e142b5f4110ad7addbb7781e22fa83cf531ebc29b680e12389c4cc9494409451

Sharing

Copy URL Twitter E-mail

General

Target

e142b5f4110ad7addbb7781e22fa83cf531ebc29b680e12389c4cc9494409451
Size

2.3MB
MD5

20fb7012c9d75f458237ae1c9be04cf3
SHA1

f7d9370456e4e34683d5ccaaae373f57d237e278
SHA256

e142b5f4110ad7addbb7781e22fa83cf531ebc29b680e12389c4cc9494409451
SHA512

db8aadd946686c95581e0d2ff2aa15d5ba23069076cd0c53eb916d136e6d55ecc2969fd24dfb1b0b446584c3cf4177b35fc2eab300896108caf492711d1ae774
SSDEEP

49152:Vku9PVynNENQRWZ75N8eBC3Z3dRAH5iUtJwmZnvLe3pTR:V/9dynNYFZ75N8eBC3Zt2H5iUnwmZnv+

Score

1^/10

Malware Config

Signatures

Files

e142b5f4110ad7addbb7781e22fa83cf531ebc29b680e12389c4cc9494409451
.dll windows x86

50bd6e9fd3a34a7a22dcf624f495693e

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d7:1f:dd:49:a3:e4:3d:fc:5d:e6:f5
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

16/02/2023, 08:32

Not After

11/04/2026, 05:04

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:bf:c1:57:09:61:85:fc:f9:b0:91:f5:df:2e:fc:ba:d1:90:8c:3b:c8:23:c0:1b:f1:13:3a:cc:f9:fc:be:9f
Signer

Actual PE Digest

4c:bf:c1:57:09:61:85:fc:f9:b0:91:f5:df:2e:fc:ba:d1:90:8c:3b:c8:23:c0:1b:f1:13:3a:cc:f9:fc:be:9f

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
WriteConsoleW
CreateFileW
GetCurrentDirectoryW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetDriveTypeW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
RegisterWaitForSingleObject
CompareStringW
GetStringTypeW
GetStdHandle
ExitProcess
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFullPathNameW
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
SwitchToThread
QueryPerformanceFrequency
TryEnterCriticalSection
OutputDebugStringW
SetThreadAffinityMask
UnregisterWait
GetThreadTimes
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
GetVersionExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFindAtomA
lstrcmpW
FreeResource
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CreateFileA
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
FindResourceA
GetSystemDirectoryW
EncodePointer
GlobalGetAtomNameA
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
SetEvent
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
OutputDebugStringA
SetLastError
CopyFileA
FormatMessageA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
ReleaseMutex
WaitForSingleObject
LoadLibraryA
GetProcAddress
WritePrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
OpenMutexA
LocalFree
CreateMutexA
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
LCMapStringW

user32

EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
IntersectRect
InflateRect
GetMenuItemInfoA
DestroyMenu
DestroyIcon
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
HideCaret
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
IsWindow
SubtractRect
TranslateMDISysAccel
SetCursorPos
CopyIcon
DefMDIChildProcA
wsprintfA
RegisterClassA
GetClassInfoExA
GetClassInfoA
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
CharUpperA
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InvalidateRect
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
GetKeyNameTextA
SetScrollPos
SetLayeredWindowAttributes
CreateWindowExA
RegisterPowerSettingNotification
DefWindowProcA
UnregisterPowerSettingNotification
DestroyWindow
UnregisterClassA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
PostMessageA
PostQuitMessage
SendMessageA
GetFocus
CheckMenuItem
DefFrameProcA
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
GetClientRect
CopyImage
SystemParametersInfoA
DeleteMenu
GetDlgCtrlID
SetWindowTextA
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameA
GetWindow
RealChildWindowFromPoint
SetTimer
KillTimer
UpdateWindow
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
GetSystemMenu
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DestroyCursor
GetWindowRgn
CreateMenu
BringWindowToTop

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
GetClipBox
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorA

shell32

SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringByteLen
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
VariantCopy
VariantChangeType
VarBstrFromDate
SysFreeString

