16dc0d624636450553beea0ea130a506b047dcbddaf1dfe9a886a768af611c7c

Sharing

Copy URL

Twitter E-mail

General

Target

16dc0d624636450553beea0ea130a506b047dcbddaf1dfe9a886a768af611c7c
Size

244KB
MD5

1dffe4bdc61cfa881cdb1efb3e1ba835
SHA1

df75de6a97426825dafa4192d4965272fff1cbff
SHA256

16dc0d624636450553beea0ea130a506b047dcbddaf1dfe9a886a768af611c7c
SHA512

6c63ce00bc534d2a82eeed27b606b1ee1a0e156fc450c6e0c524c9864bff34c5253804669d9414ad144fcdc23035b117ace05b6418ec7059305a9d369c097aac
SSDEEP

6144:T6zY4/oysrN6okyY+Xpii1bEBV+UdvrEFp7hKky:T6GhT31bEBjvrEH7/y

Score

1^/10

Malware Config

Signatures

Files

16dc0d624636450553beea0ea130a506b047dcbddaf1dfe9a886a768af611c7c
.exe windows:4 windows x86

ba037405ff45d2eaca370822d2ed377a

Code Sign

09:f7:77:8a:6d:5a:bb:89:87:b2:66:7c:79:6d:28:bb
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

18/04/2019, 00:00

Not After

17/04/2021, 23:59

Subject

CN=Hypersecu (Hypersecu Information Systems\, Inc),O=Hypersecu (Hypersecu Information Systems\, Inc),POSTALCODE=V7C 4V4,STREET=\#200 - 6191 Westminster Hwy,L=Richmond,ST=BC,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3a:ae:a6:b3:56:7e:a0:5d:aa:44:16:c2:c0:0b:44:45:90:eb:9e:00
Signer

Actual PE Digest

3a:ae:a6:b3:56:7e:a0:5d:aa:44:16:c2:c0:0b:44:45:90:eb:9e:00

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord1569
ord5568
ord2910
ord3871
ord537
ord940
ord942
ord1172
ord6451
ord470
ord755
ord2371
ord4282
ord5679
ord5706
ord858
ord1143
ord2717
ord1131
ord2613
ord1165
ord5939
ord5714
ord1197
ord815
ord561
ord3733
ord4616
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord2078
ord6330
ord2859
ord5977
ord6376
ord6193
ord6195
ord538
ord3087
ord800
ord4279
ord3991
ord540
ord3993
ord6898
ord861
ord2810
ord6211
ord6871
ord4229
ord2294
ord641
ord324
ord567
ord693
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4992
ord5261
ord3635
ord4418
ord3365
ord5286
ord4396
ord1768
ord6051
ord2574
ord3356
ord4704
ord4847
ord4370
ord823
ord825

msvcrt

__dllonexit
wcschr
??0exception@@QAE@ABV0@@Z
strncpy
??0exception@@QAE@XZ
_CxxThrowException
memmove
??1exception@@UAE@XZ
_ftol
_purecall
_wcsicmp
fclose
fwrite
_wfopen
wcscmp
wcscpy
_wtol
wcscat
_beginthreadex
wcstol
wcsstr
isprint
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_onexit
_controlfp
__CxxFrameHandler

kernel32

GetSystemInfo
GetModuleHandleW
GetVersionExW
WideCharToMultiByte
TerminateThread
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
GetStartupInfoW
ReadFile
SystemTimeToFileTime
CompareFileTime
GetLocalTime
FileTimeToSystemTime
LocalAlloc
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
CreateProcessW
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
SetEvent
GetTempPathW
CreateDirectoryW
DeleteFileW
GetPrivateProfileStringW
RemoveDirectoryW
WaitForMultipleObjects
Sleep
CreateEventW
CreateMutexW
GetLastError
CloseHandle
GetCommandLineW
GetCurrentThreadId
lstrcpynW
lstrlenW
lstrcpyW
GetTickCount
GetModuleFileNameW
lstrcatW
GetUserDefaultLangID
CreateFileW
TerminateProcess
GetFileSize

user32

UpdateWindow
SetTimer
ShowWindow
DefWindowProcW
PtInRect
InvalidateRect
CreateWindowExW
RegisterClassExW
LoadCursorW
RegisterWindowMessageW
ReleaseDC
SetWindowRgn
MoveWindow
GetDC
GetSystemMetrics
EnableWindow
GetWindowRect
SendMessageW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetActiveWindow
PostMessageW
GetParent
IsWindow
KillTimer
GetWindowTextW
GetWindowTextLengthW
LoadIconW
DrawIcon
IsIconic
DestroyWindow
wsprintfW
LoadImageW
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
SetFocus
GetMessageW
GetWindow
EnumThreadWindows
MessageBoxW
DestroyIcon
EndDialog
SetWindowTextW
EndPaint
DrawTextW
GetClientRect
SetWindowPos
BeginPaint
LoadBitmapW

gdi32

CreatePolygonRgn
GetStockObject
GetTextExtentPoint32W
SetBkMode
CreateCompatibleDC
SelectObject
Polygon
DeleteDC
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectW

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize

crypt32

CertFreeCertificateContext
CertCloseStore
CertGetIntendedKeyUsage
CertSetCertificateContextProperty
CertCreateCertificateContext
CertOpenStore
CryptDecodeObject
CertFindExtension
CryptVerifyCertificateSignature
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertGetNameStringW
CertAddCertificateContextToStore

ftuikit_u

?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@XZ
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??_7CNotifyPump@DuiLib@@6B@
??0CPaintManagerUI@DuiLib@@QAE@XZ
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??1CNotifyPump@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBGXZ
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetResourceID@WindowImplBase@DuiLib@@UBEPBGXZ
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@PBGH@Z
??1CDuiString@DuiLib@@QAE@XZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBGKKHHHHPAUHMENU__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPBG0@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetShortcut@CControlUI@DuiLib@@UAEXG@Z
?GetShortcut@CControlUI@DuiLib@@UBEGXZ
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?SetUserData@CControlUI@DuiLib@@UAEXPBG@Z
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetX@CControlUI@DuiLib@@UBEHXZ
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?SetToolTip@CControlUI@DuiLib@@UAEXPBG@Z
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ
?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?FindSubControlsByClass@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PAVCControlUI@2@PBG@Z
?GetSize@CStdPtrArray@DuiLib@@QBEHXZ
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?Right@CDuiString@DuiLib@@QBE?AV12@H@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?GetData@CDuiString@DuiLib@@QBEPBGXZ
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??1CButtonUI@DuiLib@@UAE@XZ
??0CButtonUI@DuiLib@@QAE@XZ
?SetBorderRound@CControlUI@DuiLib@@QAEXUtagSIZE@@@Z
?GetClass@CButtonUI@DuiLib@@UBEPBGXZ
?GetInterface@CButtonUI@DuiLib@@UAEPAXPBG@Z
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CButtonUI@DuiLib@@UAEXPBG0@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBG@Z
?Find@CDuiString@DuiLib@@QBEHPBGH@Z
?Mid@CDuiString@DuiLib@@QBE?AV12@HH@Z
?GetLength@CDuiString@DuiLib@@QBEHXZ
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z
??0CTextUI@DuiLib@@QAE@XZ
?SetFont@CLabelUI@DuiLib@@QAEXH@Z
?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z
??0CLabelUI@DuiLib@@QAE@XZ
?SetBkImage@CControlUI@DuiLib@@QAEXPBG@Z
?GetClass@CTextUI@DuiLib@@UBEPBGXZ
?GetInterface@CTextUI@DuiLib@@UAEPAXPBG@Z
?GetControlFlags@CTextUI@DuiLib@@UBEIXZ
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CLabelUI@DuiLib@@UAEXPBG@Z
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CLabelUI@DuiLib@@UAEXPBG0@Z
?EstimateSize@CTextUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?PaintText@CTextUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetClass@CLabelUI@DuiLib@@UBEPBGXZ
?GetInterface@CLabelUI@DuiLib@@UAEPAXPBG@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetText@CControlUI@DuiLib@@UAEXPBG@Z
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?GetInterface@CControlUI@DuiLib@@UAEPAXPBG@Z
?GetClass@CControlUI@DuiLib@@UBEPBGXZ
?SetName@CControlUI@DuiLib@@UAEXPBG@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??0CControlUI@DuiLib@@QAE@XZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
??1CControlUI@DuiLib@@UAE@XZ
??4CDuiString@DuiLib@@QAEABV01@PBG@Z
??8CDuiString@DuiLib@@QBE_NPBG@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBG@Z
??BCDuiString@DuiLib@@QBEPBGXZ
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?TranslateMessage@CPaintManagerUI@DuiLib@@SA_NQAUtagMSG@@@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PBG@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ

wininet

InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
DeleteUrlCacheEntryW
InternetGetConnectedState
InternetCloseHandle

shlwapi

PathFileExistsW

winscard

SCardGetStatusChangeW
SCardEstablishContext
SCardReleaseContext

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba037405ff45d2eaca370822d2ed377a

Code Sign

09:f7:77:8a:6d:5a:bb:89:87:b2:66:7c:79:6d:28:bbCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

3a:ae:a6:b3:56:7e:a0:5d:aa:44:16:c2:c0:0b:44:45:90:eb:9e:00Signer

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

crypt32

ftuikit_u

wininet

shlwapi

winscard

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 17KB - Virtual size: 17KB

09:f7:77:8a:6d:5a:bb:89:87:b2:66:7c:79:6d:28:bb
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

3a:ae:a6:b3:56:7e:a0:5d:aa:44:16:c2:c0:0b:44:45:90:eb:9e:00
Signer

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 17KB - Virtual size: 17KB