0f97d1d409889d82cb3bdf38446484e02aa997f4fbaee21fa01d43272f300c21

Sharing

Copy URL

Twitter E-mail

General

Target

0f97d1d409889d82cb3bdf38446484e02aa997f4fbaee21fa01d43272f300c21
Size

4.7MB
MD5

b95722be96485f171e7e820f9e2926c1
SHA1

df03e45bb511ca4d53b5f1b90699febccc9d8833
SHA256

0f97d1d409889d82cb3bdf38446484e02aa997f4fbaee21fa01d43272f300c21
SHA512

953fc0791c2c89e6d4f6c1535cccfb34032745b7a233a58de168478bb14e8c07e5275fbc2e6f8a7c31f91e2f593c616c52bc5f715968099c8b0e0f669d1e5745
SSDEEP

98304:fPvaPLwIse5AVPWtBeo5R5WMynjhk1ujdMboLhYyUPIgk:Y/FJt38hk1tbk

Score

1^/10

Malware Config

Signatures

Files

0f97d1d409889d82cb3bdf38446484e02aa997f4fbaee21fa01d43272f300c21
.exe windows:5 windows x86 arch:x86

4df0ff5d28cc0e14ed27d9156239c0d0

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25-11-2020 00:00

Not After

22-02-2024 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25-11-2020 00:00

Not After

22-02-2024 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:e7:b2:d2:22:3c:35:ca:13:f1:e6:34:38:0a:54:00:5c:e7:c2:af:0c:f3:e5:f2:6b:6d:01:67:14:ac:37:55
Signer

Actual PE Digest

79:e7:b2:d2:22:3c:35:ca:13:f1:e6:34:38:0a:54:00:5c:e7:c2:af:0c:f3:e5:f2:6b:6d:01:67:14:ac:37:55

Digest Algorithm

sha256

PE Digest Matches

false

78:79:27:0c:66:54:34:c2:f1:39:36:d2:a3:8e:5c:b5:b8:8f:2f:9d
Signer

Actual PE Digest

78:79:27:0c:66:54:34:c2:f1:39:36:d2:a3:8e:5c:b5:b8:8f:2f:9d

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

ntohl
recv
send
socket
ioctlsocket
setsockopt
htonl
gethostbyname
WSACleanup
WSAGetLastError
WSAStartup
connect
shutdown
select
closesocket
__WSAFDIsSet
htons

kernel32

GetFileType
GetStdHandle
FlushFileBuffers
QueryPerformanceCounter
FormatMessageA
GetSystemTimeAsFileTime
LockFileEx
LocalFree
CreateFileMappingA
UnlockFile
HeapCompact
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
CreateMutexA
SetEndOfFile
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
CreateDirectoryA
SleepEx
CreateEventW
VirtualQuery
SwitchToThread
GetSystemDefaultLangID
LoadLibraryA
lstrcmpiW
SetEvent
OpenFileMappingW
OpenEventW
InitializeCriticalSection
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
lstrcpynW
CreateDirectoryW
GetWindowsDirectoryW
GetVersionExW
GetShortPathNameW
GetCurrentProcessId
GetTempFileNameW
GetTempPathW
FreeResource
GetEnvironmentVariableA
CreateMutexW
DecodePointer
RaiseException
ExpandEnvironmentStringsW
FormatMessageW
GetACP
GetUserDefaultUILanguage
GetFileSize
VirtualFree
VirtualAlloc
CopyFileW
MoveFileExW
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetExitCodeProcess
GetCurrentThreadId
InterlockedExchangeAdd
GetLocalTime
InterlockedDecrement
InterlockedIncrement
MoveFileW
GetCurrentDirectoryW
GetFullPathNameW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesExW
SetFilePointer
WriteFile
GetTickCount
WideCharToMultiByte
GetModuleFileNameA
SystemTimeToFileTime
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
GetSystemDirectoryW
GetEnvironmentVariableW
GetLocaleInfoW
DeleteFileW
GetFileAttributesW
GetPrivateProfileSectionW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
OutputDebugStringW
GetModuleHandleA
ReadFile
WaitForSingleObject
CreateProcessW
GetStartupInfoW
GlobalMemoryStatusEx
GetSystemInfo
GetLastError
Sleep
InterlockedExchange
InterlockedCompareExchange
GetDriveTypeW
GetLogicalDrives
CloseHandle
CreateFileW
GetDiskFreeSpaceExW
DeviceIoControl
GetCurrentProcess
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
ReadConsoleW
SetEnvironmentVariableA
SetStdHandle
GetCommandLineA
HeapQueryInformation
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetCPInfo
LCMapStringW
GetStringTypeW
SetFilePointerEx
FindFirstFileExW
QueryPerformanceFrequency
GetNativeSystemInfo
GetExitCodeThread
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
GetUserDefaultLCID
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
VirtualProtect
GlobalFindAtomW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GlobalDeleteAtom
GetCurrentThread
ResumeThread
SetThreadPriority
lstrcmpW
GlobalFlags
CompareStringW
EncodePointer
LoadLibraryExW
DuplicateHandle
GetVolumeInformationW
GlobalAddAtomW
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
MulDiv
GlobalSize
GlobalMemoryStatus
FlushConsoleInputBuffer

