a873577086820e5b5a9030bb9ac57cac88e4ae1fcfb6e4893a6afd7701498804

Sharing

Copy URL Twitter E-mail

General

Target

a873577086820e5b5a9030bb9ac57cac88e4ae1fcfb6e4893a6afd7701498804
Size

2.7MB
MD5

8c4a044e64f6867a5399dcc073b262c5
SHA1

21cd7793440d4fd1f2366b0703754be475b19f7e
SHA256

a873577086820e5b5a9030bb9ac57cac88e4ae1fcfb6e4893a6afd7701498804
SHA512

75d952a1addff6b70156ef7587d3c8d6163003359a62412c656f0a47f4e97932bd8df93aa36cc62d40ab173ab0472492e87e43cdd29b0659fcbd8cc2f5c17dc7
SSDEEP

49152:yaQtROtr40E0WF+T3dmcNS7ZAxverlSDKlfLmrCzcMCG+90nAFwFfkeW8:9QtMfQF+T38cNkAxSlSOlfL/+90nFfL

Score

1^/10

Malware Config

Signatures

Files

a873577086820e5b5a9030bb9ac57cac88e4ae1fcfb6e4893a6afd7701498804
.dll windows:6 windows x86

c1aa55a658c557e513371c234bae4734

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/09/2020, 00:00

Not After

19/05/2022, 12:00

Subject

SERIALNUMBER=C3105953,CN=FOXIT SOFTWARE INC.,O=FOXIT SOFTWARE INC.,L=Fremont,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/09/2020, 00:00

Not After

19/05/2022, 12:00

Subject

SERIALNUMBER=C3105953,CN=FOXIT SOFTWARE INC.,O=FOXIT SOFTWARE INC.,L=Fremont,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:16:a5:10:f6:5b:d0:c4:da:18:55:b1:21:ea:8e:52:13:7f:0e:18:33:33:94:31:a7:be:1d:d3:12:12:ab:69
Signer

Actual PE Digest

4c:16:a5:10:f6:5b:d0:c4:da:18:55:b1:21:ea:8e:52:13:7f:0e:18:33:33:94:31:a7:be:1d:d3:12:12:ab:69

Digest Algorithm

sha256

PE Digest Matches

false

fb:93:f1:77:76:30:a9:18:ca:90:37:19:08:a0:f9:f1:d9:80:47:cf
Signer

Actual PE Digest

fb:93:f1:77:76:30:a9:18:ca:90:37:19:08:a0:f9:f1:d9:80:47:cf

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
SizeofResource
LockResource
LoadResource
FindResourceW
CreateEventW
WaitForSingleObject
LoadLibraryExA
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExA
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
GetStdHandle
GetModuleFileNameA
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwind
GetACP
FindNextFileA
VirtualFree
VirtualAlloc
GetSystemInfo
ExitThread
SetFilePointerEx
CreateFileA
GetTimeZoneInformation
GetCPInfo
GetStringTypeW
LCMapStringW
VirtualQuery
CloseHandle
SetEvent
OutputDebugStringW
FindFirstFileW
FindClose
CreateDirectoryW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
FormatMessageW
LocalFree
MultiByteToWideChar
GetSystemDirectoryW
LoadLibraryW
GetCurrentProcess
FreeLibrary
Sleep
CreateFileW
WriteFile
MoveFileExW
DeleteFileW
WideCharToMultiByte
GetLocalTime
GetCurrentThreadId
GetTickCount
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
CreateThread
SetThreadPriority
ResumeThread
SuspendThread
GetLastError
TerminateThread
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
CopyFileW
SetLastError
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReleaseMutex
CreateMutexW
OutputDebugStringA
GetCurrentThread
GetVersionExW
GetModuleHandleA
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
GlobalGetAtomNameW
EncodePointer
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
FreeResource
LoadLibraryA
GlobalFindAtomW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
VirtualProtect
lstrcpyW
FindResourceExW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
IntersectRect
InflateRect
CharUpperW
DestroyIcon
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetComboBoxInfo
PostThreadMessageW
WaitMessage
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
GetKeyboardLayout
TrackPopupMenu
SetMenu
GetMenu
SetClassLongW
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
LoadMenuW
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
ReuseDDElParam
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
SetLayeredWindowAttributes
GetParent
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
SendMessageW
FillRect
GetClientRect
CopyImage
SystemParametersInfoW
DeleteMenu
GetDlgCtrlID
SetWindowTextW
GetWindowRect
PtInRect
GetDesktopWindow
GetClassNameW
GetWindow
RealChildWindowFromPoint
SetTimer
KillTimer
UpdateWindow
InvalidateRect
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
DrawEdge
EnumDisplayMonitors
GetCapture
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PostMessageW
PostQuitMessage
GetFocus
SetActiveWindow

gdi32

GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
GetTextExtentPoint32W
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CreateFontIndirectW
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryInfoKeyW
RegEnumValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
SHGetSpecialFolderPathW

