e40e6aa7e52cd5d6ba0d829522a1be69ea90ab7c1e42ae098bd3b7328f0a025e

Sharing

Copy URL Twitter E-mail

General

Target

e40e6aa7e52cd5d6ba0d829522a1be69ea90ab7c1e42ae098bd3b7328f0a025e
Size

323KB
MD5

9a305f1a246dff83f6219092cff3e531
SHA1

73daa7cf5b896b53ad8fe17a15044e6740f4b2ad
SHA256

e40e6aa7e52cd5d6ba0d829522a1be69ea90ab7c1e42ae098bd3b7328f0a025e
SHA512

55690184cd2257c461f918feb828b9ec5318034e51e6b96783dd29e0b663629d07ee6de28e8297ab361ee7f721b925a4f8738846d818cd44a849a1a45487b254
SSDEEP

6144:OwHFkvaxC6nykFf4P6LWg9rW0+vWgCxVBN7l8+MXPUbuwVm+P:j+iukFdWGrW0pXxQ+MeN/

Score

1^/10

Malware Config

Signatures

Files

e40e6aa7e52cd5d6ba0d829522a1be69ea90ab7c1e42ae098bd3b7328f0a025e
.dll windows:4 windows x64 arch:x64

541fbd440d69c4cffda775980ab18ef4

Code Sign

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:23

Not After

01/09/2022, 18:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:66:e3:c8:0d:72:8a:c9:ce:6a:27:22:35:c3:86:38:0e:a9:fa:e3:0b:9f:10:97:d9:57:e1:ea:fe:c4:f7:67
Signer

Actual PE Digest

28:66:e3:c8:0d:72:8a:c9:ce:6a:27:22:35:c3:86:38:0e:a9:fa:e3:0b:9f:10:97:d9:57:e1:ea:fe:c4:f7:67

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexW
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
ReleaseMutex
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
realloc
strlen
strncmp
vfprintf

Exports

Exports

DllGetClassObject
IEnumString_Next_WIC_Proxy
IEnumString_Reset_WIC_Proxy
IPropertyBag2_Write_Proxy
IWICBitmapClipper_Initialize_Proxy
IWICBitmapCodecInfo_DoesSupportAnimation_Proxy
IWICBitmapCodecInfo_DoesSupportLossless_Proxy
IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy
IWICBitmapCodecInfo_GetContainerFormat_Proxy
IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy
IWICBitmapCodecInfo_GetDeviceModels_Proxy
IWICBitmapCodecInfo_GetFileExtensions_Proxy
IWICBitmapCodecInfo_GetMimeTypes_Proxy
IWICBitmapDecoder_CopyPalette_Proxy
IWICBitmapDecoder_GetColorContexts_Proxy
IWICBitmapDecoder_GetDecoderInfo_Proxy
IWICBitmapDecoder_GetFrameCount_Proxy
IWICBitmapDecoder_GetFrame_Proxy
IWICBitmapDecoder_GetMetadataQueryReader_Proxy
IWICBitmapDecoder_GetPreview_Proxy
IWICBitmapDecoder_GetThumbnail_Proxy
IWICBitmapEncoder_Commit_Proxy
IWICBitmapEncoder_CreateNewFrame_Proxy
IWICBitmapEncoder_GetEncoderInfo_Proxy
IWICBitmapEncoder_GetMetadataQueryWriter_Proxy
IWICBitmapEncoder_Initialize_Proxy
IWICBitmapEncoder_SetPalette_Proxy
IWICBitmapEncoder_SetThumbnail_Proxy
IWICBitmapFlipRotator_Initialize_Proxy
IWICBitmapFrameDecode_GetColorContexts_Proxy
IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy
IWICBitmapFrameDecode_GetThumbnail_Proxy
IWICBitmapFrameEncode_Commit_Proxy
IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy
IWICBitmapFrameEncode_Initialize_Proxy
IWICBitmapFrameEncode_SetColorContexts_Proxy
IWICBitmapFrameEncode_SetResolution_Proxy
IWICBitmapFrameEncode_SetSize_Proxy
IWICBitmapFrameEncode_SetThumbnail_Proxy
IWICBitmapFrameEncode_WriteSource_Proxy
IWICBitmapLock_GetDataPointer_STA_Proxy
IWICBitmapLock_GetStride_Proxy
IWICBitmapScaler_Initialize_Proxy
IWICBitmapSource_CopyPalette_Proxy
IWICBitmapSource_CopyPixels_Proxy
IWICBitmapSource_GetPixelFormat_Proxy
IWICBitmapSource_GetResolution_Proxy
IWICBitmapSource_GetSize_Proxy
IWICBitmap_Lock_Proxy
IWICBitmap_SetPalette_Proxy
IWICBitmap_SetResolution_Proxy
IWICColorContext_InitializeFromMemory_Proxy
IWICComponentFactory_CreateMetadataWriterFromReader_Proxy
IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy
IWICComponentInfo_GetAuthor_Proxy
IWICComponentInfo_GetCLSID_Proxy
IWICComponentInfo_GetFriendlyName_Proxy
IWICComponentInfo_GetSpecVersion_Proxy
IWICComponentInfo_GetVersion_Proxy
IWICFastMetadataEncoder_Commit_Proxy
IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy
IWICFormatConverter_Initialize_Proxy
IWICImagingFactory_CreateBitmapClipper_Proxy
IWICImagingFactory_CreateBitmapFlipRotator_Proxy
IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy
IWICImagingFactory_CreateBitmapFromHICON_Proxy
IWICImagingFactory_CreateBitmapFromMemory_Proxy
IWICImagingFactory_CreateBitmapFromSource_Proxy
IWICImagingFactory_CreateBitmapScaler_Proxy
IWICImagingFactory_CreateBitmap_Proxy
IWICImagingFactory_CreateComponentInfo_Proxy
IWICImagingFactory_CreateDecoderFromFileHandle_Proxy
IWICImagingFactory_CreateDecoderFromFilename_Proxy
IWICImagingFactory_CreateDecoderFromStream_Proxy
IWICImagingFactory_CreateEncoder_Proxy
IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy
IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxy
IWICImagingFactory_CreateFormatConverter_Proxy
IWICImagingFactory_CreatePalette_Proxy
IWICImagingFactory_CreateQueryWriterFromReader_Proxy
IWICImagingFactory_CreateQueryWriter_Proxy
IWICImagingFactory_CreateStream_Proxy
IWICMetadataBlockReader_GetCount_Proxy
IWICMetadataBlockReader_GetReaderByIndex_Proxy
IWICMetadataQueryReader_GetContainerFormat_Proxy
IWICMetadataQueryReader_GetEnumerator_Proxy
IWICMetadataQueryReader_GetLocation_Proxy
IWICMetadataQueryReader_GetMetadataByName_Proxy
IWICMetadataQueryWriter_RemoveMetadataByName_Proxy
IWICMetadataQueryWriter_SetMetadataByName_Proxy
IWICPalette_GetColorCount_Proxy
IWICPalette_GetColors_Proxy
IWICPalette_GetType_Proxy
IWICPalette_HasAlpha_Proxy
IWICPalette_InitializeCustom_Proxy
IWICPalette_InitializeFromBitmap_Proxy
IWICPalette_InitializeFromPalette_Proxy
IWICPalette_InitializePredefined_Proxy
IWICPixelFormatInfo_GetBitsPerPixel_Proxy
IWICPixelFormatInfo_GetChannelCount_Proxy
IWICPixelFormatInfo_GetChannelMask_Proxy
IWICStream_InitializeFromIStream_Proxy
IWICStream_InitializeFromMemory_Proxy
WICConvertBitmapSource
WICCreateBitmapFromSection
WICCreateBitmapFromSectionEx
WICCreateColorContext_Proxy
WICCreateImagingFactory_Proxy
WICGetMetadataContentSize
WICMapGuidToShortName
WICMapSchemaToName
WICMapShortNameToGuid
WICMatchMetadataContent
WICSerializeMetadataContent
WICSetEncoderFormat_Proxy

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 243B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

541fbd440d69c4cffda775980ab18ef4

Code Sign

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3cCertificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

28:66:e3:c8:0d:72:8a:c9:ce:6a:27:22:35:c3:86:38:0e:a9:fa:e3:0b:9f:10:97:d9:57:e1:ea:fe:c4:f7:67Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 271KB - Virtual size: 270KB

.rdata Size: 1024B - Virtual size: 736B

.pdata Size: 512B - Virtual size: 504B

.xdata Size: 512B - Virtual size: 352B

.bss Size: - Virtual size: 224B

.edata Size: 512B - Virtual size: 243B

.idata Size: 1024B - Virtual size: 976B

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 88B

.rsrc Size: 1KB - Virtual size: 1KB

.rdata2 Size: 14KB - Virtual size: 16KB

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

28:66:e3:c8:0d:72:8a:c9:ce:6a:27:22:35:c3:86:38:0e:a9:fa:e3:0b:9f:10:97:d9:57:e1:ea:fe:c4:f7:67
Signer

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 271KB - Virtual size: 270KB

.rdata
Size: 1024B - Virtual size: 736B

.pdata
Size: 512B - Virtual size: 504B

.xdata
Size: 512B - Virtual size: 352B

.bss
Size: - Virtual size: 224B

.edata
Size: 512B - Virtual size: 243B

.idata
Size: 1024B - Virtual size: 976B

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 88B

.rsrc
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 14KB - Virtual size: 16KB