cbdc4e2e989d842c9e3bd644930ae41d01496731ae6be080f2b5baef2f396cf2

Sharing

Copy URL Twitter E-mail

General

Target

cbdc4e2e989d842c9e3bd644930ae41d01496731ae6be080f2b5baef2f396cf2
Size

5.2MB
MD5

b8ea4ac69db3189ea5a3468ae69d5349
SHA1

e84806b54efe20d87a880161be3d1f0f64d10050
SHA256

cbdc4e2e989d842c9e3bd644930ae41d01496731ae6be080f2b5baef2f396cf2
SHA512

a089ad7de6cd652fe311c83f517d760e92e7d430c88d6909ebf9edc0759ac1a5eb695bfe31328b8e0a5d005284dcaa85ad85cdd664facce16eba5ba720502f39
SSDEEP

49152:cSq8Otduk0GV1ep85FMfacs3egmi28yL+MwQYr6jFaoKG+UKBps8zTtLtdD3cNxw:Q5wzs3eu28yL+Me6jV+JLvcNxB4v

Score

1^/10

Malware Config

Signatures

Files

cbdc4e2e989d842c9e3bd644930ae41d01496731ae6be080f2b5baef2f396cf2
.exe windows:5 windows x86 arch:x86

8699d56486d74eabd61df6c76ddd3942

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3f:ba:a1:10:b3:5d:98:65:83:3d:2d:3f:38:6b:8f:44
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

03/07/2009, 00:00

Not After

03/07/2011, 23:59

Subject

CN=SHANGHAI ZHONGYUAN NETWORKS LIMITED,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=SHANGHAI ZHONGYUAN NETWORKS LIMITED,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
FatalAppExitA
GetStdHandle
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
SetHandleCount
CompareStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
HeapSize
GetFileType
SetStdHandle
GetStartupInfoA
GetCommandLineA
VirtualQuery
VirtualAlloc
HeapReAlloc
LCMapStringW
GetTimeFormatA
ExitProcess
CreateThread
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
RtlUnwind
GetFileSizeEx
GetFileAttributesExA
SetErrorMode
GetModuleHandleW
GetAtomNameA
GetOEMCP
GetCPInfo
GlobalFlags
VirtualProtect
TlsFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
FileTimeToDosDateTime
DosDateTimeToFileTime
FlushInstructionCache
GetTempPathA
GetVersion
FindResourceExW
DebugBreak
GetStringTypeW
GetDateFormatA
GetStringTypeA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
GetShortPathNameA
GetFullPathNameA
DuplicateHandle
FlushFileBuffers
GetThreadLocale
GetStringTypeExA
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalSize
FileTimeToSystemTime
GetSystemTime
GetSystemDirectoryA
Process32First
Process32Next
ExpandEnvironmentStringsA
WinExec
GetExitCodeProcess
GlobalMemoryStatus
CopyFileA
TlsAlloc
TlsSetValue
GetSystemInfo
GetProcessHeap
GetVolumeInformationA
SetFileAttributesA
FormatMessageA
lstrcmpiA
GetCurrentThreadId
lstrcatA
SetThreadPriority
GetLogicalDriveStringsA
GetDriveTypeA
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryExA
InterlockedDecrement
InterlockedCompareExchange
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
lstrcpynA
OpenProcess
TerminateProcess
GetTempPathW
GetTempFileNameW
GetFileAttributesW
CopyFileW
FindResourceExA
GetProfileIntA
SearchPathA
CreateProcessA
GetWindowsDirectoryA
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
FreeResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
GlobalFree
CreateEventA
IsDBCSLeadByte
LCMapStringA
MulDiv
GetCurrentDirectoryA
SetCurrentDirectoryA
RemoveDirectoryA
LockFile
WriteFile
UnlockFile
ReadFile
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
CreateFileA
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
GetCurrentProcess
VirtualProtectEx
WriteProcessMemory
SuspendThread
OpenMutexA
CreateMutexA
LocalFree
LocalAlloc
OutputDebugStringA
lstrcpyA
ResetEvent
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
SetLastError
GetExitCodeThread
GetLocalTime
LoadLibraryA
GetProcAddress
GetModuleHandleA
FreeLibrary
GetPrivateProfileStringA
Sleep
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
lstrlenA
MultiByteToWideChar
GetLastError
GetFileAttributesA
CreateDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileTime
FileTimeToLocalFileTime
GetACP
GetTickCount
DeleteFileA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
WritePrivateProfileStringA
GetVersionExA
GetPrivateProfileIntA
WriteConsoleA
CreateFileW

