AAct_Portable[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

AAct_Portable.zip
Size

3.3MB
MD5

d8389c25609f90ada646e5d2722f71f1
SHA1

4bb0e1ef16a0f2484cb122b270b5a7d940b75178
SHA256

b7ff0521d1297690156d895fae39bfd36433f74d1171728a075326fd739eed12
SHA512

0f32bfee3fb54f3dcad7658b330a3341288cee0cb3cc772b3d04a58d796cd5074b557bc68dcf08ce3804c2698735e030073d7750cd8dff07e4c65cd181ec4e56
SSDEEP

98304:E23bv7dYVUpluC3Zhzr1U+t8CwEcg8tLTnymU3WhdP1RF:E2z7oAbnr1U+qCTcTLIw1RF

Score

1^/10

Malware Config

Signatures

Files

AAct_Portable.zip
.zip
AAct_Portable/AAct.exe
.exe windows:4 windows x86 arch:x86

7f281fee3a02d34717d561950af57936

Code Sign

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9e
Certificate

Issuer

CN=WZTeam

Not Before

02/11/2016, 18:47

Not After

31/12/2039, 23:59

Subject

CN=WZTeam

Extended Key Usages

ExtKeyUsageCodeSigning

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:9b:ef:97:87:8e:6e:86:47:ec:42:10:6d:21:ca:77:4e:15:bd:09:9e:94:52:b1:48:03:66:39:4d:44:23:9c
Signer

Actual PE Digest

c1:9b:ef:97:87:8e:6e:86:47:ec:42:10:6d:21:ca:77:4e:15:bd:09:9e:94:52:b1:48:03:66:39:4d:44:23:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp
memset
log10
memcpy
_wfopen
fseek
fclose
wcslen
wcscpy
memmove
strncmp
isdigit
malloc
free
wcscmp
wcscat
memcmp
_stricmp
sscanf
sprintf
strcpy
strlen
strcat
strncpy
fread
longjmp
_setjmp3
ftell
_wcsdup
_wcsicmp
wcsncmp
wcsncpy
_snwprintf
tolower
floor
gmtime
localtime
mktime
_wcsnicmp
_itow
abs
sqrt
cos
fmod
sin
fabs
ceil
pow
??2@YAPAXI@Z
??3@YAXPAX@Z
wcsstr
frexp
modf
_CIpow
fopen
_errno
strerror
abort
atof
fflush
fwrite
calloc
_close
_setmode
_fdopen
_open
realloc
_vsnwprintf
??1type_info@@UAE@XZ

kernel32

GetCurrentThreadId
GetEnvironmentVariableW
SystemTimeToFileTime
LocalFileTimeToFileTime
FindResourceW
LoadResource
LockResource
SizeofResource
CreateToolhelp32Snapshot
CloseHandle
GetLogicalDriveStringsW
QueryDosDeviceW
FileTimeToLocalFileTime
FileTimeToSystemTime
ExpandEnvironmentStringsW
GetCurrentProcess
GetUserDefaultLangID
GetSystemDefaultLangID
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
GetCurrentProcessId
OpenProcess
GetLastError
FormatMessageW
GetVolumeInformationW
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
CreateProcessW
HeapCreate
CreateSemaphoreW
HeapDestroy
ExitProcess
GetStartupInfoA
GetModuleHandleA
CreateThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVersionExW
LoadLibraryW
DeleteCriticalSection
TerminateThread
Sleep
HeapAlloc
HeapFree
FreeLibrary
GetModuleFileNameW
DuplicateHandle
CreatePipe
GetStdHandle
PeekNamedPipe
GetExitCodeProcess
SetEnvironmentVariableW
GetCommandLineW
ReadFile
HeapReAlloc
CreateFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
SetLastError
GetDriveTypeW
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
GetTempPathW
CopyFileW
SetFileTime
MulDiv
GetLocalTime
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFree
GlobalAlloc
TlsFree
InterlockedCompareExchange
InterlockedExchange
HeapSize
UnregisterWait
GetCurrentThread
RegisterWaitForSingleObject

user32

SendMessageW
OemToCharW
GetSysColor
GetClassNameW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
GetWindowLongW
GetClientRect
FillRect
GetWindow
SetWindowPos
InvalidateRect
GetCursorPos
WindowFromPoint
GetWindowTextW
EnableWindow
IsWindowEnabled
RedrawWindow
SetClassLongW
GetClassLongW
GetWindowRect
OffsetRect
IsRectEmpty
MapWindowPoints
SubtractRect
IsWindow
GetParent
GetDC
ReleaseDC
BeginPaint
EndPaint
DefWindowProcW
GetAsyncKeyState
KillTimer
ScreenToClient
SetTimer
DrawTextW
UpdateWindow
FrameRect
InflateRect
FindWindowW
FindWindowExW
DrawFrameControl
EnumWindows
GetWindowThreadProcessId
GetForegroundWindow
SetCursorPos
LoadIconW
RegisterClassExW
CreateWindowExW
MessageBoxW
DestroyWindow
GetWindowTextLengthW
SetFocus
UnregisterClassW
SystemParametersInfoW
LoadCursorW
GetSystemMetrics
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
IsWindowVisible
SetMenu
DestroyMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
ValidateRect
GetSysColorBrush
SetWindowTextW
RemovePropW
GetPropW
SetPropW
SetScrollPos
GetWindowDC
ShowWindow
GetIconInfo
ReleaseCapture
DrawStateW
SetCapture
SetRect
SetCursor
GetMessagePos
MoveWindow
GetKeyState
ClipCursor
ChildWindowFromPointEx
GetCapture
GetFocus
DrawFocusRect
ClientToScreen
GetScrollPos
EnumPropsExW
RegisterClassW
AdjustWindowRectEx
GetMenu
PeekMessageW
MsgWaitForMultipleObjects
GetActiveWindow
SetActiveWindow
DestroyIcon
IsZoomed
IsIconic
DefFrameProcW
EnumChildWindows
PostMessageW
IsChild
RegisterWindowMessageW
EnumDisplaySettingsW
CopyImage
DrawIconEx
CreateIconFromResourceEx
CreateIconFromResource
CharUpperW
CharLowerW

gdi32

CreateSolidBrush
SelectObject
DeleteDC
DeleteObject
CreatePatternBrush
CreateRoundRectRgn
GetPixel
CreateCompatibleDC
SelectClipRgn
BitBlt
GetStockObject
RoundRect
SetBkMode
SetTextColor
SetDCBrushColor
SetBrushOrgEx
CreateDCW
CreateCompatibleBitmap
CreatePen
CreateFontIndirectW
GetTextExtentPoint32W
SetBkColor
ExcludeClipRect
GetObjectType
GetObjectW
CreateRectRgnIndirect
TextOutW
MoveToEx
LineTo
CreateDIBSection
GdiGetBatchLimit
GdiSetBatchLimit
SetStretchBltMode
StretchBlt
GetDeviceCaps
GetClipRgn
ExtSelectClipRgn
GetDIBits
SetTextAlign
GetTextMetricsW
CreateBitmap
SetPixel
GetObjectA
CreateFontW

advapi32

OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegOpenKeyExW
RegOpenKeyW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
QueryServiceStatus
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
LookupAccountNameW
IsValidSid
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyW

oleaut32

SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetElement

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

ws2_32

WSAStartup
gethostbyname
WSACleanup
socket
inet_addr
htons
bind
ioctlsocket
connect
select
__WSAFDIsSet
closesocket

