2023-08-23_4676865011edb0d98a557b4fe8c99b71_icedid_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-23_4676865011edb0d98a557b4fe8c99b71_icedid_JC.exe
Size

3.4MB
MD5

4676865011edb0d98a557b4fe8c99b71
SHA1

d620e5daeeb630eb303591cba921a149c6fef35a
SHA256

404ce59cc01863acfa619a1fc17f4ad8b1441b9c01baae9ee92eb6325edf317a
SHA512

a02321cb1ef7582346b2e1c778714750cdbc29fef0842d5fa753da52e4089dff6fd8f50010cf08fb8e759908157303ea714e8a1b5bc0324db1f445e8345fae62
SSDEEP

98304:CWdCZGE3Prlac0KEQMvU9OSC47wj4LMgKj3+O79/qlCZi0vR8:yQKPT+pQpKj3+O79/q0M

Score

1^/10

Malware Config

Signatures

Files

2023-08-23_4676865011edb0d98a557b4fe8c99b71_icedid_JC.exe
.exe windows x86

68ac82304ee751cd929865cfc3fc50af

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:89:0a:75:80:5b:2f:ef:a8:d6:92:6a:f4:ff:66:7c
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

21/04/2022, 00:00

Not After

27/04/2024, 23:59

Subject

CN=BlueMoonSoft Co.\,Ltd.,O=BlueMoonSoft Co.\,Ltd.,L=Dongjak-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:1f:36:f2:e3:b3:a8:db:a9:4f:38:38:7e:7c:72:19:b9:d0:de:68:1e:0e:7d:cc:4a:27:fd:81:5c:b6:e3:5c
Signer

Actual PE Digest

2d:1f:36:f2:e3:b3:a8:db:a9:4f:38:38:7e:7c:72:19:b9:d0:de:68:1e:0e:7d:cc:4a:27:fd:81:5c:b6:e3:5c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntryW

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpConnect
WinHttpOpen
WinHttpCloseHandle

crypt32

CertCloseStore
CertFreeCertificateContext
PFXImportCertStore
PFXIsPFXBlob
CryptSignMessage
CryptVerifyMessageSignatureWithKey
CertFindCertificateInStore

fltlib

FilterUnload

kernel32

HeapSize
HeapQueryInformation
SetStdHandle
GetStdHandle
GetFileType
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateSemaphoreW
GetConsoleCP
GetConsoleMode
FatalAppExitA
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
ReadConsoleW
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
GetDriveTypeW
GetFullPathNameA
SetCurrentDirectoryW
SetEnvironmentVariableA
GetFileInformationByHandle
HeapReAlloc
GetSystemTimeAsFileTime
MoveFileExW
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualQuery
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetCommandLineW
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
lstrcpyW
SetFileTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
GetWindowsDirectoryW
GetStringTypeExW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
FlushFileBuffers
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GlobalFlags
GetThreadLocale
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
InterlockedIncrement
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFindAtomW
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
InterlockedDecrement
LoadLibraryA
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
AreFileApisANSI
InterlockedExchange
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
FreeResource
GetVersion
OutputDebugStringA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
VirtualFree
VirtualAlloc
GetDiskFreeSpaceW
MoveFileW
K32GetModuleFileNameExW
K32GetModuleBaseNameW
K32EnumProcessModules
Module32FirstW
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
VerifyVersionInfoW
GetComputerNameW
GetSystemWow64DirectoryW
lstrcpynW
CreateMailslotW
LocalAlloc
GetModuleHandleA
ReadProcessMemory
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathW
SetFilePointer
GetLongPathNameW
GetFileTime
ExpandEnvironmentStringsW
VerSetConditionMask
IsBadWritePtr
IsBadReadPtr
FileTimeToSystemTime
FileTimeToLocalFileTime
IsDBCSLeadByte
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
CopyFileW
LoadLibraryW
lstrcmpiW
FormatMessageW
LocalFree
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
IsWow64Process
GetSystemDirectoryW
GetTickCount
GetSystemInfo
GetLocalTime
OpenProcess
ProcessIdToSessionId
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
Sleep
WaitForSingleObject
WriteFile
SetFileAttributesW
RemoveDirectoryW
GetFileSize
GetFileAttributesW
DeleteFileW
CreateDirectoryW
GetSystemDefaultLangID
GetVersionExW
OpenMutexW
CreateMutexW
ReleaseMutex
InitializeCriticalSectionEx
FindNextFileW
FindFirstFileW
FindClose
GetLastError
CloseHandle
ReadFile
CreateFileW
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
ExitProcess
GetModuleHandleExW
ExitThread
CreateThread
GetCurrentThread
PeekNamedPipe
GetProcessHeap
HeapDestroy

