlgItem
InvalidateRect
IsIconic
GetCursorPos
BeginPaint
EndPaint
GetWindow
GetParent
ShowWindow
MoveWindow
GetClientRect
UnregisterClassW
SendMessageW
PostMessageW
GetActiveWindow
LoadImageW
GetClassInfoExW
SystemParametersInfoW
GetDesktopWindow
LoadCursorW
IsWindow
RegisterClassExW
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
TranslateMessage
CharNextW
PeekMessageW
DispatchMessageW
DestroyWindow
DefWindowProcW
GetMessageW
KillTimer
SetClipboardData
DestroyCaret
GetClipboardData
CreateCaret
EmptyClipboard
CloseClipboard
SetTimer
OpenClipboard
SetCaretPos
DrawTextW
CopyRect
DialogBoxParamW
GetKeyState
PtInRect
OffsetRect

gdi32

SetBrushOrgEx
SelectClipRgn
SetArcDirection
SetDCBrushColor
SetStretchBltMode
SetROP2
SetDCPenColor
CreateDIBSection
GetTextColor
SetGraphicsMode
SetBkColor
CreateFontIndirectW
SetWorldTransform
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetViewportOrgEx
CreateRectRgn
CreatePolygonRgn
CreateEllipticRgn
CombineRgn
SelectObject
GetStockObject
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
GetUserNameW

shell32

SHGetFileInfoW
CommandLineToArgvW
DragQueryFileW
DragFinish
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
CreateStreamOnHGlobal
RegisterDragDrop
CoCreateInstance

oleaut32

VarUI4FromStr

msvcp140

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

2345miniui

?WindowDefKeyPressed@RCMiniUIDialog@RC@@EEAA_NIII@Z
?Play@RCMiniUIGifView@RC@@QEAAXXZ
?SetItemText@RCMiniUIDialogView@RC@@QEAA_NIAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetItemText@RCMiniUIDialogView@RC@@QEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@I@Z
?SetBounds@RCMiniUIView@RC@@QEAAXAEBUtagRECT@@@Z
?GetBounds@RCMiniUIView@RC@@QEBA?AUtagRECT@@XZ
?OnEsc@RCMiniUIDialogView@RC@@UEAAXXZ
?OnEnter@RCMiniUIDialogView@RC@@UEAAXXZ
?DoModal@RCMiniUIDialog@RC@@QEAA_JPEAUHWND__@@_J@Z
?GetGlobalSkinPool@RCMiniUIManner@RC@@SAPEAVRCMiniUISkinPoolInterface@2@XZ
?GetGlobalStylePool@RCMiniUIManner@RC@@SAPEAVRCMiniUIStylePoolInterface@2@XZ
?GetMessageLoop@RCMiniUIAppModule@RC@@QEAAPEAVCMessageLoop@WTL@@XZ
?CreateCurrentThreadMessageLoop@RCMiniUIAppModule@RC@@QEAAXXZ
?Term@RCMiniUIAppModule@RC@@QEAAXXZ
?Init@RCMiniUIAppModule@RC@@QEAAXPEAUHINSTANCE__@@@Z
?Instance@RCMiniUIAppModule@RC@@SAAEAV12@XZ
?GetGolobalStringPool@RCMiniUIResourceManager@RC@@SAPEAVRCMiniUIStringPoolInterface@2@XZ
?GetGolobalFontPool@RCMiniUIResourceManager@RC@@SAPEAVRCMiniUIFontPoolInterface@2@XZ
?ReflectNotifications@?$CWindowImplRoot@VRCMiniAtlWindow@@@ATL@@QEAA_JI_K_JAEAH@Z
?IsChecked@RCMiniUiImgChkBox@RC@@QEAA_NXZ
?SetChecked@RCMiniUiImgChkBox@RC@@QEAAX_N@Z
?GetViewByID@RCMiniUIDialogView@RC@@QEBAPEAVRCMiniUIView@2@H@Z
?OnDialogTimer@RCMiniUIDialogView@RC@@UEAA_NIPEAX@Z
?OnMouseMoveInDialog@RCMiniUIDialogView@RC@@UEAAXAEBVCPoint@WTL@@I@Z
?GetToolTip@RCMiniUIDialogView@RC@@UEAAAEAV?$CToolTipCtrlT@VCWindow@ATL@@@WTL@@XZ
?GetRootView@RCMiniUIDialogView@RC@@UEAAPEAVRCMiniUIView@2@XZ
?BeforeWindowDestroy@RCMiniUIDialogView@RC@@UEAAXXZ
?GetHWND@RCMiniUIDialog@RC@@UEAAPEAUHWND__@@XZ
??1RCMiniUIDialog@RC@@UEAA@XZ
??0RCMiniUIDialog@RC@@QEAA@I@Z
?EndDialog@?$CDialogImpl@VRCMiniUIDialog@RC@@VRCMiniAtlWindow@@@ATL@@QEAAHH@Z
?GetDialogProc@?$CDialogImplBaseT@VRCMiniAtlWindow@@@ATL@@UEAAP6A_JPEAUHWND__@@I_K_J@ZXZ
?OnFinalMessage@?$CDialogImplBaseT@VRCMiniAtlWindow@@@ATL@@UEAAXPEAUHWND__@@@Z
?ProcessWindowMessage@RCMiniUIDialog@RC@@UEAAHPEAUHWND__@@I_K_JAEA_JK@Z
?OnDialogSkinChanged@RCMiniUIDialogView@RC@@UEAAXXZ
?OnAnimateHideEnded@RCMiniUIDialogView@RC@@UEAAXXZ
?OnAnimateShowEnded@RCMiniUIDialogView@RC@@UEAAXXZ
?OnMouseLeaveDialog@RCMiniUIDialogView@RC@@UEAAXXZ
?OnMouseEnterDialog@RCMiniUIDialogView@RC@@UEAAXXZ
?OnDropFiles@RCMiniUIDialogView@RC@@UEAAXAEBV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?OnFirstLayouted@RCMiniUIDialogView@RC@@UEAAXXZ

