9f99870856089d64a51abefd0916b3bc8b2730451398e727a3b152c058be211a

Sharing

Copy URL

Twitter E-mail

General

Target

9f99870856089d64a51abefd0916b3bc8b2730451398e727a3b152c058be211a
Size

10.2MB
MD5

cf2edaa37fa4353f8e43547210de8ca2
SHA1

4b39f7a40ec93e588007a4c6fc91db430cdb621f
SHA256

9f99870856089d64a51abefd0916b3bc8b2730451398e727a3b152c058be211a
SHA512

adc39cea694e76ec4739cde503d539a3d7806f919a4c22c8d83d1b24da509c0a73059b0ae491691f04581097391e401e22bb167485714cf808b312a93245cd79
SSDEEP

196608:YRhAoxkHIE3K+IHD61hwSjIUoGOcYw7ypNXq/VJnI6SI:YRhAqkof+661PjHxZsNXqJnF

Score

1^/10

Malware Config

Signatures

Files

9f99870856089d64a51abefd0916b3bc8b2730451398e727a3b152c058be211a
.dll regsvr32 windows x86

bcb85141296ed66f19468a3f2d32b1b7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:61:1c:8e:b8:a1:e9:b6:53:07:c1:76:04:88:1a:df
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02-05-2022 00:00

Not After

01-05-2024 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:d2:05:b2:14:a4:35:1a:d0:77:2d:c4:2a:00:02:3d:13:82:c0:4c:e7:d3:ac:20:a7:6e:33:67:7e:4b:a2:e2
Signer

Actual PE Digest

04:d2:05:b2:14:a4:35:1a:d0:77:2d:c4:2a:00:02:3d:13:82:c0:4c:e7:d3:ac:20:a7:6e:33:67:7e:4b:a2:e2

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetProcessImageFileNameW

winmm

waveOutGetDevCapsW
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInStop
mixerClose
timeGetDevCaps
waveOutGetNumDevs
timeEndPeriod
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
timeGetTime
timeSetEvent
timeKillEvent
mixerOpen
mixerGetDevCapsA
waveInMessage
waveInGetDevCapsA
mixerGetID
waveOutGetDevCapsA
timeBeginPeriod
waveOutMessage
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
waveOutPause
waveOutRestart
waveInGetPosition
waveInReset
mixerSetControlDetails

wininet

HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA

crypt32

CryptGetMessageCertificates
CryptVerifyMessageSignature
CertCompareCertificate
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueW

oleaut32

LoadRegTypeLi
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
SysFreeString
LoadTypeLi
SysStringLen