winmm

timeBeginPeriod

gdiplus

GdiplusStartup
GdipCreateFontFromDC
GdipCreateFromHDC
GdipCreatePath
GdipCreateMatrix
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipAlloc
GdipFree
GdipCloneBrush
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipGetStringFormatFlags
GdipScaleMatrix
GdipSetCompositingMode
GdipSetStringFormatFlags
GdipSetInterpolationMode
GdipSetPageUnit
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipTranslateWorldTransform
GdipDeleteMatrix
GdipTranslateMatrix
GdipStartPathFigure
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHICON
GdipCreateBitmapFromGdiDib
GdipCreateImageAttributes
GdipDisposeImage
GdipDisposeImageAttributes
GdipCloneImage
GdipDrawImageRectRect
GdipGetImageBounds
GdipGetImageHeight
GdipGetImageWidth
GdipImageRotateFlip
GdipSetImageAttributesColorMatrix
GdipVectorTransformMatrixPoints
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeletePen
GdipDeleteStringFormat
GdipGetDpiX
GdipGetDpiY
GdipCreateFontFromLogfontA
GdipCreateFont
GdipDeleteFontFamily
GdipGetFamily
GdipGetFontSize
GdipGetFontStyle
GdipInvertMatrix
GdipMultiplyMatrix
GdipMultiplyWorldTransform
GdipTransformPath
GdipTransformMatrixPoints
GdipSetMatrixElements

imagehlp

MakeSureDirectoryPathExists

uxtheme

SetWindowTheme

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

Sections

.text
Size: 634KB - Virtual size: 634KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AAct_Portable/AAct_x64.exe
.exe windows:5 windows x64 arch:x64

4a3b80a50d6059e15330514bb3cfa3c6

Code Sign

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9e
Certificate

Issuer

CN=WZTeam

Not Before

02/11/2016, 18:47

Not After

31/12/2039, 23:59

Subject

CN=WZTeam

Extended Key Usages

ExtKeyUsageCodeSigning

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9d:36:44:86:d9:f9:08:ee:8e:a0:5d:5f:9e:a8:7f:68:20:88:58:be:a7:04:77:85:dd:3e:9b:5a:3e:15:93:b7
Signer

Actual PE Digest

9d:36:44:86:d9:f9:08:ee:8e:a0:5d:5f:9e:a8:7f:68:20:88:58:be:a7:04:77:85:dd:3e:9b:5a:3e:15:93:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memset
__set_app_type
_fmode
_commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
log10
memcpy
_wfopen
fseek
fclose
wcslen
wcscpy
memcmp
memmove
strncmp
isdigit
malloc
free
wcscmp
wcscat
_stricmp
sscanf
sprintf
strcpy
strlen
strcat
strncpy
fread
longjmp
setjmp
ftell
_wcsdup
_wcsicmp
wcsncmp
wcsncpy
_snwprintf
tolower
floor
_gmtime64
_localtime64
_mktime64
_wcsnicmp
_itow
sqrtf
abs
sinf
cosf
fmodf
fabs
ceil
pow
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
wcsstr
frexp
modf
fopen
_errno
strerror
abort
atof
fflush
fwrite
calloc
_close
_setmode
_fdopen
_open
realloc
_vsnwprintf
??1type_info@@UEAA@XZ
?terminate@@YAXXZ

kernel32

GetCurrentThreadId
GetEnvironmentVariableW
SystemTimeToFileTime
LocalFileTimeToFileTime
FindResourceW
LoadResource
LockResource
SizeofResource
CreateToolhelp32Snapshot
CloseHandle
GetLogicalDriveStringsW
QueryDosDeviceW
FileTimeToLocalFileTime
FileTimeToSystemTime
ExpandEnvironmentStringsW
GetCurrentProcess
GetUserDefaultLangID
GetSystemDefaultLangID
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
GetCurrentProcessId
OpenProcess
GetLastError
FormatMessageW
GetVolumeInformationW
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
CreateProcessW
HeapCreate
CreateSemaphoreW
HeapDestroy
ExitProcess
GetStartupInfoA
CreateThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
DeleteCriticalSection
TerminateThread
HeapAlloc
HeapFree
Sleep
FreeLibrary
GetModuleFileNameW
DuplicateHandle
CreatePipe
GetStdHandle
PeekNamedPipe
GetExitCodeProcess
SetEnvironmentVariableW
GetCommandLineW
ReadFile
HeapReAlloc
CreateFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
GetVersionExW
SetLastError
GetDriveTypeW
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
GetTempPathW
CopyFileW
SetFileTime
MulDiv
GetLocalTime
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFree
GlobalAlloc
HeapSize
TlsFree
UnregisterWait
GetCurrentThread
RegisterWaitForSingleObject