imm32

ImmAssociateContextEx
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmAssociateContext
ImmCreateContext
ImmGetVirtualKey
ImmDestroyContext

gdiplus

GdipGetClipBoundsI
GdipGetMatrixElements
GdipGetClip
GdipDeleteRegion
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateFontFromLogfontW
GdipCreateBitmapFromHBITMAP
GdipDrawRectangle
GdipSetPixelOffsetMode
GdipGetImageEncoders
GdipCreateFromHDC
GdipCreateMatrix
GdipCreateRegion
GdipGetRegionHRgn
GdipGetImageEncodersSize
GdipDrawLineI
GdipSetStringFormatLineAlign
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipCloneFontFamily
GdipGetFamilyName
GdipBitmapGetPixel
GdipResetClip
GdipSetClipHrgn
GdipSetSolidFillColor
GdipTranslateTextureTransform
GdipReleaseDC
GdipGetDC
GdipCreateTexture
GdipResetTextureTransform
GdipCreateFromHWND
GdipMeasureString
GdipDrawImageRectI
GdipTransformPointsI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSetCompositingMode
GdipDrawImageRectRectI
GdipSetClipRectI
GdipCreateBitmapFromFile
GdipSaveImageToFile
GdipCloneImage
GdipDisposeImage
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipGraphicsClear
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipScaleWorldTransform
GdipResetWorldTransform
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateStringFormat
GdipDeleteFontFamily
GdipGetImageHeight
GdipFillPolygonI
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipDrawRectangleI
GdipCreateFontFamilyFromName
GdipSaveGraphics
GdipDrawImageRectRect
GdipDrawEllipseI
GdipDisposeImageAttributes
GdipCreateFont
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipDrawLinesI
GdipDrawString
GdipSetImageAttributesWrapMode
GdipFillEllipseI
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipDeleteStringFormat
GdipFillRectangleI
GdipFillRectangle
GdipDeleteFont
GdipGetImageWidth
GdipTranslateWorldTransform
GdipDeletePen
GdipGetWorldTransform
GdipCreatePen1
GdipDrawImagePointRectI
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteBrush
GdipAlloc
GdipCreateSolidFill
GdipFree
GdipCloneBrush
GdipDeleteMatrix

dbghelp

MiniDumpWriteDump

vcruntime140

memcpy
_purecall
wcsstr
__std_type_info_name
strstr
_CxxThrowException
__std_type_info_destroy_list
memset
__RTDynamicCast
memchr
memcmp
memmove
__std_exception_copy
__std_exception_destroy
strrchr
__std_terminate
__std_type_info_compare
wcsrchr
__C_specific_handler
wcschr
__RTtypeid
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

calloc
_aligned_malloc
_callnewh
_recalloc
malloc
realloc
free
_msize
_aligned_free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_beginthreadex
_errno
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_crt_atexit
_execute_onexit_table
_endthreadex
_initterm
_cexit
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vswprintf_s
__stdio_common_vsprintf_s
__stdio_common_vswscanf
__stdio_common_vswprintf

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcscpy_s
strncmp
strncpy_s
towlower
towupper
strcmp
wcsncpy
tolower
strcspn
_stricmp
_wcsicmp
_wcsnicmp

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand

api-ms-win-crt-time-l1-1-0

_mktime64
_localtime64
_localtime64_s
_time64

api-ms-win-crt-convert-l1-1-0

_wtoi
_wtof
wcstoul

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-math-l1-1-0

floor
floorf
acosf
cosf
pow
sinf
sqrt
modf
sqrtf
cos
acos
_dtest
expf

Exports

Exports

ImageEditorMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 823KB - Virtual size: 823KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f64fb9ac4cdaa19d00a2895b4a7b906

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7aCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7aCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

f1:3f:c4:a8:22:30:47:f7:81:39:e3:26:c1:ef:8d:54:fe:bc:a1:fe:50:a5:07:81:ee:37:26:5c:2b:93:cc:afSigner

2f:eb:f4:62:9d:16:c5:bf:45:f0:77:02:64:b4:93:ed:34:40:78:26Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcp140

comctl32

msimg32

2345miniui

imm32

gdiplus

dbghelp

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 665KB - Virtual size: 664KB

.data Size: 32KB - Virtual size: 50KB

.pdata Size: 101KB - Virtual size: 101KB

.rsrc Size: 823KB - Virtual size: 823KB

.reloc Size: 13KB - Virtual size: 13KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:7e:f8:80:11:79:bf:12:a7:46:6f:7d:a5:b3:27:7a
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

f1:3f:c4:a8:22:30:47:f7:81:39:e3:26:c1:ef:8d:54:fe:bc:a1:fe:50:a5:07:81:ee:37:26:5c:2b:93:cc:af
Signer

2f:eb:f4:62:9d:16:c5:bf:45:f0:77:02:64:b4:93:ed:34:40:78:26
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 665KB - Virtual size: 664KB

.data
Size: 32KB - Virtual size: 50KB

.pdata
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 823KB - Virtual size: 823KB

.reloc
Size: 13KB - Virtual size: 13KB