urlmon

CopyStgMedium

dsound

ord8
ord1

kernel32

GetExitCodeThread
DuplicateHandle
SetThreadPriority
TerminateThread
CreateWaitableTimerW
GetTempPathA
GetTempFileNameA
DeleteFileA
OpenThread
QueueUserAPC
SleepEx
GetModuleHandleExW
SetCurrentDirectoryW
GetCurrentDirectoryW
WideCharToMultiByte
CompareFileTime
GetLongPathNameW
GetFileInformationByHandle
GetFileSizeEx
DeviceIoControl
SetFilePointerEx
lstrlenW
GetModuleFileNameA
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
GetSystemWow64DirectoryW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryW
GetFullPathNameW
GetFileAttributesA
GetFileAttributesExW
GetVolumeInformationW
FreeResource
SizeofResource
OpenFile
_lwrite
_lclose
FindResourceA
GetEnvironmentVariableA
GetCurrentDirectoryA
TlsAlloc
TlsFree
FormatMessageW
GetStdHandle
GetFileType
GetSystemTimeAsFileTime
SwitchToFiber
DeleteFiber
CreateFiber
ConvertFiberToThread
ConvertThreadToFiber
VerifyVersionInfoW
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetConsoleCtrlHandler
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
GetStartupInfoW
UnhandledExceptionFilter
GetStringTypeW
LoadLibraryExA
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
CreateFileMappingA
InitializeSListHead
EncodePointer
OutputDebugStringW
ExitProcess
CancelIo
CreateNamedPipeW
GetNamedPipeInfo
ConnectNamedPipe
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrencyFormatW
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
CompareStringW
VerifyVersionInfoA
GetVersion
GetVersionExA
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerA
CreateEventA
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
UnregisterWaitEx
RegisterWaitForSingleObject
CreateToolhelp32Snapshot
GetModuleHandleExA
TerminateProcess
OpenProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetNativeSystemInfo
IsDebuggerPresent
GetCommandLineW
CreateProcessW
FormatMessageA
InterlockedExchangeAdd
CreateFileMappingW
CreateMutexW
VirtualProtect
VirtualFree
VirtualAlloc
GetProcessHeap
HeapSize
HeapFree
HeapAlloc
CreateMutexA
ReleaseMutex
GetTempFileNameW
CreateSemaphoreW
ReleaseSemaphore
GetTimeZoneInformation
FindNextFileW
FindFirstFileW
GetTempPathW
FindClose
SetUnhandledExceptionFilter
GetUserDefaultLangID
InterlockedPopEntrySList
GetUserDefaultUILanguage
MoveFileExW
DeleteFileW
GetFileAttributesW
CreateFileW
CreateFileA
GetSystemDirectoryW
FindResourceExW
FindResourceExA
CreateProcessA
SetFilePointer
ReadFile
WriteFile
GetFileSize
LoadResource
CreateThread
VirtualQuery
GlobalFree
LockResource
VerSetConditionMask
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
GetModuleFileNameW
SetLastError
GetLocaleInfoW
LCMapStringW
GetTickCount
GetSystemInfo
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SwitchToThread
RaiseException
DecodePointer
WaitForMultipleObjects
GetVersionExW
WaitForSingleObject
ResetEvent
SetEvent
GetLastError
GetModuleHandleW
SetThreadAffinityMask
GetCurrentThread
IsDBCSLeadByte
GetCPInfo
GetACP
TlsSetValue
MultiByteToWideChar
CreateEventW
CloseHandle
ExitThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemDirectoryA
OutputDebugStringA
SystemTimeToFileTime
GetSystemTime
GetCurrentProcess
GetProcessTimes
FreeLibrary
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleA
LoadLibraryW
LoadLibraryA
GetProcAddress
DebugBreak
TryEnterCriticalSection
GetProcessAffinityMask
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
TlsGetValue
Sleep
InterlockedCompareExchange
InterlockedExchange
GetDriveTypeW
PeekNamedPipe
GetConsoleCP
FreeLibraryAndExitThread
HeapReAlloc
FlushFileBuffers
SetStdHandle
WriteConsoleW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEndOfFile
GetThreadTimes
Thread32First
Thread32Next
GetEnvironmentVariableW

user32

CreateCaret
EnumDisplayDevicesW
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowThreadProcessId
IsWindow
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
RemoveMenu
SetMenuInfo
DrawMenuBar
MapVirtualKeyW
ToAscii
GetKeyboardState
CharLowerW
DestroyCaret
ShowCaret
SetCaretPos
ShowWindowAsync
FlashWindowEx
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
IsZoomed
GetActiveWindow
GetSystemMenu
DeleteMenu
CreateWindowExA
GetFocus
GetWindowTextW
GetAncestor
SetParent
SetActiveWindow
MapWindowPoints
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetClassNameW
GetClassNameA
FindWindowExW
RemovePropW
ValidateRect
GetUpdateRect
PostMessageA
RegisterWindowMessageA
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetCapture
CheckMenuItem
EnableMenuItem
MessageBoxW
SetCursorPos
GetCursorPos
WindowFromPoint
GetProcessWindowStation
GetDoubleClickTime
TranslateMessage
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
CreateWindowExW
DestroyWindow
ShowWindow
UnregisterClassW
OffsetRect
MonitorFromWindow
GetForegroundWindow
GetDesktopWindow
SetRect
UpdateLayeredWindow
GetWindowRect
GetWindowLongW
EnumDisplayDevicesA
ActivateKeyboardLayout
GetKeyboardLayout
DefWindowProcW
SendInput
ClientToScreen
PostQuitMessage
CallWindowProcW
RegisterClassExW
GetClassInfoExW
SetWindowLongW
LoadCursorW
SetFocus
CopyRect
GetWindowInfo
GetDC
ReleaseDC
RegisterClipboardFormatA
GetWindow
EnumDisplaySettingsW
WaitForInputIdle
UnregisterClassA
GetMessageTime
AttachThreadInput
RegisterClassA
GetQueueStatus
RegisterClassW
GetClipboardFormatNameA
SendMessageW
SendMessageTimeoutW
PostMessageW
MoveWindow
SetWindowPos
DialogBoxParamW
DialogBoxIndirectParamW
EndDialog
GetUserObjectInformationW
SetWinEventHook
GetDlgItem
SetDlgItemTextA
SetDlgItemTextW
GetDlgItemTextA
GetDlgItemTextW
GetKeyState
EnableWindow
IsWindowEnabled
GetSystemMetrics
RedrawWindow
SetPropW
GetPropW
SetWindowTextA
SetWindowTextW
GetWindowTextLengthW
CharUpperW
PostThreadMessageW
GetMessageW
CloseWindow
InvalidateRect
EndPaint
BeginPaint
UpdateWindow
TrackPopupMenu
GetSubMenu
DestroyMenu
CreatePopupMenu
CreateMenu
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetMonitorInfoW
SystemParametersInfoW
LoadStringW
CreateIconIndirect
LoadImageW
DestroyIcon
LoadIconW
GetParent
PtInRect
InflateRect
SetRectEmpty
FillRect
ScreenToClient
GetCursor
SetCursor
MessageBoxA
GetClientRect

gdi32

CreateDCA
CreateBitmap
EnumFontFamiliesW
CreateFontIndirectW
GetStockObject
GetObjectW
CreateDIBSection
GdiAlphaBlend
StretchBlt
SetBkColor
SelectObject
GetStretchBltMode
DeleteObject
CreateCompatibleBitmap
BitBlt
GdiFlush
DeleteDC
CreateCompatibleDC
Rectangle
RestoreDC
SaveDC
SetPolyFillMode
StretchDIBits
StartDocW
EndDoc
StartPage
EndPage
BeginPath
EndPath
FillPath
SelectClipPath
StrokePath
ExtCreatePen
LPtoDP
PolyBezierTo
GetDIBits
GetClipBox
RectVisible
RealizePalette
SelectPalette
SetPixel
GetICMProfileA
CreateFontIndirectA
CreatePen
CreateRectRgn
EnumFontFamiliesA
GetBkColor
GetBkMode
GetClipRgn
GetCurrentObject
GetDeviceCaps
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
IntersectClipRect
LineTo
SelectClipRgn
SetBkMode
SetGraphicsMode
EnumFontFamiliesExW
GetFontData
CreateDCW
SetTextCharacterExtra
SetTextColor
SetTextAlign
GetTextMetricsW
GetWorldTransform
SetWorldTransform
MoveToEx
ExtTextOutA
DPtoLP
CreatePalette
GetSystemPaletteEntries
ExtTextOutW
SetStretchBltMode
CreateSolidBrush

comdlg32

PrintDlgW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PrintDlgExW

advapi32

CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
RegOpenKeyA
CryptAcquireContextA
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryValueExW
RegOpenKeyExA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExW

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetFolderPathA
SHGetFolderLocation
SHBrowseForFolderW
SHGetSettings
SHAppBarMessage
ord165
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceExW
ShellExecuteW

ole32

OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
ReleaseStgMedium
OleUninitialize
CoInitialize
CoTaskMemFree
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
OleInitialize
CreateBindCtx
MkParseDisplayName
PropVariantClear
CoUninitialize
CoTaskMemAlloc

ws2_32

inet_ntoa
inet_addr
htons
closesocket
select
send
socket
gethostbyaddr
gethostbyname
getservbyport
getservbyname
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
bind
listen
getnameinfo
freeaddrinfo
getaddrinfo
getsockopt
shutdown
getpeername
gethostname
WSAAddressToStringA
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
setsockopt
sendto
recvfrom
htonl
ioctlsocket
WSAAsyncSelect
ntohs
recv
accept
ntohl
WSAIoctl
WSASocketW
__WSAFDIsSet
connect
getsockname

shlwapi

UrlCanonicalizeW
AssocQueryStringW
StrRStrIW
StrStrIW
PathRemoveFileSpecA

mscms

DeleteColorTransform
CreateColorTransformW
CloseColorProfile
OpenColorProfileW
TranslateBitmapBits

imm32

ImmGetContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetConversionStatus
ImmSetConversionStatus
ImmGetOpenStatus
ImmSetOpenStatus
ImmSetCompositionFontW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext

winspool.drv

GetPrinterW
OpenPrinterW
ClosePrinter

Exports

Exports

BrokerMainW
DllRegisterServer
DllUnregisterServer
FlashPlayer_34_0_0_295_FlashPlayer
Flash_DisableLocalSecurity
Flash_EnforceLocalSecurity
Java_ShockwaveFlash_CurrentFrame_stub
Java_ShockwaveFlash_FlashVersion_stub
Java_ShockwaveFlash_FrameLoaded_stub
Java_ShockwaveFlash_GetVariable_stub
Java_ShockwaveFlash_GotoFrame_stub
Java_ShockwaveFlash_IsPlaying_stub
Java_ShockwaveFlash_LoadMovie_stub
Java_ShockwaveFlash_Pan_stub
Java_ShockwaveFlash_PercentLoaded_stub
Java_ShockwaveFlash_Play_stub
Java_ShockwaveFlash_SetVariable_stub
Java_ShockwaveFlash_SetZoomRect_stub
Java_ShockwaveFlash_StopPlay_stub
Java_ShockwaveFlash_TCallFrame_stub
Java_ShockwaveFlash_TCallLabel_stub
Java_ShockwaveFlash_TCurrentFrame_stub
Java_ShockwaveFlash_TCurrentLabel_stub
Java_ShockwaveFlash_TGetProperty_stub
Java_ShockwaveFlash_TGotoFrame_stub
Java_ShockwaveFlash_TGotoLabel_stub
Java_ShockwaveFlash_TPlay_stub
Java_ShockwaveFlash_TSetProperty_stub
Java_ShockwaveFlash_TStopPlay_stub
Java_ShockwaveFlash_TotalFrames_stub
Java_ShockwaveFlash_Zoom_stub
NP_Acrobat_GetEntryPoints
NP_Acrobat_Initialize
NP_GetEntryPoints
NP_Initialize
NP_SetBrokerClient
NP_SetNPAPIHostProxy
NP_Shutdown
native_ShockwaveFlash_CurrentFrame
native_ShockwaveFlash_FlashVersion
native_ShockwaveFlash_FrameLoaded
native_ShockwaveFlash_GetVariable
native_ShockwaveFlash_GotoFrame
native_ShockwaveFlash_IsPlaying
native_ShockwaveFlash_LoadMovie
native_ShockwaveFlash_Pan
native_ShockwaveFlash_PercentLoaded
native_ShockwaveFlash_Play
native_ShockwaveFlash_SetVariable
native_ShockwaveFlash_SetZoomRect
native_ShockwaveFlash_StopPlay
native_ShockwaveFlash_TCallFrame
native_ShockwaveFlash_TCallLabel
native_ShockwaveFlash_TCurrentFrame
native_ShockwaveFlash_TCurrentLabel
native_ShockwaveFlash_TGetProperty
native_ShockwaveFlash_TGotoFrame
native_ShockwaveFlash_TGotoLabel
native_ShockwaveFlash_TPlay
native_ShockwaveFlash_TSetProperty
native_ShockwaveFlash_TStopPlay
native_ShockwaveFlash_TotalFrames
native_ShockwaveFlash_Zoom
register_ShockwaveFlash
unregister_ShockwaveFlash
unuse_ShockwaveFlash
unuse_netscape_plugin_Plugin
use_ShockwaveFlash
use_netscape_plugin_Plugin

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb85141296ed66f19468a3f2d32b1b7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:61:1c:8e:b8:a1:e9:b6:53:07:c1:76:04:88:1a:dfCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

04:d2:05:b2:14:a4:35:1a:d0:77:2d:c4:2a:00:02:3d:13:82:c0:4c:e7:d3:ac:20:a7:6e:33:67:7e:4b:a2:e2Signer

Headers

DLL Characteristics

File Characteristics

Imports

psapi

winmm

wininet

crypt32

version

oleaut32

urlmon

dsound

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

shlwapi

mscms

imm32

winspool.drv

Exports

Exports

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 120KB - Virtual size: 1.2MB

.gfids Size: 1024B - Virtual size: 544B

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 615KB - Virtual size: 614KB

.reloc Size: 302KB - Virtual size: 301KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:61:1c:8e:b8:a1:e9:b6:53:07:c1:76:04:88:1a:df
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

04:d2:05:b2:14:a4:35:1a:d0:77:2d:c4:2a:00:02:3d:13:82:c0:4c:e7:d3:ac:20:a7:6e:33:67:7e:4b:a2:e2
Signer

.text
Size: 7.1MB - Virtual size: 7.1MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 120KB - Virtual size: 1.2MB

.gfids
Size: 1024B - Virtual size: 544B

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 615KB - Virtual size: 614KB

.reloc
Size: 302KB - Virtual size: 301KB