679fc0a166f9a23d9ea91bcecbc9f2304e7ca8fc6e7b192d004b5c3e2cbf615c

Sharing

Copy URL

Twitter E-mail

General

Target

679fc0a166f9a23d9ea91bcecbc9f2304e7ca8fc6e7b192d004b5c3e2cbf615c
Size

9.2MB
MD5

371715c59413e086033673b49614c1e6
SHA1

c5202d4fe8d96b503d9310b70566785a4cac85cb
SHA256

679fc0a166f9a23d9ea91bcecbc9f2304e7ca8fc6e7b192d004b5c3e2cbf615c
SHA512

c26d3f21bfb6bcb94c03ffe5ea12e602365e18b350332f41ee609ae10f71568278d7f94a88454e274af18e53f380d1767fe1f09797c463ec8280b68663d61274
SSDEEP

196608:85MzeFLTatcpdD8YRrBkCju+8jrVAQNSWX/gsYgGC1TyXaCvGkgI43hKz62:kLGuRjuDjrVyWosh7yKCvGkZ4RKz

Score

1^/10

Malware Config

Signatures

Files

679fc0a166f9a23d9ea91bcecbc9f2304e7ca8fc6e7b192d004b5c3e2cbf615c
.exe windows:6 windows x86

167b1236fdc4108146e4399a6699f3ac

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01-03-2022 00:00

Not After

23-04-2025 23:59

Subject

CN=STARDOCK SYSTEMS\, INC.,O=STARDOCK SYSTEMS\, INC.,L=Plymouth,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01-03-2022 00:00

Not After

23-04-2025 23:59

Subject

CN=STARDOCK SYSTEMS\, INC.,O=STARDOCK SYSTEMS\, INC.,L=Plymouth,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

8c:d8:00:c4:aa:39:2a:af:50:e3:e8:6e:b4:f2:92:4f:43:59:40:fd:0e:57:3d:89:27:dd:e8:63:cc:73:73:26
Signer

Actual PE Digest

8c:d8:00:c4:aa:39:2a:af:50:e3:e8:6e:b4:f2:92:4f:43:59:40:fd:0e:57:3d:89:27:dd:e8:63:cc:73:73:26

Digest Algorithm

sha256

PE Digest Matches

false

b6:de:7d:2d:0f:03:be:58:81:25:04:18:f3:2a:27:cd:56:16:c3:6b
Signer

Actual PE Digest

b6:de:7d:2d:0f:03:be:58:81:25:04:18:f3:2a:27:cd:56:16:c3:6b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipGetImagePaletteSize
GdipSetPixelOffsetMode
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDrawImageRectRect
GdipCreateBitmapFromHBITMAP
GdipCreateImageAttributes
GdipFree
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipAlloc

uxtheme

DrawThemeTextEx
IsAppThemed
GetThemeInt
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeBackground
GetThemePartSize
DrawThemeParentBackground
CloseThemeData
OpenThemeData
EndBufferedPaint
BeginBufferedPaint
GetCurrentThemeName
GetThemeColor
DrawThemeText
GetThemeSysColor

wininet

InternetCloseHandle
HttpQueryInfoA
InternetCrackUrlA
InternetOpenA
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA

dwmapi

DwmUpdateThumbnailProperties
DwmRegisterThumbnail
DwmExtendFrameIntoClientArea
DwmSetWindowAttribute
DwmUnregisterThumbnail

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
VirtualAlloc
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
CreateDirectoryW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetProfileIntW
SearchPathW
GetTempPathW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindResourceExW
GetCurrentDirectoryW
GetThreadLocale
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
lstrcpyW
ResumeThread
CompareStringA
GetVersionExW
CopyFileW
FormatMessageW
MulDiv
LocalFree
CreateThread
RtlUnwind
OutputDebugStringW
GlobalSize
CompareStringW
GlobalAddAtomW
lstrcmpW
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
SetErrorMode
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
VirtualQuery
VirtualProtect
GetSystemInfo
GetCurrentProcessId
GetTickCount64
GetSystemDirectoryA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
FreeLibrary
LoadLibraryW
GetModuleHandleExA
CreateFileW
WriteFile
SetNamedPipeHandleState
CreateFileA
GlobalDeleteAtom
GlobalFindAtomA
DeleteFileW
GetWindowsDirectoryW
TerminateProcess
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW
FindFirstFileW
GetUserGeoID
GlobalFindAtomW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersion
LoadLibraryExA
GetUserPreferredUILanguages
GetCurrentProcess
GetModuleFileNameA
GetProductInfo
GetModuleFileNameW
LoadLibraryA
lstrlenW
FileTimeToSystemTime
GetTickCount
GetLastError
lstrcatA
lstrlenA
lstrcmpA
SetLastError
GetComputerNameA
WaitForSingleObject
GetCurrentThread
SetThreadPriority
SetEvent
LeaveCriticalSection
EnterCriticalSection
CreateEventW
InitializeCriticalSection
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
WideCharToMultiByte
CloseHandle
K32GetModuleFileNameExW
OpenProcess
GetModuleHandleA
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentThreadId
GetPrivateProfileSectionW
WritePrivateProfileSectionW
WritePrivateProfileStringW
GetModuleHandleW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep

user32

BringWindowToTop
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawEdge
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WaitMessage
LoadImageW
UnionRect
EnableScrollBar
IsRectEmpty
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
WindowFromPoint
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
CharUpperW
IsZoomed
TrackMouseEvent
IntersectRect
RealChildWindowFromPoint
InflateRect
EnumDisplayMonitors
GetSysColorBrush
ShowOwnedPopups
SetWindowContextHelpId
PostQuitMessage
MapDialogRect
GetAsyncKeyState
MapVirtualKeyW
GetKeyNameTextW
SetRectEmpty
SendDlgItemMessageA
TabbedTextOutW
GrayStringW
DrawTextExW
RemoveMenu
InsertMenuW
GetMenuState
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CheckDlgButton
MoveWindow
WinHelpW
SetScrollInfo
GetLastActivePopup
GetTopWindow
EqualRect
CopyRect
AdjustWindowRectEx
GetWindowTextLengthW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetActiveWindow
GetMenuItemID
SetMenu
GetCapture
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
GetMessageTime
GetMessagePos
LockWindowUpdate
LoadMenuW
LoadBitmapW
DrawStateW
AdjustWindowRect
SetParent
GetWindowRgnBox
DrawIcon
MonitorFromPoint
RegisterClassW
SetForegroundWindow
IsIconic
MessageBoxW
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
UnregisterClassW
WindowFromDC
AllowSetForegroundWindow
DestroyIcon
FindWindowA
RegisterWindowMessageA
GetKeyState
OffsetRect
GetMonitorInfoW
MonitorFromWindow
GetComboBoxInfo
SetGestureConfig
GetGestureInfo
ChildWindowFromPoint
ScrollWindowEx
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
LoadImageA
LoadStringW
SystemParametersInfoW
FindWindowW
GetWindowTextA
SetWindowTextA
GetWindowDC
SetCursor
LoadCursorW
ScreenToClient
EndPaint
GetDlgCtrlID
GetCursorPos
BeginPaint
SendMessageTimeoutW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CreateWindowExA
DestroyWindow
UpdateLayeredWindow
SendMessageA
MessageBoxA
wsprintfA
CopyImage
DrawIconEx
GetFocus
SetFocus
PtInRect
SetWindowTextW
GetWindowTextW
SetWindowPos
FindWindowExW
GetWindowThreadProcessId
GetClassNameW
GetWindow
InternalGetWindowText
EnumWindows
IsWindowEnabled
GetMenuStringW
UnhookWindowsHookEx
SetWindowsHookExW
ClientToScreen
InsertMenuItemW
CallNextHookEx
GetForegroundWindow
ShowWindow
IsWindowVisible
GetClassNameA
RemovePropA
BroadcastSystemMessageW
wsprintfW
DefWindowProcW
GetSystemMetrics
DrawTextA
DrawFrameControl
GetMenuInfo
GetPropA
GetClassLongW
CallWindowProcW
GetWindowRect
GetMenuItemInfoW
GetMenuItemCount
GetMenu
GetDesktopWindow
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClipboardFormatW
CharUpperBuffW
ModifyMenuW
TranslateAcceleratorW
GetWindowRgn
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
PostThreadMessageW
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
GetSubMenu
GetSysColor
DrawTextW
SetLayeredWindowAttributes
GetWindowLongW
ReleaseDC
GetDC
GetParent
LoadIconW
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
SetTimer
UpdateWindow
InvalidateRect
EnumChildWindows
PostMessageW
ReleaseCapture
SetCapture
GetPropW
RemovePropW
IsWindow
FillRect
SetWindowLongW
SetPropA
RedrawWindow
SetPropW
RegisterWindowMessageW
SendMessageW
MapWindowPoints
GetClientRect
KillTimer
GetDlgItem
EnableWindow
GetScrollInfo