user32

SendMessageW
OemToCharW
GetSysColor
GetClassNameW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetDlgCtrlID
CallWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
FillRect
GetWindow
SetWindowPos
InvalidateRect
GetCursorPos
WindowFromPoint
GetWindowTextW
EnableWindow
IsWindowEnabled
RedrawWindow
SetClassLongPtrW
GetClassLongPtrW
GetWindowRect
OffsetRect
IsRectEmpty
MapWindowPoints
SubtractRect
IsWindow
GetParent
GetDC
ReleaseDC
BeginPaint
EndPaint
DefWindowProcW
GetAsyncKeyState
KillTimer
ScreenToClient
SetTimer
DrawTextW
UpdateWindow
FrameRect
InflateRect
FindWindowW
FindWindowExW
DrawFrameControl
EnumWindows
GetWindowThreadProcessId
GetForegroundWindow
SetCursorPos
LoadIconW
RegisterClassExW
CreateWindowExW
MessageBoxW
GetWindowTextLengthW
DestroyWindow
SetFocus
UnregisterClassW
SystemParametersInfoW
LoadCursorW
GetSystemMetrics
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
IsWindowVisible
SetMenu
DestroyMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
ValidateRect
GetSysColorBrush
SetWindowTextW
RemovePropW
GetPropW
SetPropW
SetScrollPos
GetWindowDC
ShowWindow
GetIconInfo
ReleaseCapture
DrawStateW
SetCapture
SetRect
GetWindowLongW
SetCursor
GetMessagePos
MoveWindow
GetKeyState
ClipCursor
ChildWindowFromPointEx
GetCapture
GetFocus
DrawFocusRect
ClientToScreen
GetScrollPos
EnumPropsExW
RegisterClassW
AdjustWindowRectEx
GetMenu
PeekMessageW
MsgWaitForMultipleObjects
GetActiveWindow
SetActiveWindow
DestroyIcon
IsZoomed
IsIconic
DefFrameProcW
EnumChildWindows
PostMessageW
IsChild
RegisterWindowMessageW
EnumDisplaySettingsW
CopyImage
DrawIconEx
CreateIconFromResourceEx
CreateIconFromResource
CharUpperW
CharLowerW

gdi32

CreateSolidBrush
SelectObject
DeleteDC
DeleteObject
CreatePatternBrush
CreateRoundRectRgn
GetPixel
CreateCompatibleDC
SelectClipRgn
BitBlt
GetStockObject
RoundRect
SetBkMode
SetTextColor
SetDCBrushColor
SetBrushOrgEx
CreateDCW
CreateCompatibleBitmap
CreatePen
CreateFontIndirectW
GetTextExtentPoint32W
SetBkColor
ExcludeClipRect
GetObjectType
GetObjectW
CreateRectRgnIndirect
TextOutW
MoveToEx
LineTo
CreateDIBSection
GdiGetBatchLimit
GdiSetBatchLimit
SetStretchBltMode
StretchBlt
GetDeviceCaps
GetClipRgn
ExtSelectClipRgn
GetDIBits
SetTextAlign
GetTextMetricsW
CreateBitmap
SetPixel
GetObjectA
CreateFontW

advapi32

OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegOpenKeyExW
RegOpenKeyW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
QueryServiceStatus
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
LookupAccountNameW
IsValidSid
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyW

oleaut32

SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetElement

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

ws2_32

WSAStartup
gethostbyname
WSACleanup
socket
inet_addr
htons
bind
ioctlsocket
connect
select
__WSAFDIsSet
closesocket

