2024-03-08_9f44f167a09029bb514453a88229e493_icedid_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-08_9f44f167a09029bb514453a88229e493_icedid_magniber
Size

7.4MB
MD5

9f44f167a09029bb514453a88229e493
SHA1

abfb7817b6def03d25ebbb22eaddb7bb96b6926e
SHA256

cea15403ee933e039c155ae6141bb60f65abbb13dcbfc7e08643e30ec93dde5d
SHA512

a281a8d3bfec672850116d116b7e35048280bf746bc4429303a00e798ce80f929bc198619d9455c120c4f3df158ef4c7e6d8d648aac6b59c90f3d51b88ee2b2e
SSDEEP

98304:7wucHvydjczCsqQSxsogTLuxI6j1HsAlnB4+pl++MXHFzJDhpL5f56Hkj5hclnEn:cuCyQjSYf+1HsAl1q9L5frhclnCh

Score

1^/10

Malware Config

Signatures

Files

2024-03-08_9f44f167a09029bb514453a88229e493_icedid_magniber
.exe windows:5 windows x86 arch:x86

fc593b36108a3982c2e9d6f48a434fb6

Code Sign

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/08/2020, 00:00

Not After

11/08/2021, 23:59

Subject

CN=Sanem Application Tools Limited,O=Sanem Application Tools Limited,POSTALCODE=8011,STREET=194 Worcester Street,L=Christchurch,ST=Canterbury,C=NZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/08/2020, 00:00

Not After

11/08/2021, 23:59

Subject

CN=Sanem Application Tools Limited,O=Sanem Application Tools Limited,POSTALCODE=8011,STREET=194 Worcester Street,L=Christchurch,ST=Canterbury,C=NZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:cd:56:87:cf:44:86:cf:74:3b:9e:d3:26:9b:45:8b:dd:6e:40:68:d1:1c:66:f4:9f:ca:b8:59:b6:5d:85:d2
Signer

Actual PE Digest

e9:cd:56:87:cf:44:86:cf:74:3b:9e:d3:26:9b:45:8b:dd:6e:40:68:d1:1c:66:f4:9f:ca:b8:59:b6:5d:85:d2

Digest Algorithm

sha256

PE Digest Matches

true

a7:72:8f:2f:87:66:6f:1f:34:c4:e7:81:5a:d1:37:1f:c5:5b:f1:69
Signer

Actual PE Digest

a7:72:8f:2f:87:66:6f:1f:34:c4:e7:81:5a:d1:37:1f:c5:5b:f1:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoExW
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetACP
ExitProcess
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetEnvironmentStringsW
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
RtlUnwind
GetCPInfo
LCMapStringW
SwitchToThread
GetStringTypeW
OutputDebugStringW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
GetOEMCP
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
Sleep
SearchPathW
GetProfileIntW
GetTempPathW
GetTickCount
IsProcessorFeaturePresent
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
GetCurrentDirectoryW
SetErrorMode
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
lstrcpyW
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
GetVersionExW
GetCurrentThread
GetAtomNameW
GlobalGetAtomNameW
CreateSemaphoreW
WaitForMultipleObjects
CreateMutexW
ReleaseMutex
ReleaseSemaphore
lstrcmpA
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindClose
DeleteFileW
CreateFileW
GetThreadLocale
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EnumLanguageGroupLocalesW
FindNextVolumeMountPointW
FindCloseChangeNotification
MoveFileWithProgressW
FindFirstFileW
CheckNameLegalDOS8Dot3A
GetDiskFreeSpaceExW
OutputDebugStringA
DeleteProcThreadAttributeList
GetModuleFileNameW
SetFileIoOverlappedRange
GetProcessAffinityMask
ResetWriteWatch
LocalCompact
LocalAlloc
AcquireSRWLockShared
LoadLibraryW
FreeLibrary
GetLastError
WideCharToMultiByte
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
WriteConsoleW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
VirtualQuery

