8bb6132cbac9700d43b7931ec27a10d38bbf4cc885f2bdb5778f3700b7da5aa8

Sharing

Copy URL Twitter E-mail

General

Target

8bb6132cbac9700d43b7931ec27a10d38bbf4cc885f2bdb5778f3700b7da5aa8
Size

4.2MB
MD5

ddd40199b9590bb2f76eb75dfc81f375
SHA1

8fe4d321843a05ad86f58c86a10724dc252dea68
SHA256

8bb6132cbac9700d43b7931ec27a10d38bbf4cc885f2bdb5778f3700b7da5aa8
SHA512

1fb163e8cf3940aff21d27dcf3099626e63cee869e2ce411843562e376a617ff041920416f5ec12ee3ef92f2be78821952dd6643452f0ba5a46daf7bedb784e6
SSDEEP

98304:FbQy3qMGDAaOLFiv/T7wQsRTi1yxAelQ2fPgdFWPT9NAyKgR:FMSaFj7tyxFgdFWPb

Score

1^/10

Malware Config

Signatures

Files

8bb6132cbac9700d43b7931ec27a10d38bbf4cc885f2bdb5778f3700b7da5aa8
.exe windows x86

712d997cc8640be6622f7dd7d63cc1d3

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:f3:30:48:52:fe:48:59:e8:3f:b4:a6:e1:ba:a6:da:98:46:6f:21:b0:91:5d:79:05:e0:67:25:0f:91:53:45
Signer

Actual PE Digest

49:f3:30:48:52:fe:48:59:e8:3f:b4:a6:e1:ba:a6:da:98:46:6f:21:b0:91:5d:79:05:e0:67:25:0f:91:53:45

Digest Algorithm

sha256

PE Digest Matches

false

7d:0b:aa:74:f1:c9:20:8c:7b:98:f6:91:cf:c5:18:1a:ba:ab:a9:7a
Signer

Actual PE Digest

7d:0b:aa:74:f1:c9:20:8c:7b:98:f6:91:cf:c5:18:1a:ba:ab:a9:7a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Reenumerate_DevNode
CM_Locate_DevNodeW

chinesefontparser

?ConvertChar2Lines@CFont2Lines@@QAEXPADHHH@Z
?ZoomOffset@CFont2Lines@@QAEXNNNN@Z
?g_font2lines@@3VCFont2Lines@@A
?RotateAngle@CFont2Lines@@QAEXNH@Z

libusb0

usb_interrupt_write
usb_interrupt_read
usb_control_msg
usb_set_configuration
usb_claim_interface
usb_strerror
usb_init
usb_find_busses
usb_find_devices
usb_get_busses
usb_bulk_setup_async
usb_submit_async
usb_reap_async
usb_free_async
usb_bulk_write
usb_bulk_read
usb_close
usb_open

kernel32

GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WaitForSingleObjectEx
GetStdHandle
GetFileType
SetStdHandle
ResetEvent
VirtualQuery
VirtualAlloc
IsProcessorFeaturePresent
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
OutputDebugStringW
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
GetSystemInfo
LocalUnlock
LocalLock
GetTickCount
SearchPathW
GetProfileIntW
GetTempPathW
WriteConsoleW
GetTickCount64
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
GetCurrentDirectoryW
SetErrorMode
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFileSize
FlushFileBuffers
GlobalGetAtomNameW
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetFullPathNameW
GetDiskFreeSpaceW
CompareStringA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
lstrcmpA
UnhandledExceptionFilter
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FormatMessageW
MulDiv
LocalFree
GlobalSize
SetLastError
GetVersion
MultiByteToWideChar
LoadLibraryW
CreateMutexW
IsWow64Process
GetVersionExW
GetCurrentProcess
WideCharToMultiByte
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
ReadDirectoryChangesW
GetExitCodeThread
CreateThread
CreateFileW
CopyFileW
UnmapViewOfFile
TerminateThread
CloseHandle
FindNextFileW
FindFirstFileW
FindClose
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
Sleep
CreateEventW
WaitForSingleObject
SetEvent
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
DecodePointer
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
QueryPerformanceFrequency