user32

CallWindowProcA
GetClassInfoA
GetDCEx
ClipCursor
GetNextDlgGroupItem
DestroyIcon
UnionRect
LockWindowUpdate
GetSystemMenu
DrawIcon
SetWindowPos
RemovePropA
mouse_event
MessageBeep
ExitWindowsEx
IsChild
SetFocus
SetClassLongA
BringWindowToTop
GetPropA
SendMessageTimeoutA
GetLastActivePopup
FlashWindow
FindWindowA
GetMenuStringA
InsertMenuA
InsertMenuItemA
GetClassNameA
PostThreadMessageA
GrayStringA
DrawTextExA
TabbedTextOutA
MessageBoxA
SetRectEmpty
wsprintfA
GetWindowDC
SetWindowRgn
GetWindowLongA
IsIconic
EmptyClipboard
SetClipboardData
MessageBoxW
MapWindowPoints
ClientToScreen
EnableMenuItem
AppendMenuA
CreatePopupMenu
GetCursorInfo
DefWindowProcA
GetDesktopWindow
ShowWindow
SetForegroundWindow
CopyIcon
SetWindowLongA
DestroyCursor
BeginPaint
CreateWindowExA
CharUpperA
GetWindowThreadProcessId
DrawStateA
TrackMouseEvent
DrawIconEx
GetSysColor
FillRect
GetWindow
ModifyMenuA
GetMenuItemID
GetMenuItemInfoA
GetMenuStringW
GetWindowTextLengthW
GetWindowTextW
ReleaseDC
GetFocus
LoadBitmapA
EqualRect
OffsetRect
LoadImageA
ChangeDisplaySettingsA
EnumDisplayDevicesA
GetDC
DrawTextA
GetDlgCtrlID
MonitorFromWindow
GetMonitorInfoA
GetMessageA
LoadIconA
OpenClipboard
GetClipboardData
CloseClipboard
SetParent
CheckMenuItem
TranslateMessage
SetRect
IsRectEmpty
CopyRect
GetAsyncKeyState
GetIconInfo
GetWindowPlacement
IntersectRect
GetMenu
SetWindowPlacement
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
GetClassInfoExA
GetScrollPos
GetScrollRange
SetMenu
TrackPopupMenuEx
ScrollWindow
GetMessagePos
TranslateAcceleratorA
SystemParametersInfoA
RegisterClassA
ShowScrollBar
SetActiveWindow
EnableScrollBar
SetScrollRange
SetScrollInfo
SetScrollPos
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ScrollWindowEx
MoveWindow
CharLowerA
EndPaint
GetParent
EnableWindow
SendMessageA
RegisterWindowMessageA
GetKeyState
GetClientRect
GetCursorPos
CopyAcceleratorTableA
LoadAcceleratorsA
ScreenToClient
IsWindowVisible
PostMessageA
PtInRect
ReleaseCapture
SetCursor
LoadCursorA
IsWindow
InflateRect
GetWindowRect
InvalidateRect
RedrawWindow
SetTimer
KillTimer
GetCapture
SetCapture
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
TrackPopupMenu
MonitorFromPoint
GetMenuItemRect
GetMenuDefaultItem
DrawFocusRect
CreateIconIndirect
IsMenu
LoadCursorFromFileA
FindWindowExA
WindowFromDC
MessageBoxIndirectA
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
WinHelpA
SendDlgItemMessageA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
RegisterClipboardFormatA
UnregisterClassA
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
ValidateRect
CharNextA
DestroyMenu
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
InvalidateRgn
FrameRect
ModifyMenuW
AppendMenuW
DrawTextExW
DrawTextW
LoadBitmapW
LoadImageW
LoadIconW
LoadStringW
InsertMenuW
InsertMenuItemW
DrawFrameControl
LoadStringA
wvsprintfA
SetMenuInfo
GetMenuState
GetMenuItemCount
DeleteMenu
SetMenuItemInfoA
GetSubMenu
LoadMenuA
SetPropA
CreateAcceleratorTableA
DestroyAcceleratorTable
WindowFromPoint
UpdateWindow
UnregisterHotKey
RegisterHotKey
GetSystemMetrics
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
RemoveMenu

gdi32

RealizePalette
SetDIBitsToDevice
SetStretchBltMode
ExtSelectClipRgn
StretchDIBits
GetDCOrgEx
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
SelectClipPath
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
FillRgn
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
CreateDIBPatternBrushPt
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
SetRectRgn
DPtoLP
GetRgnBox
GetTextMetricsA
CreateDIBSection
CreateDIBitmap
OffsetRgn
CreatePolygonRgn
CreateEllipticRgn
GetClipBox
CreateICA
ExtCreateRegion
Rectangle
UnrealizeObject
CreatePatternBrush
CreateRoundRectRgn
CreateRectRgnIndirect
EnumFontFamiliesExA
CreateFontA
GetTextColor
GetBkColor
SetBkColor
CreateBitmap
Escape
ExtTextOutA
RectVisible
PtVisible
GetMapMode
SetMapMode
GetWindowExtEx
GetViewportExtEx
GetPixel
CreateRectRgn
CombineRgn
CreateFontIndirectW
StretchBlt
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
BitBlt
SetTextColor
SetBkMode
GetDeviceCaps
TextOutA
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
TextOutW
GetViewportOrgEx
GetWindowOrgEx
SetBrushOrgEx
CreateBitmapIndirect
SetPixel
GetNearestColor
SetPixelV
RoundRect
PlgBlt
GetCurrentObject
SetBoundsRect
GetBkMode
GetCharWidthA
FrameRgn
BeginPath
EndPath
StrokeAndFillPath
GetObjectA
GetDIBits
DeleteObject
CreateSolidBrush
PatBlt
SelectObject
SetWindowExtEx
CreatePen
GetTextExtentPoint32A

comdlg32

ChooseColorW
GetFileTitleA
ChooseColorA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

InitializeAcl
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegQueryValueExW
RegSetValueExW
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegSetValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
RegCloseKey
GetAce
EqualSid
RegQueryValueA
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptReleaseContext
RegDeleteValueA
RegDeleteKeyA

shell32

ExtractIconA
SHGetFileInfoA
Shell_NotifyIconA
SHChangeNotify
DragQueryFileA
DragFinish
ShellExecuteExA
ShellExecuteExW
SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_Duplicate
ImageList_GetImageInfo
ImageList_Destroy
ImageList_DrawIndirect
ImageList_Copy
ImageList_Draw
ImageList_GetIcon

shlwapi

SHGetValueA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathRemoveFileSpecW
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecA
PathSkipRootA
PathAddBackslashA
PathIsRootA
PathIsDirectoryA
PathFileExistsA

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoInitializeEx
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
CoTaskMemAlloc
OleSetClipboard
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleRun
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
CoUninitialize
CoInitialize
OleIsCurrentClipboard
ReleaseStgMedium
CoTaskMemRealloc
CoCreateGuid
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

VarUI4FromStr
CreateErrorInfo
SetErrorInfo
GetErrorInfo
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VarBstrCmp
SysStringLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
OleLoadPicture
SysAllocStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString

gdiplus

GdipCreateBitmapFromScan0
GdipCloneStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipResetClip
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipSetClipRect
GdipDrawImageI
GdiplusShutdown
GdiplusStartup
GdipGetPropertyItem
GdipGetStringFormatFlags
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateBitmapFromHBITMAP
GdipMeasureString
GdipGetGenericFontFamilySansSerif
GdipDrawString
GdipStringFormatGetGenericTypographic
GdipSetStringFormatTrimming
GdipCloneImage
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDrawImageRectRect
GdipFillRectangle
GdipGetImageGraphicsContext
GdipSetSolidFillColor
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteFont
GdipCloneFont
GdipGetLogFontW
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipGetFontCollectionFamilyCount
GdipDeleteGraphics
GdipCreateFromHDC
GdipAlloc
GdipFree
GdipSetStringFormatAlign
GdipGetPropertyItemSize
GdipSetStringFormatLineAlign

ws2_32

sendto
WSACleanup
gethostname
recvfrom
bind
WSAStartup
inet_ntoa
inet_addr
connect
gethostbyname
WSAGetLastError
getsockname
recv
send
shutdown
closesocket
socket
setsockopt
htons

imagehlp

ImageDirectoryEntryToData

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySoundA
timeKillEvent
timeSetEvent

riched20

ord4
ord6

imm32

ImmGetContext
ImmReleaseContext

wininet

InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetCloseHandle
GopherOpenFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetCookieA
InternetOpenUrlA
HttpOpenRequestA
InternetFindNextFileA

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HookSec
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8699d56486d74eabd61df6c76ddd3942

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

3f:ba:a1:10:b3:5d:98:65:83:3d:2d:3f:38:6b:8f:44Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

imagehlp

version

winmm

riched20

imm32

wininet

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 511KB - Virtual size: 511KB

.data Size: 34KB - Virtual size: 75KB

.HookSec Size: 512B - Virtual size: 512B

.rsrc Size: 1.8MB - Virtual size: 1.8MB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

3f:ba:a1:10:b3:5d:98:65:83:3d:2d:3f:38:6b:8f:44
Certificate

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 511KB - Virtual size: 511KB

.data
Size: 34KB - Virtual size: 75KB

.HookSec
Size: 512B - Virtual size: 512B

.rsrc
Size: 1.8MB - Virtual size: 1.8MB