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

AuraBreathing
AuraFlashing
AuraNoanimation
CheckBTLED
CheckDRAMSupport
CheckECRAM
CheckLANLED
CheckRenesasVersion
CloseLEDControl
ControlBTLED
ControlCorsairDRAMLED
ControlCorsairProDRAMLED
ControlFANLED
ControlKingStonDRAMLED
ControlLANLED
CorsairProDRAMSync
GSKDDR_Change
GSKDDR_Initial
GSKDDR_MeteorStop
GSKDDR_ONOFF
GSKDDR_RainbowStop
GetCPUTemp
GetCPU_GameBoostSec
GetCPU_MaxRatio
GetDRAMInfo
GetDRAMInfo2
GetECSpace
GetKingstonFuryDDR5MasterSlaveRole
GetKingstonFuryDDR5Temperature
GetKingstonFuryDDR5VolSetting
GetKingstonFuryDDR5XmpProfile
GetSIO_DefaultWhite
GetSMBBASE
InitialDDRTIMING
InitialSMBusDriver
Is8Dimm
IsAM4
IsX299
KeepRenesasLED
LEDAllControlV2
LEDAllControlV2_1
LEDAudioControl
LEDBOTControl
LEDControl
LEDMonoControlV2
LEDMysticControl
LEDMysticControlV2
LEDMysticControlV2_1
ParameterDone
ParameterRun
ParameterSet
ParameterSetBlinkBrightness
ParameterSetBlinkCycleSpeed
ParameterSetBlinkSpeed
ParameterSetBreathBrightness
ParameterSetBreathSpeed
ParameterSetColorCycleBrightness
ParameterSetColorCycleSpeed
ParameterSetMeteorBrightness
ParameterSetMeteorSpeed
ParameterSetRainbowBrightness
ParameterSetRainbowSpeed
ParameterSetRunningBrightness
ParameterSetRunningSpeed
ParameterSetStaticBrightness
ParameterStart
ReleaseDll
ResetLED
SaveFANLED
SetAllBreathingModeV2
SetAllDualBlinkingModeV2
SetAllFlashingModeV2
SetAudioBreathingMode
SetAudioDualBlinkingMode
SetAudioFlashingMode
SetBIOS_Breathing
SetBIOS_Off
SetBIOS_On
SetBreathingMode
SetCPUTempColor
SetColorMode
SetCorsairDRAMLED
SetDualBlinkingMode
SetECRAM_Color
SetECRAM_Mode
SetECSpace
SetExtendSequence
SetFlashingMode
SetKingstonFuryDDR5BackgroundColor
SetKingstonFuryDDR5BreathModeParameter
SetKingstonFuryDDR5Brightness
SetKingstonFuryDDR5CmdDone
SetKingstonFuryDDR5CmdStart
SetKingstonFuryDDR5ColorChangeTime
SetKingstonFuryDDR5ColorHoldTime
SetKingstonFuryDDR5ColorIndex
SetKingstonFuryDDR5ColorOffset
SetKingstonFuryDDR5Direction
SetKingstonFuryDDR5IRDelay
SetKingstonFuryDDR5Init
SetKingstonFuryDDR5LedIndex
SetKingstonFuryDDR5MasterSlaveRole
SetKingstonFuryDDR5MaxMinBrightness
SetKingstonFuryDDR5NumDimm
SetKingstonFuryDDR5NumLED
SetKingstonFuryDDR5RunningMode
SetKingstonFuryDDR5SelectColor
SetKingstonFuryDDR5Speed
SetKingstonFuryDDR5Style
SetLEDModelName
SetMonoBreathingModeV2
SetMonoDualBlinkingModeV2
SetMonoFlashingModeV2
SetMusicLED
SetMusicLEDV2
SetMusicVolumeV2
SetMysticBreathingMode
SetMysticBreathingModeV2
SetMysticBreathingModeV2_1
SetMysticDualBlinkingMode
SetMysticDualBlinkingModeV2
SetMysticDualBlinkingModeV2_1
SetMysticFlashingMode
SetMysticFlashingModeV2
SetMysticFlashingModeV2_1
SetMysticLEDColor
SetMysticLEDColorV2
SetMysticLEDColorV2_1
SetMysticLightningMode
SetMysticLightningModeV2
SetMysticLightningModeV2_1
SetMysticMarqueeMode
SetMysticMarqueeModeV2
SetMysticMeteorMode
SetMysticMeteorModeV2
SetMysticRainbowMode
SetMysticRainbowModeV2
SetMysticSequenceMode
SetMysticStackV2
SetSIO5567SLEDColor
SetSIOGPIO
SupportLED
_ControlGALAXDRAMLED@16
_ControlGALAXDRAMLED_Byte@16
_ControlKingStonDRAMLED_X299@8
_ControlMICRONDRAMLED@16
_DefaultLEDControl@0
_EUDARLEDControl@20
_EUDARLED_Initial@0
_GSKDDR_MarqueeStop@0
_IT8295QFN_OP@20
_RenesasLEDControlV3@64
_RenesasLEDSetBank@4
_SMBusControl@12
_SMBusControlBlock@16
_SMBusControlWord@12
_SetRainbowBreathingMode@0
_SetRainbowFlashingMode@0
_SetRainbowMode@0

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50bd6e9fd3a34a7a22dcf624f495693e

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0d:d7:1f:dd:49:a3:e4:3d:fc:5d:e6:f5Certificate

Extended Key Usages

Key Usages

4c:bf:c1:57:09:61:85:fc:f9:b0:91:f5:df:2e:fc:ba:d1:90:8c:3b:c8:23:c0:1b:f1:13:3a:cc:f9:fc:be:9fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 441KB - Virtual size: 441KB

.data Size: 25KB - Virtual size: 43KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 150KB - Virtual size: 150KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0d:d7:1f:dd:49:a3:e4:3d:fc:5d:e6:f5
Certificate

4c:bf:c1:57:09:61:85:fc:f9:b0:91:f5:df:2e:fc:ba:d1:90:8c:3b:c8:23:c0:1b:f1:13:3a:cc:f9:fc:be:9f
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 441KB - Virtual size: 441KB

.data
Size: 25KB - Virtual size: 43KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 150KB - Virtual size: 150KB