dc29f0c737148e8373cb57d8d6872934af7bef2ff8c14ce82655a86e82519639[.]exe[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

dc29f0c737148e8373cb57d8d6872934af7bef2ff8c14ce82655a86e82519639.exe.zip
Size

3.7MB
MD5

89402cefe75fdce6e5ab4206ba71f023
SHA1

e31a229f016267ca574f79b03e3e2abbfeed5790
SHA256

425d06bb84f4a576c613681c486e7e85a4b1e7cded15d43710f2f5fc0c2427f7
SHA512

a65aa4c4c4525eb161cd8ede81d0723b5c10bea4c7ce7d4208e1d81f85669ae48e9df369a63a9529a974c287a002ac6eb18660b8c6f6065c5bb8ac58ca030d7f
SSDEEP

98304:ICkrM8SITjixR39pTYm94CtrQ2/PjLhGE:I3rMIiv9hYdyhLhGE

Score

1^/10

Malware Config

Signatures

Files

dc29f0c737148e8373cb57d8d6872934af7bef2ff8c14ce82655a86e82519639.exe.zip
.zip

Password: infected
dc29f0c737148e8373cb57d8d6872934af7bef2ff8c14ce82655a86e82519639.exe
.exe windows:5 windows x64

7afdff0181aa1c2ab73eb3fc69d13850

Code Sign

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:6e:e9:b6:87:f0:6e
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

05/01/2013, 07:23

Not After

08/01/2015, 13:47

Subject

CN=一普明为（北京）信息技术有限公司,O=一普明为（北京）信息技术有限公司,L=北京市,ST=北京市,C=CN,1.2.840.113549.1.9.1=#0c127369676e4065706f6f6c736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c8:3d:a2:f4:37:92:47:1d:76:49:90:c4:16:46:ce:a2:42:73:82:54
Signer

Actual PE Digest

c8:3d:a2:f4:37:92:47:1d:76:49:90:c4:16:46:ce:a2:42:73:82:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeW
FatalAppExitA
SetConsoleCtrlHandler
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileA
SetCurrentDirectoryW
GetFullPathNameA
GetProcessHeap
SetEnvironmentVariableA
GetVersionExW
GetVersion
GetSystemInfo
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
IsDebuggerPresent
ExpandEnvironmentStringsW
GetSystemDirectoryW
SizeofResource
LockResource
LoadResource
FlsAlloc
FindResourceW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
TerminateThread
CreateThread
VirtualProtect
IsBadReadPtr
GetCurrentProcess
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetLastError
GetFileSize
SetLastError
CreateFileW
QueryPerformanceCounter
GlobalLock
LocalAlloc
WideCharToMultiByte
GetTickCount
GetLongPathNameW
ReadFile
WriteFile
GetWindowsDirectoryW
MultiByteToWideChar
UnhandledExceptionFilter
DeleteFileW
Sleep
WaitForSingleObject
OutputDebugStringW
CreateEventW
GetProfileStringW
GetPrivateProfileStringW
FlsFree
FlsSetValue
FlsGetValue
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
SetThreadStackGuarantee
VirtualAlloc
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitThread
HeapReAlloc
GetTimeFormatW
GetDateFormatW
GetSystemTimeAsFileTime
RtlPcToFileHeader
RaiseException
HeapAlloc
HeapFree
EncodePointer
DecodePointer
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoW
GetCommandLineW
FindResourceExW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetNumberFormatW
GetTempPathW
GetTempFileNameW
LocalUnlock
LocalLock
ExitProcess
HeapDestroy
HeapCreate
GlobalUnlock
HeapSetInformation
GetFileTime
GetFileSizeEx
GetUserDefaultLangID
FreeResource
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
GetCurrentDirectoryW
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
lstrlenA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
lstrcpyW
FindNextFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
SetEvent
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
MoveFileW
lstrcmpiW
GetStringTypeExW
GetThreadLocale
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetFileAttributesW
CompareStringW
InitializeCriticalSectionAndSpinCount
lstrcmpW
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
MulDiv
FlushFileBuffers
MapViewOfFileEx
LoadLibraryExW
GetExitCodeThread
DefineDosDeviceW
DeviceIoControl
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetCurrentProcessId
SuspendThread
ResumeThread
GetLogicalDrives
RemoveDirectoryW
CreateDirectoryW
OpenProcess
DuplicateHandle
MoveFileExW
FileTimeToLocalFileTime
FileTimeToSystemTime
QueryDosDeviceW
ActivateActCtx
DeactivateActCtx
GetDriveTypeW

