2024-02-18_023c5c3b69f63238e881d0779475715b_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-18_023c5c3b69f63238e881d0779475715b_mafia
Size

12.6MB
MD5

023c5c3b69f63238e881d0779475715b
SHA1

96f900f519d5d88df0b5672efc53baa51ff21ea7
SHA256

bae7f4fee0b93759de64e0640d4428ef666df76bb2fe3fe50db6b7252e71dd82
SHA512

63bffc9ba3e055ed319472c4a9f1a803a4199b780168a4a64ee127ddf95249c97742ed27f1668fb3b37d8df3163c6c771dff6d7b043e52e03f6234405dc7c038
SSDEEP

98304:cTxnHWtI6ApEPvOQOhVqM+h10AXvtOje8Tnb2aHQo8u9nPPR9vgeEo34fMqOk/Up:IGPvOywnVwo8qnsDLIk/UDonhYdzpp

Score

1^/10

Malware Config

Signatures

Files

2024-02-18_023c5c3b69f63238e881d0779475715b_mafia
.exe windows:5 windows x86 arch:x86

93d7eca6543e4cdf048b75ca5e3aae5b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:24:c6:d5:d3:26:20:00:68:5b:45:ef:14:31:2e:d2
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/07/2021, 00:00

Not After

18/09/2024, 23:59

Subject

CN=VALOFE Co.\,Ltd.,O=VALOFE Co.\,Ltd.,L=Geumcheon-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c1:49:f8:77:ef:6d:ef:78:3e:6c:89:f6:9e:88:bb:c8:d1:16:5c:2f:75:ea:c9:85:a3:64:b4:75:35:77:86:ad
Signer

Actual PE Digest

c1:49:f8:77:ef:6d:ef:78:3e:6c:89:f6:9e:88:bb:c8:d1:16:5c:2f:75:ea:c9:85:a3:64:b4:75:35:77:86:ad

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\workspace\LS_ID_BUILD_UPDATE(2023.10.25)\src\LSAutoUpgrade\Ship_ID\AutoUpgrade.pdb

Imports

ws2_32

closesocket
sendto
inet_addr
ntohs
socket
recvfrom
connect
recv
send
WSAAsyncSelect
WSAIoctl
htonl
htons
setsockopt
bind
WSACleanup
gethostbyname
WSAGetLastError
gethostname
WSAStartup

winmm

PlaySoundA
timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

kernel32

HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetConsoleCP
GetConsoleMode
FatalAppExitA
CompareStringW
LCMapStringW
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapReAlloc
GetStringTypeW
GetTimeZoneInformation
GetDriveTypeW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
PeekNamedPipe
GetFileInformationByHandle
SetCurrentDirectoryA
FindFirstFileExA
GetSystemInfo
PeekConsoleInputA
SetConsoleMode
ReadConsoleInputA
SetVolumeLabelA
GetStartupInfoW
SetConsoleCtrlHandler
VirtualQuery
CloseHandle
OpenMutexA
GetLastError
CreateMutexA
ReleaseMutex
SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GlobalMemoryStatus
CreateDirectoryA
GetCurrentDirectoryA
CopyFileA
DeleteFileA
SetFileAttributesA
FindClose
FindNextFileA
FindFirstFileA
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
lstrlenA
Sleep
MoveFileA
CreateProcessA
FindResourceA
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcessId
VirtualAlloc
ExitThread
GetNumberOfConsoleInputEvents
ExitProcess
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
RaiseException
DecodePointer
EncodePointer
RtlUnwind
LocalLock
LocalUnlock
FindResourceExW
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetTickCount
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
SetErrorMode
SystemTimeToFileTime
AllocConsole
lstrcatA
GetLocalTime
FreeConsole
GetDriveTypeA
GetACP
GetAtomNameA
GetDiskFreeSpaceExA
TerminateProcess
GetExitCodeProcess
GetOEMCP
GetCPInfo
lstrcpyA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetProfileIntA
LocalAlloc
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpiA
GetStringTypeExA
GetThreadLocale
InterlockedIncrement
GlobalSize
lstrlenW
GlobalUnlock
GlobalFree
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryW
lstrcmpW
GlobalAddAtomA
SuspendThread
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
InterlockedDecrement
GetModuleFileNameW
OpenProcess
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
IsDBCSLeadByte
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReadFile
LoadLibraryA
FreeLibrary
MulDiv
LeaveCriticalSection
EnterCriticalSection
CreateThread
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
RemoveDirectoryA
CreateFileA
GetFileSize
GetModuleFileNameA
SetLastError
FormatMessageA
SetEvent
CreateEventA
WaitForSingleObject
LocalFree
GetFileAttributesA
CreateToolhelp32Snapshot
Process32First
Process32Next

