2024-03-10_df2f55dbb9d40cd88b72f7ac72ce07ea_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-10_df2f55dbb9d40cd88b72f7ac72ce07ea_magniber
Size

4.3MB
MD5

df2f55dbb9d40cd88b72f7ac72ce07ea
SHA1

a880a42159e17d8adc56074c2da6946c48c7fbd3
SHA256

b191acc5c4b7ed2c17f8e289d2a43396c1a3ab080e07aed9984bd0d3b6636aae
SHA512

75f956913018186b8485926974aee2d98a69a76d788071ef49c4fac4249f68bb05e3e7272a93b92a7a068007e09485cd705282f5f32eaee558b302aca21f0e68
SSDEEP

98304:X1mys4dXa5djOjF0SuZXmDufmgWi1cN2dMsilhVuC383GO55tNzszOdi24:X1mys4dX6EYSMrUOM/ns3GO55U254

Score

1^/10

Malware Config

Signatures

Files

2024-03-10_df2f55dbb9d40cd88b72f7ac72ce07ea_magniber
.exe windows:6 windows x86 arch:x86

1ca3c7a6081db57da0bf436fe8dd1093

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:0a:a5:ca:09:0c:f7:bb:bd:28:0a:3f:4b:c2:e8:ae
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

20/01/2024, 00:00

Not After

23/01/2026, 23:59

Subject

SERIALNUMBER=L05000120721,CN=Play Buddy\, LLC,O=Play Buddy\, LLC,L=Tampa,ST=Florida,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#1307466c6f72696461,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:60:75:f3:c3:12:70:a7:29:db:d6:b3:1e:36:13:85:f9:bc:52:51:10:91:ff:28:57:87:e5:aa:34:c0:d5:e0
Signer

Actual PE Digest

82:60:75:f3:c3:12:70:a7:29:db:d6:b3:1e:36:13:85:f9:bc:52:51:10:91:ff:28:57:87:e5:aa:34:c0:d5:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Play Buddy\PlayBuddySrc\_Mark Bots\Merge Academy Buddy Pogo\Release\BaseTemplate.pdb

Imports

wininet

DeleteUrlCacheEntry

winmm

sndPlaySoundA
PlaySoundA

register

?ReferABuddy@@YAXXZ
?RequestAFeature@@YAXXZ
?GetRegParams@@YAXPAUSInitParams@@@Z
?SetRegParams@@YAXPAUSInitParams@@@Z
?ShowRegisterDialog@@YAHXZ
?HelpFile@@YAXXZ
?Forum@@YAXXZ
?BugReport@@YAXPADPAUHWND__@@@Z

shlwapi

PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
StrStrIA
PathRemoveFileSpecA
PathFindExtensionA
PathFindFileNameA

urlmon

URLDownloadToFileA

kernel32

QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
CompareStringW
ExitThread
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
OutputDebugStringW
SetStdHandle
GetStdHandle
GetTimeZoneInformation
GetDateFormatW
LCMapStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
lstrcpyA
GetCPInfo
GetOEMCP
VirtualProtect
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GetStringTypeExA
GetThreadLocale
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetACP
InitializeCriticalSection
GlobalFlags
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
CopyFileA
FormatMessageA
LocalFree
GetCurrentProcessId
GlobalAddAtomA
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
FindResourceA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
GlobalSize
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
CreateThread
DeleteFileA
MulDiv
GlobalLock
GlobalUnlock
lstrcatA
GlobalFree
GlobalAlloc
Sleep
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetLastError
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
FreeLibrary
GetWindowsDirectoryA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleA
GetModuleFileNameA
GetTickCount
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
DeleteFileW
WriteConsoleW
FreeLibraryAndExitThread

user32

IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SystemParametersInfoA
InflateRect
CopyRect
GetMenuItemInfoA
DestroyMenu
GetSysColor
UnhookWindowsHookEx
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
MapDialogRect
GetWindow
SetWindowContextHelpId
GetLastActivePopup
GetWindowThreadProcessId
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetKeyState
SetActiveWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
WaitMessage
EnableMenuItem
CheckMenuItem
GetFocus
GetIconInfo
FillRect
UnregisterClassA
EndPaint
BeginPaint
ShowWindow
DestroyWindow
MapVirtualKeyA
RegisterClassA
PostQuitMessage
DefWindowProcA
GetMessageA
UpdateWindow
IntersectRect
GetAsyncKeyState
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MoveWindow
LoadCursorW
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
PeekMessageA
DispatchMessageA
TranslateMessage
SetWindowTextA
wsprintfA
ScreenToClient
GetWindowDC
GetDesktopWindow
SendInput
SetWindowPos
IsWindow
GetClassNameA
EnumWindows
EnumChildWindows
GetWindowTextA
GetForegroundWindow
IsWindowVisible
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CopyIcon
LoadBitmapW
GetParent
GetWindowLongA
TrackMouseEvent
LoadImageW
CreatePopupMenu
GetMenuDefaultItem
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
DrawStateA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
SetRectEmpty
DrawFocusRect
DrawIconEx
EnableScrollBar
OffsetRect
RealChildWindowFromPoint
GetKeyNameTextA
HideCaret
SendMessageA
PostMessageA
IsIconic
GetDlgItem
SetTimer
KillTimer
EnableWindow
GetSystemMetrics
LoadMenuW
GetSubMenu
DrawIcon
SetForegroundWindow
GetDC
ReleaseDC
GetClientRect
GetWindowRect
MessageBoxA
SetCursorPos
SetCursor
GetCursorPos
WindowFromPoint
PtInRect
FindWindowA
LoadBitmapA
LoadCursorA
LoadIconA
LoadIconW
LoadImageA
GetActiveWindow
GetCapture
GetSysColorBrush
GetDialogBaseUnits
CopyImage
DeleteMenu
DestroyIcon
CreateWindowExA
CharUpperA
SetCapture
ReleaseCapture
InvalidateRect
ClientToScreen
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
GetTabbedTextExtentW
GetTabbedTextExtentA
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetDCEx
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageA
UnionRect
FrameRect
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongA
SetMenuItemBitmaps

gdi32

GetTextExtentExPointA
GetPixel
CreateBitmap
SetBkColor
CombineRgn
CreateRectRgn
CreateDIBitmap
CreateFontIndirectA
CreateRectRgnIndirect
GetClipBox
GetDIBits
GetStockObject
RealizePalette
ExtSelectClipRgn
SetDIBitsToDevice
StretchDIBits
CopyMetaFileA
CreateDCA
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
SelectPalette
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
CreateDIBSection
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
PatBlt
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
CreateRoundRectRgn
LPtoDP
GetCharWidthA
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
Rectangle
CreateSolidBrush
Polyline
Polygon
CreatePen
SetBrushOrgEx
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
ExtTextOutA
TextOutA
SetBoundsRect
RectVisible
PtVisible
Escape
DeleteDC
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
BitBlt
GetObjectA
GetDeviceCaps
SetViewportExtEx
DeleteObject
CreateFontA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptSetHashParam
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHAddToRecentDocs
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
ExtractIconA
DragFinish

uxtheme

GetThemeSysColor
GetWindowTheme
CloseThemeData
OpenThemeData
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground

ole32

OleDuplicateData
OleQueryCreateFromData
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleRegEnumVerbs
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
StringFromGUID2
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
GetRunningObjectTable
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleQueryLinkFromData
CoGetMalloc
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
OleIsRunning

oleaut32

VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString
SysStringLen
SafeArrayDestroy
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetDim
VariantInit
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
SafeArrayGetElemsize
SysFreeString

oledlg

ord8

gdiplus

GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageHeight

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 626KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ca3c7a6081db57da0bf436fe8dd1093

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:0a:a5:ca:09:0c:f7:bb:bd:28:0a:3f:4b:c2:e8:aeCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

82:60:75:f3:c3:12:70:a7:29:db:d6:b3:1e:36:13:85:f9:bc:52:51:10:91:ff:28:57:87:e5:aa:34:c0:d5:e0Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

winmm

register

shlwapi

urlmon

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 628KB - Virtual size: 627KB

.data Size: 36KB - Virtual size: 58KB

.rsrc Size: 626KB - Virtual size: 626KB

.reloc Size: 219KB - Virtual size: 219KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:0a:a5:ca:09:0c:f7:bb:bd:28:0a:3f:4b:c2:e8:ae
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

82:60:75:f3:c3:12:70:a7:29:db:d6:b3:1e:36:13:85:f9:bc:52:51:10:91:ff:28:57:87:e5:aa:34:c0:d5:e0
Signer

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 628KB - Virtual size: 627KB

.data
Size: 36KB - Virtual size: 58KB

.rsrc
Size: 626KB - Virtual size: 626KB

.reloc
Size: 219KB - Virtual size: 219KB