user32

CopyIcon
DrawFrameControl
DrawEdge
SetClassLongW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
DrawIconEx
GetMenuDefaultItem
LockWindowUpdate
GetDCEx
UnionRect
CreateMenu
WindowFromDC
InSendMessage
GetTabbedTextExtentW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
TrackMouseEvent
GetDialogBaseUnits
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
CharUpperW
SetCursorPos
SetParent
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IsRectEmpty
SetWindowRgn
DrawIcon
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageW
SystemParametersInfoW
GetMenuItemInfoW
SendDlgItemMessageA
MapVirtualKeyW
GetKeyNameTextW
GetDesktopWindow
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
IsZoomed
SetRect
GetWindowThreadProcessId
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
RegisterClipboardFormatW
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
SetMenu
GetMenu
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
SendMessageW
PostMessageW
UnregisterClassW
GetNextDlgTabItem
GetActiveWindow
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetFocus
WaitMessage
IsClipboardFormatAvailable
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
GetDoubleClickTime
CharUpperBuffW
GetUpdateRect
IntersectRect
EndPaint
BeginPaint
GetWindowDC
GetWindowRgn
MonitorFromRect
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
SendNotifyMessageW
DrawMenuBar
GetClassNameW
EnumChildWindows
EnableWindow
LoadMenuW
DestroyMenu
GetSubMenu
TrackPopupMenuEx
DefFrameProcW
DrawStateW
GetDC
ReleaseDC
InvalidateRect
GetClientRect
GetWindowRect
SetCursor
ClientToScreen
WindowFromPoint
GetSysColor
DrawFocusRect
FillRect
FrameRect
CopyRect
InflateRect
OffsetRect
GetWindowLongW
GetParent
DestroyCursor
DestroyIcon
LoadImageW
CreateIconIndirect
GetIconInfo
UpdateWindow
GetCursorPos
ScreenToClient
PostThreadMessageW
GetKeyState
GetCapture
SetCapture
ReleaseCapture
SetTimer
KillTimer
EnableMenuItem
LoadBitmapW
LoadCursorW
RegisterDeviceNotificationW
IsWindowVisible
GetSystemMenu
ModifyMenuW
DeleteMenu
SetForegroundWindow
LoadIconW
GetSystemMetrics
ShowScrollBar
wsprintfW
GetMenuItemID
TrackPopupMenu
SetMenuDefaultItem
GetMenuStringW
GetMenuState
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
UnhookWindowsHookEx
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW

gdi32

ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextExtentPoint32W
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetCharWidthW
StretchDIBits
GetTextColor
GetRgnBox
PolyDraw
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
MoveToEx
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
SetPolyFillMode
GetLayout
SetLayout
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
TextOutW
ExtCreatePen
SetArcDirection
GetTextFaceW
SelectClipPath
SetStretchBltMode
CreateBitmap
GetROP2
BitBlt
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
GetDeviceCaps
CopyMetaFileW
Rectangle
GetTextMetricsW
GetGlyphOutlineW
CreatePen
CreateFontW
CreateDCW
CreateSolidBrush
GetObjectW
SetTextColor
SetPixel
SetBkColor
SelectObject
GetStockObject
GetPixel
DeleteObject
DeleteDC
CreateCompatibleDC
SetROP2
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegEnumKeyW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegCloseKey
RegDeleteKeyW
RegSetValueW
RegOpenKeyExW
RegSetValueExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHAddToRecentDocs
ShellExecuteW
ExtractIconW
SHAppBarMessage
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

IsAppThemed
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground

ole32

OleRegGetUserType
ReleaseStgMedium
OleCreate
CoUninitialize
OleTranslateAccelerator
IsAccelerator
OleRun
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleGetClipboard
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
WriteClassStm
CreateDataAdviseHolder
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
CreateOleAdviseHolder
CoLockObjectExternal
GetRunningObjectTable
OleIsRunning
CoGetMalloc
CoInitializeEx
OleQueryCreateFromData
CoCreateInstance
OleSetMenuDescriptor
CoCreateGuid
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
StringFromCLSID
CoRegisterClassObject
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetIconOfClass
OleLockRunning
OleSetContainedObject
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
SetConvertStg
CoInitialize
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
StringFromGUID2
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleRegGetMiscStatus
OleRegEnumVerbs
OleCreateMenuDescriptor
OleQueryLinkFromData
OleDestroyMenuDescriptor
GetHGlobalFromILockBytes

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SysStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
OleCreateFontIndirect
SysStringByteLen
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayRedim
VarDecFromStr

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 590KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 786KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

712d997cc8640be6622f7dd7d63cc1d3

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

49:f3:30:48:52:fe:48:59:e8:3f:b4:a6:e1:ba:a6:da:98:46:6f:21:b0:91:5d:79:05:e0:67:25:0f:91:53:45Signer

7d:0b:aa:74:f1:c9:20:8c:7b:98:f6:91:cf:c5:18:1a:ba:ab:a9:7aSigner

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

chinesefontparser

libusb0

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 590KB - Virtual size: 589KB

.data Size: 36KB - Virtual size: 80KB

.rsrc Size: 786KB - Virtual size: 786KB

.reloc Size: 222KB - Virtual size: 222KB

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

49:f3:30:48:52:fe:48:59:e8:3f:b4:a6:e1:ba:a6:da:98:46:6f:21:b0:91:5d:79:05:e0:67:25:0f:91:53:45
Signer

7d:0b:aa:74:f1:c9:20:8c:7b:98:f6:91:cf:c5:18:1a:ba:ab:a9:7a
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 590KB - Virtual size: 589KB

.data
Size: 36KB - Virtual size: 80KB

.rsrc
Size: 786KB - Virtual size: 786KB

.reloc
Size: 222KB - Virtual size: 222KB