user32

UnhookWindowsHookEx
SetWindowLongW
GetDlgItem
LoadCursorW
RegisterClassExW
PtInRect
CreateWindowExW
IntersectRect
SetCapture
ReleaseCapture
GetCapture
GetKeyState
SetTimer
KillTimer
DispatchMessageW
ShowWindow
UpdateWindow
SetRect
PostMessageW
SetWindowsHookExW
GetClassInfoW
CallNextHookEx
IsWindow
CallWindowProcW
GetWindowLongW
SendMessageTimeoutW
LoadImageW
SendMessageW
OffsetRect
PostQuitMessage
TranslateMessage
GetMessageW
GetSystemMetrics
GetClientRect
CopyRect
EqualRect
RegisterWindowMessageW
UnionRect
InvalidateRect
IsRectEmpty
BeginPaint
UpdateLayeredWindow
FindWindowExW
IsWindowVisible
GetWindowRect
EndPaint
EnumDisplayDevicesW
wsprintfW
HideCaret
SetCursor
SetFocus
ClientToScreen
WindowFromPoint
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
GetMonitorInfoW
RemoveMenu
GetSysColor
GetSysColorBrush
IsWindowEnabled
MessageBoxW
GetLastActivePopup
GetWindowTextLengthW
DestroyIcon
GetDlgCtrlID
GetFocus
SetWindowTextW
RealChildWindowFromPoint
ValidateRect
SetScrollPos
GetScrollPos
MoveWindow
CheckDlgButton
IsDialogMessageW
IsIconic
SetForegroundWindow
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
RegisterClassW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
GetClassLongW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
CopyImage
ShowOwnedPopups
DeleteMenu
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
DestroyMenu
GetMenuItemInfoW
SendDlgItemMessageA
SetRectEmpty
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
GetIconInfo
MessageBeep
EnableScrollBar
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
MonitorFromWindow
CreateWindowExA
RegisterClassExA
DefWindowProcW
DestroyWindow
ReleaseDC
GetDC
AppendMenuW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
GetWindowThreadProcessId
CharUpperW
FindWindowA
DrawTextW
FillRect
MapWindowPoints
GetWindow
PeekMessageW
InflateRect
DrawFocusRect
GetParent
SetWindowPos
EnableWindow
GetDesktopWindow
SystemParametersInfoW
IsZoomed
SetWindowRgn
GetActiveWindow
RedrawWindow
GetWindowTextW
GetSystemMenu
GetMenuState
DrawIconEx
GetClassInfoExW
GetClassNameW
GetCursorPos
ScreenToClient

gdi32

Escape
CreatePatternBrush
CreateBitmap
CreateDCW
CopyMetaFileW
GetObjectType
CreateHatchBrush
GetPixel
SetTextColor
CreateSolidBrush
GetObjectA
CombineRgn
ExtCreateRegion
StretchBlt
GetObjectW
Rectangle
LineTo
MoveToEx
ExtTextOutW
SetBkColor
CreateRectRgn
ExcludeClipRect
BitBlt
CreateCompatibleBitmap
GetClipBox
RoundRect
CreatePen
GetTextExtentPoint32W
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateFontIndirectW
GetStockObject
SetBkMode
GetDeviceCaps
SetPixelFormat
ChoosePixelFormat
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
GetRgnBox
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW

advapi32

CryptGenRandom
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
OpenProcessToken
GetTokenInformation
LookupPrivilegeNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExA
OpenSCManagerW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptReleaseContext
RegCloseKey
CryptAcquireContextW
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyW
RegDeleteValueW
CloseServiceHandle
DeleteService
ControlService
OpenServiceW

shell32

SHFileOperationW
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFolderPathA
CommandLineToArgvW
SHAppBarMessage
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
DragQueryFileW
SHGetPathFromIDListW
DragFinish

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize
ReleaseStgMedium
CoCreateGuid

oleaut32

VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
SysAllocString
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
LoadTypeLi
SysFreeString

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathRemoveFileSpecA
PathIsDirectoryW
StrCmpW
StrStrIW
PathFileExistsA
SHDeleteKeyW
PathAppendW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathFileExistsW

uxtheme

IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize

d3d9

Direct3DCreate9

opengl32

wglGetProcAddress
glGetString
wglMakeCurrent
wglCreateContext
wglDeleteContext

wininet

DeleteUrlCacheEntryW

gdiplus

GdipGetImageHeight
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipDisposeImage
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImageWidth
GdipGraphicsClear
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipSetWorldTransform
GdipFree
GdipAlloc
GdipDrawImageRectRectI
GdipCloneImage
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipMeasureString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateSolidFill
GdipDeleteBrush
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0

psapi

GetModuleFileNameExA

netapi32

Netbios

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

urlmon

URLDownloadToFileW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 573KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4df0ff5d28cc0e14ed27d9156239c0d0

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

79:e7:b2:d2:22:3c:35:ca:13:f1:e6:34:38:0a:54:00:5c:e7:c2:af:0c:f3:e5:f2:6b:6d:01:67:14:ac:37:55Signer

78:79:27:0c:66:54:34:c2:f1:39:36:d2:a3:8e:5c:b5:b8:8f:2f:9dSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

uxtheme

d3d9

opengl32

wininet

gdiplus

psapi

netapi32

oleacc

imm32

winmm

urlmon

winspool.drv

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 657KB - Virtual size: 656KB

.data Size: 70KB - Virtual size: 108KB

.gfids Size: 106KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.QMGuid Size: 512B - Virtual size: 32B

.rsrc Size: 573KB - Virtual size: 572KB

.reloc Size: 185KB - Virtual size: 185KB

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

79:e7:b2:d2:22:3c:35:ca:13:f1:e6:34:38:0a:54:00:5c:e7:c2:af:0c:f3:e5:f2:6b:6d:01:67:14:ac:37:55
Signer

78:79:27:0c:66:54:34:c2:f1:39:36:d2:a3:8e:5c:b5:b8:8f:2f:9d
Signer

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 657KB - Virtual size: 656KB

.data
Size: 70KB - Virtual size: 108KB

.gfids
Size: 106KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.QMGuid
Size: 512B - Virtual size: 32B

.rsrc
Size: 573KB - Virtual size: 572KB

.reloc
Size: 185KB - Virtual size: 185KB