user32

SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
LockWindowUpdate
GetDCEx
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageW
SetParent
GetSystemMenu
UnionRect
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
SetRectEmpty
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
OffsetRect
CharNextW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperW
DestroyIcon
InvalidateRect
DeleteMenu
CopyImage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
GetDialogBaseUnits
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
GetScrollPos
SetScrollPos
SetClassLongW
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ScrollWindowEx
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
SendDlgItemMessageA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
CopyRect
ReleaseDC
GetDC
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetLastActivePopup
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
GetMessageW
GetWindowRect
LoadMenuW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuW
CharUpperBuffW
FrameRect
EnumChildWindows
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetTabbedTextExtentW
WindowFromDC
GetWindowRgn
DestroyCursor
CreateMenu
InSendMessage
SendNotifyMessageW
SubtractRect
GetUpdateRect
ScrollWindow
IsClipboardFormatAvailable
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
MapVirtualKeyExW
MapVirtualKeyW
GetKeyNameTextW
IsCharLowerW
GetKeyboardLayout
LoadImageW
GetWindowThreadProcessId
WaitForInputIdle
ExitWindowsEx
PeekMessageW
DispatchMessageW
TranslateMessage
FindWindowW
MessageBoxW
PostMessageW
LoadIconW
GetClientRect
DrawIcon
GetSystemMetrics
EnableWindow
KillTimer
SetTimer
IsIconic
PostQuitMessage
SendMessageW
SetScrollRange

gdi32

RealizePalette
CreateFontW
GetCharWidthW
StretchDIBits
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
SetTextAlign
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
GetCurrentObject
GetTextColor
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetSystemPaletteEntries
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
GetBkColor
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
GetBkMode
GetRgnBox
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
PatBlt
StartDocW
SetColorAdjustment
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
CreateDCW
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
RoundRect
CopyMetaFileW
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetTextJustification

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
SetEntriesInAclW
ConvertSidToStringSidW
RegEnumValueW
RegEnumKeyExW
GetUserNameW
LookupPrivilegeValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetTokenInformation
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
CreateProcessAsUserW
CryptDecrypt
CryptEncrypt
CryptSetKeyParam
CryptDestroyKey
CryptDeriveKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
StartServiceW
QueryServiceStatusEx
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
RegDeleteKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
SetFileSecurityW

shell32

DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolderW
DragFinish
ShellExecuteW
SHGetDesktopFolder
SHGetFileInfoW
ExtractIconW

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
GetWindowTheme
IsAppThemed
DrawThemeParentBackground
GetThemeSysColor

ole32

CoTreatAsClass
CoTaskMemAlloc
StringFromCLSID
OleCreate
CoInitialize
CoCreateInstance
CoUninitialize
WriteClassStm
CreateItemMoniker
CreateGenericComposite
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
CreateBindCtx
OleCreateFromData
ReadClassStg
WriteClassStg
WriteFmtUserTypeStg
ReadFmtUserTypeStg
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
OleDuplicateData
ReleaseStgMedium
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
OleRegGetUserType
SetConvertStg
CoCreateGuid
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoDisconnectObject
CreateOleAdviseHolder
CreateDataAdviseHolder
GetRunningObjectTable
CoGetMalloc
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleRegEnumVerbs
OleRegGetMiscStatus
PropVariantCopy
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
StgIsStorageFile
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoGetClassObject

oleaut32

VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarDateFromStr
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
SafeArrayCreate
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

iphlpapi

GetAdaptersInfo

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipBitmapLockBits
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageHeight

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 729KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68ac82304ee751cd929865cfc3fc50af

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:89:0a:75:80:5b:2f:ef:a8:d6:92:6a:f4:ff:66:7cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

2d:1f:36:f2:e3:b3:a8:db:a9:4f:38:38:7e:7c:72:19:b9:d0:de:68:1e:0e:7d:cc:4a:27:fd:81:5c:b6:e3:5cSigner

Headers

DLL Characteristics

File Characteristics

Imports

wininet

winhttp

crypt32

fltlib

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

userenv

version

wtsapi32

iphlpapi

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 729KB - Virtual size: 728KB

.data Size: 39KB - Virtual size: 660KB

.rsrc Size: 22KB - Virtual size: 22KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:89:0a:75:80:5b:2f:ef:a8:d6:92:6a:f4:ff:66:7c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

2d:1f:36:f2:e3:b3:a8:db:a9:4f:38:38:7e:7c:72:19:b9:d0:de:68:1e:0e:7d:cc:4a:27:fd:81:5c:b6:e3:5c
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 729KB - Virtual size: 728KB

.data
Size: 39KB - Virtual size: 660KB

.rsrc
Size: 22KB - Virtual size: 22KB