setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

setup.exe
Size

6.2MB
MD5

ef29a1045c23ba30bfaa9867c54e7272
SHA1

8723d7042795edeff435889c722a8c9f9f851460
SHA256

e9fe6a65cb2648ca415f04d399810f2104aaa0b48a360a68410a251f3cb92c58
SHA512

20e00d0be83e559267d903280d6a66358a8b9e3257706105008fc4e85f62d40ad7d015787b3c55fcd07ad146a969f72baa174cd831ccb8fe771fb43ed5e0ec27
SSDEEP

98304:8KZVmt7y12D+p1t6w/PXDy+rZCrmXpLh5h7N:8KZIuDy+rZC8Lh5tN

Score

1^/10

Malware Config

Signatures

Files

setup.exe
.exe windows x86

f55ffdb112d24245b194407bc6cacf13

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

52:c2:74:89:66:29:4c:e9:3e:44:87:37
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

16/11/2020, 10:52

Not After

21/01/2024, 08:15

Subject

CN=STU-Soft\, LLC,O=STU-Soft\, LLC,L=Samara,ST=Samara Oblast,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:37:58:65:a3:67:d1:c2:8e:60:c8:b9:18:59:6c:98:f5:d4:91:ae
Signer

Actual PE Digest

7b:37:58:65:a3:67:d1:c2:8e:60:c8:b9:18:59:6c:98:f5:d4:91:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord92
ord32
ord159
ord160
ord118
ord8
ord70

kernel32

EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetProcessHeap
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
HeapFree
HeapQueryInformation
FreeLibrary
LoadLibraryExW
CloseHandle
GetExitCodeProcess
SetEnvironmentVariableW
GetFullPathNameA
SetEnvironmentVariableA
GetStringTypeW
OpenEventA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
HeapSize
HeapReAlloc
HeapAlloc
SetConsoleCtrlHandler
FatalAppExitA
SetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
LCMapStringW
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
SetUnhandledExceptionFilter
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
WaitForSingleObject
FormatMessageW
GetLastError
CreateProcessW
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
GetModuleFileNameA
RaiseException
ExitThread
CreateThread
IsBadReadPtr
HeapValidate
EncodePointer
ExitProcess
DecodePointer
FindFirstFileExW
GetDriveTypeW
FileTimeToLocalFileTime
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineW
LocalLock
LocalUnlock
SearchPathW
GetTickCount
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
GetNumberFormatW
FindResourceExW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetTempPathW
GetTempFileNameW
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
ResetEvent
PulseEvent
SystemTimeToFileTime
FileTimeToSystemTime
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
GetHandleInformation
GetProfileIntW
VirtualProtect
lstrlenA
GetAtomNameW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetSystemDirectoryW
GlobalFlags
SetErrorMode
GetCurrentDirectoryW
ReleaseActCtx
CreateActCtxW
CompareStringW
GlobalGetAtomNameW
GlobalFindAtomW
ResumeThread
GetThreadPriority
SetThreadPriority
MulDiv
CopyFileW
GlobalSize
LocalFree
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
CompareStringA
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
InterlockedExchange
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
WideCharToMultiByte
lstrcatW
lstrlenW
WinExec
lstrcpyW
GetWindowsDirectoryW
LoadLibraryW
LoadResource
LockResource
SizeofResource
FindResourceW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetModuleFileNameW
Sleep
GetVersionExW
CreateFileW
GetFileSize
ReadFile
GetEnvironmentVariableW
GetModuleHandleA
GetUserDefaultLocaleName
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GetBinaryTypeW
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW

user32

CopyAcceleratorTableW
CreateAcceleratorTableW
DestroyAcceleratorTable
UnregisterClassW
UpdateLayeredWindow
MonitorFromPoint
EmptyClipboard
CloseClipboard
SetClipboardData
GetDialogBaseUnits
GetMenuBarInfo
ReuseDDElParam
TranslateAcceleratorW
CharUpperW
UnpackDDElParam
GetClipboardFormatNameW
GetClipboardFormatNameA
SetRectEmpty
GetAsyncKeyState
WaitMessage
DestroyMenu
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
RealChildWindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
ReleaseCapture
LoadImageW
GetIconInfo
CopyImage
DrawIconEx
DestroyIcon
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SendDlgItemMessageW
SendDlgItemMessageA
MonitorFromWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
GetClassLongW
GetClassNameW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
SetMenu
GetMenu
GetMessageTime
SetWindowPos
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectW
LoadMenuW
ModifyMenuW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
ToUnicodeEx
CreateMenu
ScrollDC
GrayStringW
GetTabbedTextExtentW
DrawTextExW
DrawTextW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateW
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
OpenIcon
CloseWindow
LoadIconW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetWindow
GetTopWindow
FindWindowExW
FindWindowW
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
SetCapture
GetCapture
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
GetMessageA
DispatchMessageA
SubtractRect
UnionRect
IntersectRect
ShowOwnedPopups
IsWindowVisible
ValidateRgn
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
GetKeyboardLayout
GetKeyboardState
SetCursorPos
SetClassLongW
MsgWaitForMultipleObjectsEx
OffsetRect
RegisterClipboardFormatW
GetDoubleClickTime
PtInRect
IsRectEmpty
CharUpperBuffW
DefFrameProcW
TranslateMDISysAccel
DefMDIChildProcW
IsClipboardFormatAvailable
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
IsCharLowerW
MapVirtualKeyExW
InSendMessage
EnumChildWindows
DestroyCursor
CreatePopupMenu
InflateRect
SetRect
GetSystemMenu
DrawMenuBar
DragDetect
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetWindowLongW
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
GetKeyState
CallNextHookEx
PeekMessageW
GetCursorPos
SetWindowsHookExW
ValidateRect
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
TabbedTextOutW
PostMessageW
SendMessageW
MapDialogRect
PostQuitMessage
LoadCursorW
CopyIcon
IsWindow
GetSysColor
SetCursor
GetMessagePos
MessageBeep
SetWindowLongW
GetSystemMetrics
MessageBoxW
wsprintfW
LoadStringW
IsWindowUnicode
PeekMessageA
GetMonitorInfoW