user32

InSendMessage
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
RegisterClipboardFormatA
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
MapVirtualKeyA
GetKeyNameTextA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
GetDialogBaseUnits
DestroyMenu
GetMenuItemInfoA
DestroyIcon
WaitMessage
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
DeleteMenu
UnregisterClassA
WindowFromPoint
LoadBitmapA
ReleaseCapture
LoadCursorW
SetCapture
GetDCEx
SetRectEmpty
SetRect
IntersectRect
CharUpperA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
CharNextA
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
CreateMenu
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExA
CallNextHookEx
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageA
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
GetTabbedTextExtentA
GetTabbedTextExtentW
EnumChildWindows
GetWindowRgn
WindowFromDC
DestroyCursor
SubtractRect
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
MapVirtualKeyExA
ShowCursor
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
SetDlgItemTextA
EmptyClipboard
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
UnhookWindowsHookEx
SetCursor
LoadCursorA
GetFocus
DrawFocusRect
GetSysColor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetActiveWindow
GetParent
UpdateWindow
FillRect
OffsetRect
InflateRect
LoadImageA
IsWindow
GetWindowLongA
SetWindowLongA
RedrawWindow
PostMessageA
LoadBitmapW
wsprintfA
GetDesktopWindow
WaitForInputIdle
MessageBoxA
SystemParametersInfoA
GetSystemMetrics
EnableWindow
LoadIconW
KillTimer
SetTimer
IsWindowVisible
InvalidateRect
GetClientRect
GetWindowRect
IsIconic
SendMessageA
DrawIcon
CopyRect
RegisterWindowMessageA
FindWindowA
SetForegroundWindow
GetClassInfoA
GetWindowDC
IsCharLowerA

gdi32

SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
GetTextColor
SetRectRgn
CombineRgn
PatBlt
Rectangle
UnrealizeObject
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
GetCharWidthA
StretchDIBits
GetCurrentObject
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
GetDIBits
SetPixel
RoundRect
EnumFontFamiliesExA
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
SetPixelV
CopyMetaFileA
GetBkColor
SetBkColor
SetTextColor
CreateBitmap
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateDCA
GetDeviceCaps
DeleteDC
GetTextMetricsA
LPtoDP
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateFontIndirectA
SelectObject
GetObjectA
DeleteObject
StretchBlt
BitBlt
GetStockObject
CreateCompatibleDC
CreateRectRgnIndirect
CreateSolidBrush
CreateFontA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExA
RegEnumValueA
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
DragAcceptFiles
DragFinish
DragQueryFileA
ShellExecuteA
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc
SHAppBarMessage
SHFileOperationA
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathRemoveFileSpecW

ole32

StgCreateDocfile
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleInitialize
CreateStreamOnHGlobal
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoFreeUnusedLibraries
OleUninitialize
OleRun
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleSaveToStream
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetMenuDescriptor
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
PropVariantCopy
OleSave
WriteClassStm
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate

oleaut32

VariantClear
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SysStringLen
SysStringByteLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantInit
SysAllocStringLen
VariantChangeType
SysAllocString
SystemTimeToVariantTime
SysFreeString

oledlg

ord8

urlmon

URLDownloadToFileA

wininet

HttpOpenRequestA
InternetOpenUrlA
InternetReadFile
HttpSendRequestA
InternetOpenA
FtpRenameFileA
InternetConnectA
InternetQueryDataAvailable
HttpQueryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetOptionExA
InternetSetCookieA
InternetGetCookieA
FtpDeleteFileA
FtpCreateDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpPutFileA
FtpGetFileA
InternetErrorDlg
HttpAddRequestHeadersA
InternetFindNextFileA
GopherFindFirstFileA
InternetGetLastResponseInfoA
InternetSetStatusCallback
InternetSetFilePointer
GopherOpenFileA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
InternetWriteFile
InternetCloseHandle

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Exports

Exports

??0CLog@@QAE@ABV0@@Z
??0CLog@@QAE@XZ
??1CLog@@UAE@XZ
??4CLog@@QAEAAV0@ABV0@@Z
??_7CLog@@6B@
?CloseAndRelease@CLog@@QAEXXZ
?CloseLog@CLog@@QAEXXZ
?DebugLog@CLog@@QAAXHPADH0ZZ
?DebugMBox@@YAXPADHPAUHWND__@@0ZZ
?LOG@@3VCLog@@A
?MBox@@YAXPAUHWND__@@PAD1ZZ
?OpenConsole@CLog@@QAEXH@Z
?OpenLog@CLog@@QAEXHPBD_N@Z
?PrintConsoleLog@CLog@@QAAXHPADZZ
?PrintLog@CLog@@QAAXHPADZZ
?PrintNoEnterLog@CLog@@QAAXHPADZZ
?PrintTimeAndLog@CLog@@QAAXHPADZZ
?WriteReadyFolderAndFiles@CLog@@IAEXPBD@Z

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 751KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93d7eca6543e4cdf048b75ca5e3aae5b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:24:c6:d5:d3:26:20:00:68:5b:45:ef:14:31:2e:d2Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

c1:49:f8:77:ef:6d:ef:78:3e:6c:89:f6:9e:88:bb:c8:d1:16:5c:2f:75:ea:c9:85:a3:64:b4:75:35:77:86:adSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

winmm

version

iphlpapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

wininet

oleacc

gdiplus

imm32

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 751KB - Virtual size: 751KB

.data Size: 39KB - Virtual size: 106KB

.rsrc Size: 9.1MB - Virtual size: 9.1MB

.reloc Size: 220KB - Virtual size: 220KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:24:c6:d5:d3:26:20:00:68:5b:45:ef:14:31:2e:d2
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

c1:49:f8:77:ef:6d:ef:78:3e:6c:89:f6:9e:88:bb:c8:d1:16:5c:2f:75:ea:c9:85:a3:64:b4:75:35:77:86:ad
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 751KB - Virtual size: 751KB

.data
Size: 39KB - Virtual size: 106KB

.rsrc
Size: 9.1MB - Virtual size: 9.1MB

.reloc
Size: 220KB - Virtual size: 220KB