winmm

timeBeginPeriod

gdiplus

GdiplusStartup
GdipCreateFontFromDC
GdipCreateFromHDC
GdipCreatePath
GdipCreateMatrix
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipAlloc
GdipFree
GdipCloneBrush
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipGetStringFormatFlags
GdipScaleMatrix
GdipSetCompositingMode
GdipSetStringFormatFlags
GdipSetInterpolationMode
GdipSetPageUnit
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipTranslateWorldTransform
GdipDeleteMatrix
GdipTranslateMatrix
GdipStartPathFigure
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHICON
GdipCreateBitmapFromGdiDib
GdipCreateImageAttributes
GdipDisposeImage
GdipDisposeImageAttributes
GdipCloneImage
GdipDrawImageRectRect
GdipGetImageBounds
GdipGetImageHeight
GdipGetImageWidth
GdipImageRotateFlip
GdipSetImageAttributesColorMatrix
GdipVectorTransformMatrixPoints
GdipDeleteFont
GdipDeleteGraphics
GdipDeletePath
GdipDeletePen
GdipDeleteStringFormat
GdipGetDpiX
GdipGetDpiY
GdipCreateFontFromLogfontA
GdipCreateFont
GdipDeleteFontFamily
GdipGetFamily
GdipGetFontSize
GdipGetFontStyle
GdipInvertMatrix
GdipMultiplyMatrix
GdipMultiplyWorldTransform
GdipTransformPath
GdipTransformMatrixPoints
GdipSetMatrixElements

imagehlp

MakeSureDirectoryPathExists

uxtheme

SetWindowTheme

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_Replace
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize

Sections

.text
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
AAct_Portable/readme_en.txt
AAct_Portable/readme_ru.txt

Sharing

General

Malware Config

Signatures

Files

7f281fee3a02d34717d561950af57936

Code Sign

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9eCertificate

Extended Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c1:9b:ef:97:87:8e:6e:86:47:ec:42:10:6d:21:ca:77:4e:15:bd:09:9e:94:52:b1:48:03:66:39:4d:44:23:9cSigner

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shell32

ws2_32

winmm

gdiplus

imagehlp

uxtheme

comctl32

Sections

.text Size: 634KB - Virtual size: 634KB

.rdata Size: 112KB - Virtual size: 112KB

.eh_fram Size: 7KB - Virtual size: 6KB

.data Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 68KB - Virtual size: 68KB

4a3b80a50d6059e15330514bb3cfa3c6

Code Sign

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9eCertificate

Extended Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

9d:36:44:86:d9:f9:08:ee:8e:a0:5d:5f:9e:a8:7f:68:20:88:58:be:a7:04:77:85:dd:3e:9b:5a:3e:15:93:b7Signer

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

oleaut32

ole32

shell32

ws2_32

winmm

gdiplus

imagehlp

uxtheme

comctl32

Sections

.text Size: 744KB - Virtual size: 743KB

.rdata Size: 147KB - Virtual size: 146KB

.pdata Size: 25KB - Virtual size: 24KB

.data Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 68KB - Virtual size: 68KB

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9e
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c1:9b:ef:97:87:8e:6e:86:47:ec:42:10:6d:21:ca:77:4e:15:bd:09:9e:94:52:b1:48:03:66:39:4d:44:23:9c
Signer

.text
Size: 634KB - Virtual size: 634KB

.rdata
Size: 112KB - Virtual size: 112KB

.eh_fram
Size: 7KB - Virtual size: 6KB

.data
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 68KB - Virtual size: 68KB

75:3e:5c:ef:ec:b6:3d:75:b2:cc:6b:83:03:2f:89:9e
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

9d:36:44:86:d9:f9:08:ee:8e:a0:5d:5f:9e:a8:7f:68:20:88:58:be:a7:04:77:85:dd:3e:9b:5a:3e:15:93:b7
Signer

.text
Size: 744KB - Virtual size: 743KB

.rdata
Size: 147KB - Virtual size: 146KB

.pdata
Size: 25KB - Virtual size: 24KB

.data
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 68KB - Virtual size: 68KB