gdi32

GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutW
GetTextExtentPoint32W
GetTextAlign
GetTextFaceW
SetRectRgn
GetTextMetricsW
GetTextCharacterExtra
GetCharWidthW
GetFontLanguageInfo
GetCharacterPlacementW
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCW
GetOutlineTextMetricsW
GetCharABCWidthsW
GetFontData
GetKerningPairsW
GetGlyphOutlineW
StartDocW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatW
GetCharWidthFloatW
GetTextColor
BeginPath
GetGraphicsMode
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SetTextColor
SetBkColor
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBitmap
StretchDIBits
CreateDIBSection
GetDIBits
SetDIBColorTable
EnumFontFamiliesExW
GetSystemPaletteEntries
DeleteMetaFile
GetTextExtentPointW
CloseFigure
GetMapMode
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateCompatibleDC
CreateICW
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
AbortPath
CreateCompatibleBitmap
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
CreateBitmapIndirect
CreateFontW
CreateFontIndirectW
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetObjectW
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateBitmap
ExtTextOutW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
GetStockObject
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
CombineRgn

msimg32

AlphaBlend
GradientFill
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
OpenThreadToken
RevertToSelf
SetThreadToken
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegCloseKey
GetFileSecurityW
SetFileSecurityW
RegEnumValueW
RegSetValueW

shell32

SHGetPathFromIDListW
ShellExecuteW
DragAcceptFiles
SHAddToRecentDocs
SHGetFileInfoW
ExtractIconW
SHBrowseForFolderW
SHGetMalloc
SHAppBarMessage
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_GetIcon
ImageList_GetImageCount
ImageList_DrawEx

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CreateFileMoniker
CoGetMalloc
DoDragDrop
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
OleRun
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
PropVariantCopy
OleLockRunning
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoInitializeEx
CoUninitialize
CoInitialize
OleSetMenuDescriptor
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgCreateDocfileOnILockBytes
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
CreateGenericComposite
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
GetClassFile
CoGetClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleQueryLinkFromData
OleQueryCreateFromData
OleRegGetMiscStatus
OleRegEnumVerbs
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
RevokeDragDrop
CoLockObjectExternal
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemFree
OleDuplicateData
CoCreateGuid
RegisterDragDrop
OleGetClipboard
OleIsRunning
CreateStreamOnHGlobal
CreateItemMoniker

oleaut32

SysAllocString
SystemTimeToVariantTime
VarDateFromUdate
VarUdateFromDate
VariantTimeToSystemTime
DosDateTimeToVariantTime
VarBstrFromDate
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VariantCopy
SafeArrayCreate
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysFreeString
SysStringLen
SysAllocStringByteLen
GetErrorInfo
SetErrorInfo
CreateErrorInfo

oledlg

OleUIPasteSpecialW
OleUIUpdateLinksW
OleUIEditLinksW
OleUIChangeIconW
OleUIConvertW
OleUIInsertObjectW
OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusShutdown
GdipCreateBitmapFromScan0

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.textbss
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f55ffdb112d24245b194407bc6cacf13

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

52:c2:74:89:66:29:4c:e9:3e:44:87:37Certificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

7b:37:58:65:a3:67:d1:c2:8e:60:c8:b9:18:59:6c:98:f5:d4:91:aeSigner

Headers

DLL Characteristics

File Characteristics

Imports

msi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.textbss Size: - Virtual size: 2.4MB

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 780KB - Virtual size: 779KB

.data Size: 40KB - Virtual size: 79KB

.idata Size: 28KB - Virtual size: 27KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 264KB - Virtual size: 264KB

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

52:c2:74:89:66:29:4c:e9:3e:44:87:37
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

7b:37:58:65:a3:67:d1:c2:8e:60:c8:b9:18:59:6c:98:f5:d4:91:ae
Signer

.textbss
Size: - Virtual size: 2.4MB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 780KB - Virtual size: 779KB

.data
Size: 40KB - Virtual size: 79KB

.idata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 264KB - Virtual size: 264KB