gdi32

LineTo
PtVisible
RestoreDC
SaveDC
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
IntersectClipRect
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
EnumFontFamiliesExW
GetBkColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetDIBColorTable
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetObjectType
CreateDIBitmap
ExcludeClipRect
Escape
CreatePatternBrush
CreateDCW
CopyMetaFileW
CreateRoundRectRgn
CreateFontW
GetClipBox
GetTextMetricsW
RectVisible
GetDeviceCaps
StretchBlt
GetClipRgn
GetDCBrushColor
GetDCPenColor
CreateHatchBrush
SetDCBrushColor
SetDCPenColor
SetPixel
GetCurrentObject
SetStretchBltMode
SelectClipRgn
ExtSelectClipRgn
CreateRectRgn
ExtTextOutW
GetTextColor
SetBrushOrgEx
LPtoDP
CreateFontA
Rectangle
CreatePen
GetObjectW
SetDIBitsToDevice
GetDIBits
GetPixel
SetBkColor
CreateBitmap
CreateCompatibleBitmap
CreateDIBSection
StretchDIBits
CreateSolidBrush
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
PatBlt
SetBkMode
SetTextColor

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameW
GetOpenFileNameA
ChooseColorW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetTokenInformation
OpenProcessToken
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyA
RegOpenKeyExW
RegOpenKeyA
CryptEncrypt
CryptDecrypt
CryptSetKeyParam
CryptAcquireContextW
CryptDestroyKey
RegDeleteValueA
RegCreateKeyA
CryptReleaseContext
CryptDestroyHash
CryptVerifySignatureW
CryptHashData
CryptCreateHash
CryptImportKey
CryptAcquireContextA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA
RegQueryValueExW
RegOpenKeyW
RegEnumValueW
RegCreateKeyW
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetFolderPathW
SHGetFolderPathA
ShellExecuteA
SHGetKnownFolderPath
SHGetMalloc
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage
SHBrowseForFolderW
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHGetSpecialFolderLocation
SHGetDesktopFolder

shlwapi

PathFileExistsA
UrlEscapeA
StrStrIA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindExtensionW

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
OleDuplicateData
ReleaseStgMedium
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleUninitialize
CoUninitialize
OleInitialize

oleaut32

SysAllocString
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VariantChangeType
VariantInit
VariantClear
SysFreeString
LoadTypeLi
OleCreateFontIndirect

oledlg

OleUIBusyW

crypt32

CertGetNameStringW
CryptStringToBinaryA
CryptStringToBinaryW
CertFreeCertificateContext
CertGetNameStringA
CryptBinaryToStringW
CryptVerifyMessageSignature

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167b1236fdc4108146e4399a6699f3ac

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

8c:d8:00:c4:aa:39:2a:af:50:e3:e8:6e:b4:f2:92:4f:43:59:40:fd:0e:57:3d:89:27:dd:e8:63:cc:73:73:26Signer

b6:de:7d:2d:0f:03:be:58:81:25:04:18:f3:2a:27:cd:56:16:c3:6bSigner

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

uxtheme

wininet

dwmapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

crypt32

oleacc

imm32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 423KB - Virtual size: 422KB

.data Size: 24KB - Virtual size: 122KB

.rsrc Size: 6.5MB - Virtual size: 6.5MB

.reloc Size: 187KB - Virtual size: 186KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

8c:d8:00:c4:aa:39:2a:af:50:e3:e8:6e:b4:f2:92:4f:43:59:40:fd:0e:57:3d:89:27:dd:e8:63:cc:73:73:26
Signer

b6:de:7d:2d:0f:03:be:58:81:25:04:18:f3:2a:27:cd:56:16:c3:6b
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 423KB - Virtual size: 422KB

.data
Size: 24KB - Virtual size: 122KB

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

.reloc
Size: 187KB - Virtual size: 186KB