user32

ShowOwnedPopups
PostQuitMessage
MsgWaitForMultipleObjectsEx
GetSystemMetrics
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
WindowFromPoint
IntersectRect
CharNextW
TranslateMessage
GetMessageW
LoadMenuW
GetWindowThreadProcessId
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
DrawEdge
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
MapDialogRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
ShowWindow
EnableWindow
InvalidateRect
GetWindowRect
CheckMenuItem
GetFocus
SetRectEmpty
GetClientRect
SendDlgItemMessageA
FillRect
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
TrackMouseEvent
DestroyIcon
LoadImageW
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
GetAsyncKeyState
GetDialogBaseUnits
CopyAcceleratorTableW
InvalidateRgn
DeleteMenu
GetNextDlgGroupItem
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
SetCursorPos
CopyIcon
DrawIcon
RegisterClipboardFormatW
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetTabbedTextExtentW
GetDCEx
SetWindowLongW
MoveWindow
IsWindowVisible
GetParent
SendMessageW
SetTimer
KillTimer
GetActiveWindow
GetCapture
SetCapture
ReleaseCapture
DrawStateW
RedrawWindow
SetCursor
ClientToScreen
DrawFocusRect
FrameRect
CopyRect
InflateRect
OffsetRect
GetWindowLongW
LoadBitmapW
DestroyCursor
GetIconInfo
GetCursorPos
ScreenToClient
SetRect
IsRectEmpty
PtInRect
DrawIconEx
UpdateWindow
GetWindow
SetLayeredWindowAttributes
SetWindowPos
DeferWindowPos
DefWindowProcW
CallWindowProcW
UnregisterClassW
GetMenuStringW
GetMenuState
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextW
SetWindowContextHelpId
GetMenuDefaultItem
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
SetMenuItemInfoW
EmptyClipboard
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
IsWindow
GetMenuBarInfo

gdi32

Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExW
Rectangle
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
CreateDCW
CopyMetaFileW
DeleteDC
GetObjectW
SelectObject
DeleteObject
CreateSolidBrush
CreateCompatibleDC
CombineRgn
GetDeviceCaps
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
GetJobW
ClosePrinter

advapi32

SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegCloseKey

shell32

SHAddToRecentDocs
ExtractIconW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHGetMalloc
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW
PathStripToRootW

uxtheme

IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeSysColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetThemePartSize

ole32

CoRegisterMessageFilter
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
OleQueryCreateFromData
OleQueryLinkFromData
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
CoRevokeClassObject
CoRegisterClassObject
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
OleLoad
OleSave
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleRun
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
OleCreateLinkToFileEx
OleCreateLinkFromData
StringFromCLSID
CoUninitialize
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc

oleaut32

SysFreeString
SysAllocStringLen
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SysStringByteLen
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
OleCreateFontIndirect
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocStringByteLen
VariantInit
VariantClear
SafeArrayGetElement
LoadRegTypeLi
RegisterTypeLi
SafeArrayRedim
SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SysAllocString
VariantChangeType
VarBstrFromCy
SafeArrayGetDim
LoadTypeLi

oledlg

OleUIBusyW

secur32

SetCredentialsAttributesW
RevertSecurityContext
ImpersonateSecurityContext
AddCredentialsW
SaslGetContextOption
SaslIdentifyPackageA
InitSecurityInterfaceA
InitSecurityInterfaceW
InitializeSecurityContextA

imm32

ImmGetCompositionStringW
ImmGetCandidateListCountW
ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
ImmInstallIMEW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 806KB - Virtual size: 805KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc593b36108a3982c2e9d6f48a434fb6

Code Sign

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

e9:cd:56:87:cf:44:86:cf:74:3b:9e:d3:26:9b:45:8b:dd:6e:40:68:d1:1c:66:f4:9f:ca:b8:59:b6:5d:85:d2Signer

a7:72:8f:2f:87:66:6f:1f:34:c4:e7:81:5a:d1:37:1f:c5:5b:f1:69Signer

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

secur32

imm32

gdiplus

oleacc

winmm

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 806KB - Virtual size: 805KB

.data Size: 35KB - Virtual size: 123KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

82:58:29:09:62:3b:2c:ae:1e:7f:91:d3:aa:4a:78:57
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

e9:cd:56:87:cf:44:86:cf:74:3b:9e:d3:26:9b:45:8b:dd:6e:40:68:d1:1c:66:f4:9f:ca:b8:59:b6:5d:85:d2
Signer

a7:72:8f:2f:87:66:6f:1f:34:c4:e7:81:5a:d1:37:1f:c5:5b:f1:69
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 806KB - Virtual size: 805KB

.data
Size: 35KB - Virtual size: 123KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB