2024-02-12_014eebbd454996683c10af8faed2c266_floxif_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-02-12_014eebbd454996683c10af8faed2c266_floxif_magniber
Size

6.0MB
MD5

014eebbd454996683c10af8faed2c266
SHA1

2fbd075c47509550eb9b4abebc924bdb7f401099
SHA256

4832ee1763316e04825e0c0d4a5b2c9a3248b4e6399cf3e9ae53e22c4c22aac8
SHA512

88534eaff0ebcfd3fdac74f5e483f8a8ad3b3403f963ffe21e51064bb7112d1d5a1638c69ccf29151377f0cbdffb887e2183126394399b79531e27d5a1ff245d
SSDEEP

98304:iGKVs4/5mYI2Dcy+3Rx10PB4jyCq69VuF5DkSRy6WTZFLOAkGkzdnEVomFHKnPis:iGPA5hH8Rx10PBzDkSRyDZFLOyomFHK9

Score

10^/10

Malware Config

Signatures

Detects executables containing URLs to raw contents of a Github gist 1 IoCs

resource	yara_rule
sample	INDICATOR_SUSPICIOUS_EXE_RawGitHub_URL

Files

2024-02-12_014eebbd454996683c10af8faed2c266_floxif_magniber
.exe windows:6 windows x86 arch:x86

750a81298b9a58a6e09b33edacf50c35

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5f:da:67:ef:71:64:15:cd:f1:36:98:fb
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27-07-2023 14:53

Not After

27-07-2026 14:53

Subject

SERIALNUMBER=000237148,CN=VENTOBYTE SL,O=VENTOBYTE SL,STREET=C/ Los Prados 166,L=Gijón,ST=Asturias,C=ES,1.2.840.113549.1.9.1=#0c12696e666f4076656e746f627974652e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13024553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bf:de:99:39:d3:57:3d:cd:06:16:f2:c6:65:e9:2c:56:4d:31:de:15:01:29:cb:49:3c:21:51:e6:db:4c:76:47
Signer

Actual PE Digest

bf:de:99:39:d3:57:3d:cd:06:16:f2:c6:65:e9:2c:56:4d:31:de:15:01:29:cb:49:3c:21:51:e6:db:4c:76:47

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dev\Projects\YogaDns\YogaDns\DnsManager\Release\YogaDns.pdb

Imports

kernel32

IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
WriteConsoleW
GetStdHandle
GetTimeZoneInformation
GetModuleHandleExW
GetFileType
SetStdHandle
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
SetEnvironmentVariableW
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
LCMapStringW
MoveFileExW
SetFilePointerEx
RemoveDirectoryW
GetFileInformationByHandle
FindFirstFileExW
CreateDirectoryW
QueryPerformanceFrequency
GetExitCodeThread
SwitchToThread
TryEnterCriticalSection
GetStringTypeW
OutputDebugStringW
ReadConsoleW
GetDriveTypeW
IsValidCodePage
GetACP
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
VirtualFree
EnumSystemLocalesW
GetOEMCP
GetEnvironmentStringsW
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
QueryPerformanceCounter
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
SetErrorMode
GetWindowsDirectoryW
FindResourceExW
SearchPathW
GetProfileIntW
GetTickCount
FindNextFileW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
FreeEnvironmentStringsW
DeleteFileW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetThreadLocale
LocalReAlloc
GlobalHandle
TlsFree
InitializeCriticalSection
ResumeThread
SetThreadPriority
SetEvent
VerifyVersionInfoW
VerSetConditionMask
CompareStringA
lstrcmpA
GetVersionExW
GlobalReAlloc
GetFileSize
GetCurrentDirectoryW
GlobalGetAtomNameW
lstrcpyW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
CopyFileW
MulDiv
CloseHandle
GlobalSize
TlsSetValue
TlsGetValue
TlsAlloc
InitOnceExecuteOnce
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
SetLastError
CloseThreadpoolWork
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
CreateThreadpoolWork
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMinimum
SetThreadpoolThreadMaximum
CreateThreadpool
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetTempFileNameW
SystemTimeToFileTime
GetSystemTime
GetFileAttributesW
CreateMutexW
GetComputerNameExW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
OpenMutexW
GetCurrentThread
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
WideCharToMultiByte
MultiByteToWideChar
OpenProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetTempPathW
LoadLibraryW
ExitProcess
SetUnhandledExceptionFilter
GetExitCodeProcess
CreateProcessW
FormatMessageA
SetThreadpoolTimer
CreateThreadpoolTimer
Sleep
LocalFree
FormatMessageW
GetTickCount64
WaitForSingleObject
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
GetOverlappedResult
DeviceIoControl
GetLastError
CreateEventW
InterlockedFlushSList
PeekNamedPipe

user32

GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CopyImage
PostQuitMessage
SetParent
DrawEdge
DrawFocusRect
DrawIconEx
SetLayeredWindowAttributes
EnableWindow
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
EndDialog
GetNextDlgTabItem
GetActiveWindow
SendDlgItemMessageA
SetRectEmpty
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
KillTimer
DeleteMenu
SetWindowRgn
SetCursor
NotifyWinEvent
GetSysColorBrush
SetClassLongW
BringWindowToTop
LoadAcceleratorsW
ValidateRect
EndPaint
TranslateAcceleratorW
GetForegroundWindow
EnumDisplayMonitors
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
CreatePopupMenu
DestroyMenu
InsertMenuItemW
LoadImageW
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextW
MapVirtualKeyW
GetMessageW
GetClientRect
CopyRect
GetWindowRect
SendMessageW
GetDC
PostMessageW
GetSystemMetrics
DrawFrameControl
IsRectEmpty
InvalidateRect
OffsetRect
UpdateWindow
ScreenToClient
PtInRect
HideCaret
RedrawWindow
LoadIconW
GetSystemMenu
AppendMenuW
SystemParametersInfoW
SetTimer
GetIconInfo
GetKeyState
GetSysColor
MessageBoxA
GetCursorPos
LoadMenuW
GetSubMenu
SetMenuDefaultItem
SetForegroundWindow
IsIconic
GetMonitorInfoW
MonitorFromPoint
IntersectRect
GetLastActivePopup
GetParent
wsprintfW
MessageBoxW
DefWindowProcW
LoadCursorW
FindWindowW
UnregisterClassW
DestroyIcon
ClientToScreen
MessageBeep
EnableMenuItem
GetFocus
ReleaseDC
FillRect
InflateRect
IsWindowVisible
GetDesktopWindow
SetCapture
WindowFromPoint
ReleaseCapture
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
SetFocus
SetScrollPos
GetScrollPos
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
GetWindow
IsWindowEnabled
GetWindowThreadProcessId
DrawStateW
GetClassNameW
LoadBitmapW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
SetWindowContextHelpId
MapDialogRect
TranslateMessage
ShowOwnedPopups
CreateDialogIndirectParamW
UpdateLayeredWindow
EnableScrollBar
UnionRect
GetMenuItemInfoW
GetComboBoxInfo
OpenClipboard
CloseClipboard
SetClipboardData
BeginPaint
GetMessagePos
EndDeferWindowPos
SetRect
RealChildWindowFromPoint
GetMenuDefaultItem
RegisterClipboardFormatW
CharUpperBuffW
LockWindowUpdate
ModifyMenuW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
CopyIcon
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
WaitMessage
GetDoubleClickTime
EnumChildWindows
CharNextW
InvalidateRgn
GetNextDlgGroupItem
GetUpdateRect
InvertRect
DrawIcon
DestroyCursor
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
CreateMenu
SubtractRect
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
EmptyClipboard
GetWindowRgn
SetActiveWindow
BeginDeferWindowPos
DeferWindowPos
GetDlgItem

gdi32

MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRoundRectRgn
CreateRectRgnIndirect
PatBlt
CombineRgn
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetBkColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesW
RoundRect
Rectangle
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
OffsetRgn
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
GetDeviceCaps
CreateFontW
SelectObject
GetTextMetricsW
GetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
CopyMetaFileW
CreateDCW
CreateSolidBrush
DeleteObject
SetBkColor
SetTextColor
CreateBitmap
BitBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
SetTextAlign
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
GetTextCharsetInfo
CreateDIBSection

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegCreateKeyExW
GetLengthSid
CopySid
OpenThreadToken
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegEnumValueW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA
ShellExecuteExW
SHGetKnownFolderPath
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW

comctl32

ord381
ImageList_GetIconSize
ImageList_Draw
ImageList_AddMasked
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag

shlwapi

UrlUnescapeW
StrStrW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

OpenThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
CloseThemeData

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoCreateGuid
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
IIDFromString
CoUninitialize
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
VarBstrFromDate

oledlg

OleUIBusyW

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDeleteGraphics
GdipSetInterpolationMode
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipGetImageHeight
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream

iphlpapi

CancelMibChangeNotify2
NotifyIpInterfaceChange
GetAdaptersAddresses

rasapi32

RasGetEntryPropertiesW
RasEnumEntriesW

dnsapi

DnsFree
DnsQuery_A
DnsQueryConfig

wlanapi

WlanFreeMemory
WlanScan
WlanEnumInterfaces
WlanOpenHandle
WlanGetAvailableNetworkList
WlanCloseHandle

ws2_32

getservbyname
getprotobyname
ntohl
recvfrom
getservbyport
getprotobynumber
htonl
WSASetLastError
select
bind
getsockopt
shutdown
htons
WSASend
WSARecv
WSAIoctl
WSAStartup
inet_ntop
sendto
ioctlsocket
inet_pton
getnameinfo
getsockname
closesocket
recv
send
connect
setsockopt
socket
ntohs
WSAGetLastError

crypt32

CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateContext
CertCreateCertificateContext
CertCloseStore
CertOpenStore
CertAddCertificateContextToStore
CertGetCertificateContextProperty

secur32

ApplyControlToken
EncryptMessage
QueryContextAttributesW
DecryptMessage
FreeContextBuffer
InitializeSecurityContextW
AcquireCredentialsHandleW
FreeCredentialsHandle
DeleteSecurityContext

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW

winmm

PlaySoundW

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 761KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

750a81298b9a58a6e09b33edacf50c35

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

5f:da:67:ef:71:64:15:cd:f1:36:98:fbCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

bf:de:99:39:d3:57:3d:cd:06:16:f2:c6:65:e9:2c:56:4d:31:de:15:01:29:cb:49:3c:21:51:e6:db:4c:76:47Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

rasapi32

dnsapi

wlanapi

ws2_32

crypt32

secur32

oleacc

wininet

winmm

imm32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 761KB - Virtual size: 761KB

.data Size: 57KB - Virtual size: 102KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 216KB - Virtual size: 215KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

5f:da:67:ef:71:64:15:cd:f1:36:98:fb
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

bf:de:99:39:d3:57:3d:cd:06:16:f2:c6:65:e9:2c:56:4d:31:de:15:01:29:cb:49:3c:21:51:e6:db:4c:76:47
Signer

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 761KB - Virtual size: 761KB

.data
Size: 57KB - Virtual size: 102KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 216KB - Virtual size: 215KB