shlwapi

UrlIsW
PathFileExistsW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsURLW

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetThemePartSize
GetThemeSysColor

ole32

OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
LoadTypeLi
SysAllocString
SysFreeString
VarDateFromStr
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
VariantInit

urlmon

UrlMkGetSessionOption
ObtainUserAgentString

winhttp

WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpSetOption
WinHttpQueryOption
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData

secur32

GetUserNameExW

dnsapi

DnsFree
DnsQuery_W

ws2_32

inet_pton

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

FCP_AddConnectedReviewDoc
FCP_AddDrmPermission
FCP_AddShareReviewAnnot
FCP_AddShareReviewUser
FCP_ChangeMessageDelivery
FCP_ChangeWebService
FCP_CopyDRMInfo
FCP_DelConnectedReviewDoc
FCP_DeleteCPDF
FCP_DeleteDRMInfo
FCP_DeleteDocVersion
FCP_DeleteShareReviewAnnot
FCP_DocIsShareReview
FCP_GetACL
FCP_GetAppeDocPermission
FCP_GetCPDFPlatform
FCP_GetContentKey
FCP_GetCurrentHost
FCP_GetDocInfo
FCP_GetDocOwnerID
FCP_GetDocumentMessage
FCP_GetEmail
FCP_GetJSPluginHost
FCP_GetLastNetworkError
FCP_GetOpenMessage
FCP_GetOwnerEmail
FCP_GetPollingInfo
FCP_GetRecordedHost
FCP_GetServiceCollectStrategy
FCP_GetShareReviewAnnot
FCP_GetShareReviewInitiatorEmail
FCP_GetShareReviewPageObjNumList
FCP_GetShareReviewUserInfo
FCP_GetShareReviewUserList
FCP_GetUntreatedMessageCount
FCP_GetUserDeviceInfo
FCP_GetUserOwnAllAnnots
FCP_GetWebServiceURL
FCP_GetWebServiceURLbyHost
FCP_InitDLL
FCP_IsEnterpriseEnv
FCP_IsSecureRemoved
FCP_LoadcAppID
FCP_ModifyDocVersion
FCP_ReleaseBuffer
FCP_ReleaseBuffer2
FCP_ReleaseCPDFPlatform
FCP_ReleaseLPSTR
FCP_ReleaseLPWSTR
FCP_RemoveSecure
FCP_SendConfirmReply
FCP_SendEmailNotification
FCP_SetAppeDocPermission
FCP_SetClientLanguage
FCP_SetClientVersion
FCP_SetConnectedReviewPollTime
FCP_SetCurrentHost
FCP_SetDocumentMessage
FCP_SetEnforcedTracking
FCP_SetPollingConfig
FCP_SetShareReviewState
FCP_SetShareReviewUserState
FCP_SetSubscribtionCallback
FCP_SetUserToken
FCP_StartPolling
FCP_StartShareReview
FCP_StopAllRequest
FCP_StopPolling
FCP_SubscribeUpdateNotification
FCP_SubscribeUser
FCP_SubscribecAppID
FCP_UnSubscribeUpdateNotification
FCP_UnSubscribeUser
FCP_UnSubscribecAppID
FCP_UpLoadCPDF
FCP_UpLoadDocID
FCP_UpLoadGrayLog
FCP_UpLoadUserLogger
FCP_UpLoadVersionID
FCP_UpdateNotificationSendEmail
FCP_UpdateShareReviewAnnot
FCP_UpdateWebServiceApi
FCP_UploadDRMInfo
FCP_UploadImage
FCP_UserCanJoinShareReview
FCP_getConfigUrl
FCP_isUserOnLine
FCP_stopThread

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1aa55a658c557e513371c234bae4734

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

4c:16:a5:10:f6:5b:d0:c4:da:18:55:b1:21:ea:8e:52:13:7f:0e:18:33:33:94:31:a7:be:1d:d3:12:12:ab:69Signer

fb:93:f1:77:76:30:a9:18:ca:90:37:19:08:a0:f9:f1:d9:80:47:cfSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

urlmon

winhttp

secur32

dnsapi

ws2_32

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 676KB - Virtual size: 676KB

.data Size: 25KB - Virtual size: 50KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 143KB - Virtual size: 142KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

07:24:72:f2:38:6f:46:08:a0:79:0d:a2:be:8a:48:f7
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

4c:16:a5:10:f6:5b:d0:c4:da:18:55:b1:21:ea:8e:52:13:7f:0e:18:33:33:94:31:a7:be:1d:d3:12:12:ab:69
Signer

fb:93:f1:77:76:30:a9:18:ca:90:37:19:08:a0:f9:f1:d9:80:47:cf
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 676KB - Virtual size: 676KB

.data
Size: 25KB - Virtual size: 50KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 143KB - Virtual size: 142KB