user32

RegisterClipboardFormatW
GetIconInfo
HideCaret
InvertRect
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongPtrW
DestroyAcceleratorTable
SetParent
GetNextDlgGroupItem
GetTabbedTextExtentW
IsClipboardFormatAvailable
WaitMessage
InvalidateRgn
SetRect
CopyAcceleratorTableW
UnregisterClassW
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
SetCapture
KillTimer
SetTimer
SetWindowRgn
DeleteMenu
IntersectRect
CopyImage
GetDialogBaseUnits
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageW
TranslateMessage
PostQuitMessage
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
OffsetRect
CharNextW
WindowFromPoint
ScrollWindowEx
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
FrameRect
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
SendNotifyMessageW
GetUpdateRect
CreateDialogIndirectParamW
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
EnumChildWindows
WindowFromDC
GetWindowRgn
GetDCEx
ModifyMenuW
GetSubMenu
RemoveMenu
LoadBitmapW
UpdateWindow
FillRect
DrawStateW
wsprintfW
ShowWindow
EnumWindows
GetWindowTextW
GetWindowThreadProcessId
GetClassNameW
IsWindowVisible
DestroyWindow
DestroyIcon
LoadImageW
GetWindowTextA
SetWindowTextA
GetFocus
UnhookWindowsHookEx
RegisterHotKey
UnregisterHotKey
RegisterWindowMessageW
LoadIconW
SetForegroundWindow
IsIconic
GetSystemMenu
DrawIcon
ScreenToClient
PostMessageW
GetParent
SetWindowPos
MessageBoxW
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
EnableMenuItem
GetCursorPos
IsWindow
AppendMenuW
CreatePopupMenu
LoadCursorW
SetCursor
InvalidateRect
GetWindowRect
SetWindowLongW
EnableWindow
GetClientRect
SendMessageW
GetSystemMetrics
InflateRect

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
GetBkColor
GetTextColor
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
PtVisible
GetRgnBox
GetCharWidthW
StretchDIBits
GetCurrentObject
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
Rectangle
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
RoundRect
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
GetPixel
StartDocW
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetStockObject
GetObjectW
CreateSolidBrush
CreateDIBSection
CreateFontW
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

GetJobW
DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegNotifyChangeKeyValue
CloseServiceHandle
DeleteService
OpenServiceW
OpenSCManagerW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegEnumValueW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
StartServiceW
ControlService
QueryServiceStatus
EnumServicesStatusW
QueryServiceConfigW
QueryServiceConfig2W

shell32

DragFinish
ShellExecuteExW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHGetDesktopFolder
SHGetMalloc
DragQueryFileW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderLocation

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathFileExistsW
StrStrIW
StrStrIA
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlUnescapeW

ole32

OleCreateMenuDescriptor
PropVariantCopy
OleSave
WriteClassStm
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
WriteFmtUserTypeStg
SetConvertStg
StringFromGUID2
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CreateStreamOnHGlobal
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
CoRegisterMessageFilter
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterClassObject
CoRevokeClassObject
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
CoInitialize
CoUninitialize
CoCreateInstance
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream

oleaut32

SysStringLen
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString
GetErrorInfo
SetErrorInfo
SafeArrayGetUBound
CreateErrorInfo

oledlg

OleUIBusyW

urlmon

URLDownloadToCacheFileW

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersInfo

netapi32

NetUserDel
NetUserEnum
NetApiBufferFree

ws2_32

ntohs
inet_ntoa

wininet

FtpCreateDirectoryW
InternetCloseHandle
InternetQueryDataAvailable
InternetOpenUrlW
GopherOpenFileW
FtpFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpOpenFileW
GopherGetAttributeW
HttpSendRequestExW
HttpEndRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
InternetReadFile
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpGetCurrentDirectoryW
FtpRenameFileW
FtpDeleteFileW
InternetGetCookieW
InternetSetCookieW
InternetSetOptionExW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 513KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pchunt0
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

7afdff0181aa1c2ab73eb3fc69d13850

Code Sign

19:9d:f8:8eCertificate

Key Usages

16:6e:e9:b6:87:f0:6eCertificate

Extended Key Usages

Key Usages

3dCertificate

Key Usages

c8:3d:a2:f4:37:92:47:1d:76:49:90:c4:16:46:ce:a2:42:73:82:54Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

version

iphlpapi

netapi32

ws2_32

wininet

oleacc

imm32

winmm

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 513KB - Virtual size: 1.1MB

.pdata Size: 201KB - Virtual size: 200KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.pchunt0 Size: 134KB - Virtual size: 133KB

.reloc Size: 512B - Virtual size: 12B

19:9d:f8:8e
Certificate

16:6e:e9:b6:87:f0:6e
Certificate

3d
Certificate

c8:3d:a2:f4:37:92:47:1d:76:49:90:c4:16:46:ce:a2:42:73:82:54
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 513KB - Virtual size: 1.1MB

.pdata
Size: 201KB - Virtual size: 200KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.pchunt0
Size: 134KB - Virtual size: 133KB

.reloc
Size: 512B - Virtual size: 12B