SecuriteInfo[.]com[.]Program[.]Keylogger[.]249[.]22999[.]21522[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Program.Keylogger.249.22999.21522.dll
Size

4.2MB
MD5

9f7be833c0ecd46852e352072d4e0b53
SHA1

23963f36cf88d2f176075d436a1acd55e495f500
SHA256

3febaf87e425ed0ce3fbba499e3518594d956702bbf7a573b6f83ef8b6c5845d
SHA512

6f7b99942e21e355c25f5489cf5b4910f59c2ea91bdad67d8086d384b09ee30951e2e4dccea5fce9efe5d5d71a0283097b446b6059b98fc8c7a088c6909f0655
SSDEEP

98304:ug+mPzRSzL3/HlkQm7RJKtD0B4Lxc1ZMPfOJUiZV1+5A4vbQ7wFNyDDbdJdjg:t+aiVt0B4N7OJ594vbQ7wFN4tg

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Program.Keylogger.249.22999.21522.dll
.dll windows:6 windows x86 arch:x86

09c1941ac7c3336a5fa0e5522bdd7a45

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:cc:95:a4:43:6f:ba:6a:94:ae:ac:e6
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

05/01/2021, 10:25

Not After

05/04/2024, 10:25

Subject

SERIALNUMBER=1016600042604,CN=SAFEJKA SRL,O=SAFEJKA SRL,STREET=str. Paris\, 27,L=Chişinău,ST=Chişinău,C=MD,1.3.6.1.4.1.311.60.2.1.3=#13024d44,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/06/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:60:61:1d:14:9c:45:ef:39:d4:11:dc:02:d0:83:eb:69:7d:54:dd:cd:43:58:94:91:72:c7:d5:3d:ae:41:dc
Signer

Actual PE Digest

fd:60:61:1d:14:9c:45:ef:39:d4:11:dc:02:d0:83:eb:69:7d:54:dd:cd:43:58:94:91:72:c7:d5:3d:ae:41:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

R:\lib\cryptlib\Win32_Release_EN\gina_licensing.pdb

Imports

winmm

PlaySoundW

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

kernel32

HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
CreateSymbolicLinkW
GetFileInformationByHandleEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
GetTickCount64
GetCurrentProcessorNumber
FlushProcessWriteBuffers
GetCommandLineW
CreateEventExW
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitOnceExecuteOnce
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetFileInformationByHandle
FormatMessageA
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
OutputDebugStringW
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
WaitForSingleObjectEx
ResetEvent
GetCommandLineA
GetSystemInfo
VirtualAlloc
SetStdHandle
GetFileType
ExitProcess
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetThreadTimes
QueryPerformanceFrequency
QueryPerformanceCounter
LocalUnlock
LocalLock
VirtualQuery
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
Sleep
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
FindResourceExW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
GetVersionExW
GetCurrentThread
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GlobalGetAtomNameW
lstrcmpA
GetCurrentProcessId
GlobalFlags
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
CopyFileW
FormatMessageW
MulDiv
GlobalSize
FindResourceW
SizeofResource
LockResource
LoadResource
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
SetErrorMode
LocalFree
LocalReAlloc
LocalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetModuleFileNameA
WriteFile
WriteConsoleW
SetFilePointer
SetEndOfFile
GetFileSize
FlushFileBuffers
CreateFileA
CreateDirectoryA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
CreateSemaphoreExW

user32

MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetDialogBaseUnits
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
LoadImageW
InvalidateRect
TrackMouseEvent
CharUpperW
DestroyIcon
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
IntersectRect
InflateRect
LoadCursorW
GetSysColorBrush
GetSystemMetrics
GetWindowThreadProcessId
RealChildWindowFromPoint
GetDesktopWindow
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
EnableScrollBar
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
GetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
MapVirtualKeyW
GetKeyNameTextW
GetDlgItemTextW
LoadMenuW
BringWindowToTop
UnregisterClassA
UnregisterClassW
UnhookWindowsHookEx
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
GetTabbedTextExtentW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
SetFocus
GetCapture
EnableWindow
GetMenu
SetMenu
TrackPopupMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
SendNotifyMessageW
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
GetDCEx
DestroyCursor
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx

gdi32

GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
GetClipRgn
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
PatBlt
PlayMetaFile
DeleteDC

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
SetFileSecurityW
GetFileSecurityW
RegEnumValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegCloseKey

shell32

ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW
SHGetMalloc
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHAddToRecentDocs
SHGetFileInfoW
ExtractIconW
SHGetFolderPathA

ole32

CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRun
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
CoRegisterMessageFilter
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
WriteClassStm
StgCreateDocfileOnILockBytes
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
CreateStreamOnHGlobal
CoCreateGuid
CoInitialize
CoUninitialize
CLSIDFromString
CoCreateInstance
CoDisconnectObject
StringFromGUID2
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CoRevokeClassObject
OleCreateFromData
OleTranslateAccelerator

oleaut32

SysAllocString
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayRedim
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString

msimg32

TransparentBlt
AlphaBlend

uxtheme

GetThemePartSize
DrawThemeText
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
GetThemeSysColor

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStreamICM
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipCreateBitmapFromFileICM
GdipGetImagePalette

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Exports

Exports

WlxCheckValueSignature
WlxCreateKeyPair
WlxDecryptPKI
WlxEncryptPKI
WlxSignValue
WlxSwitchSession32
WlxSwitchSession64

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 733KB - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09c1941ac7c3336a5fa0e5522bdd7a45

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

65:cc:95:a4:43:6f:ba:6a:94:ae:ac:e6Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

fd:60:61:1d:14:9c:45:ef:39:d4:11:dc:02:d0:83:eb:69:7d:54:dd:cd:43:58:94:91:72:c7:d5:3d:ae:41:dcSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

msimg32

uxtheme

oledlg

gdiplus

oleacc

imm32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 733KB - Virtual size: 733KB

.data Size: 76KB - Virtual size: 108KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 257KB - Virtual size: 257KB

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

65:cc:95:a4:43:6f:ba:6a:94:ae:ac:e6
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

fd:60:61:1d:14:9c:45:ef:39:d4:11:dc:02:d0:83:eb:69:7d:54:dd:cd:43:58:94:91:72:c7:d5:3d:ae:41:dc
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 733KB - Virtual size: 733KB

.data
Size: 76KB - Virtual size: 108KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 257KB - Virtual size: 257KB