11a2c1e8b1d3a1b71adff9a0a39c408cf4d7c3aed5c6b35f2e1174b8fe2065dd

Sharing

Copy URL Twitter E-mail

General

Target

11a2c1e8b1d3a1b71adff9a0a39c408cf4d7c3aed5c6b35f2e1174b8fe2065dd
Size

14.8MB
MD5

a44e06b8b670dfd97a9474fbd1514683
SHA1

10d491cfcbcb37d7b08262b74e11b2b7bb3870a3
SHA256

11a2c1e8b1d3a1b71adff9a0a39c408cf4d7c3aed5c6b35f2e1174b8fe2065dd
SHA512

05974547be73510071044ce36c058cc80f0aa9ea4d36332c61caa719a8de720d7d3f598c26a72996af87b537e3b2869819850fa86f62282422796701c2183c26
SSDEEP

393216:tQt1eBzdfwHmX2Z+Ful2K1CZ42PRzeHNsUQfT3fa:tQeztMBZrl3AzetslfDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/webp converter 1.2/sk4d.dll

Files

11a2c1e8b1d3a1b71adff9a0a39c408cf4d7c3aed5c6b35f2e1174b8fe2065dd
.rar
webp converter 1.2/imagemagick/magick.exe
.exe windows:6 windows x86 arch:x86

8d7061e9b00d4dfb5a2c11b015148d6b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:24:b6:4c:66:e5:e9:e4:77:56:08:ac:4c:4a:41:3d
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

27/10/2022, 00:00

Not After

27/10/2023, 23:59

Subject

CN=ImageMagick Studio LLC,O=ImageMagick Studio LLC,ST=Pennsylvania,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:f2:39:d3:f2:5e:5a:47:11:70:e1:85:2b:b3:e3:4a:53:97:ed:5e:55:4c:d0:88:7a:52:6c:0e:f9:fc:a4:20
Signer

Actual PE Digest

4b:f2:39:d3:f2:5e:5a:47:11:70:e1:85:2b:b3:e3:4a:53:97:ed:5e:55:4c:d0:88:7a:52:6c:0e:f9:fc:a4:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetExitCodeProcess
CreateProcessA
GlobalMemoryStatusEx
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetVersionExA
MapViewOfFile
UnmapViewOfFile
FreeLibrary
FreeResource
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryExW
LoadResource
LockResource
SizeofResource
LocalFree
FormatMessageA
CreateFileMappingA
GetStartupInfoA
FindResourceA
SystemTimeToFileTime
GetCurrentThreadId
OutputDebugStringA
LoadLibraryA
GetLogicalDrives
CreateThread
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
CreatePipe
SetEnvironmentVariableA
CreateFileW
SetFileTime
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetFileType
GetConsoleMode
GetProcessTimes
SetFilePointerEx
SetConsoleCtrlHandler
WriteFile
GetConsoleOutputCP
GetFileAttributesExW
GetDriveTypeW
GetFullPathNameW
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetStdHandle
GetTimeZoneInformation
DeleteFileW
DuplicateHandle
FlushFileBuffers
MoveFileExW
GetStdHandle
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
GetCPInfo
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetFileSizeEx
DecodePointer
HeapReAlloc
HeapSize
GetCurrentDirectoryW
CreateDirectoryW
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
WriteConsoleW
SetErrorMode
GetLastError
SetHandleInformation
CloseHandle
SetEndOfFile
ReadFile
FindNextFileW
FindFirstFileW
FindClose
WideCharToMultiByte
Sleep
MultiByteToWideChar
GetShortPathNameW
WaitForSingleObject
QueryPerformanceFrequency
QueryPerformanceCounter
ReadConsoleW
PeekNamedPipe
GetDiskFreeSpaceExW
GetVolumeInformationW
GetVolumePathNameW
GetSystemDirectoryA
GetLongPathNameW
ReadDirectoryChangesW
GetDriveTypeA
SetUnhandledExceptionFilter
SignalObjectAndWait
GetTempPathA
GetTempFileNameA
GetPhysicallyInstalledSystemMemory
SetConsoleOutputCP
GlobalFree
CompareStringEx
SleepConditionVariableCS
LCMapStringEx
GetLocaleInfoEx
InitializeCriticalSection
ReleaseMutex
CreateMutexA
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
SetThreadPriority
GetThreadPriority
ResumeThread
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetFileInformationByHandleEx
SetConsoleMode
DebugBreak
GetSystemDirectoryW
GetWindowsDirectoryW
CreateEventA
GetVersion
LoadLibraryW
FormatMessageW
GetLocaleInfoA
GetThreadLocale
IsDBCSLeadByteEx
GetFileAttributesW
SetEvent
ResetEvent
ReadConsoleInputA
PeekConsoleInputA
DeviceIoControl
WaitForSingleObjectEx
WaitForMultipleObjectsEx
CreateEventW
WaitForMultipleObjects
GetExitCodeThread
ReleaseSemaphore
CreateSemaphoreA
SetFileAttributesW
GetTickCount
GetFileTime
ExitThread
FreeLibraryAndExitThread
RemoveDirectoryW
GetNumberOfConsoleInputEvents
SwitchToThread
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
InitializeCriticalSectionEx

vcomp140

_vcomp_set_num_threads
omp_init_lock
omp_set_lock
omp_unset_lock
_vcomp_flush
omp_get_max_threads
_vcomp_fork
_vcomp_for_static_simple_init
_vcomp_for_static_end
_vcomp_atomic_add_i8
omp_set_nested
omp_destroy_lock
omp_get_thread_num
_vcomp_enter_critsect
_vcomp_leave_critsect
_vcomp_barrier
_vcomp_single_begin
_vcomp_single_end
_vcomp_for_dynamic_init
_vcomp_for_dynamic_next
_vcomp_for_static_init

ws2_32

WSAGetLastError
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSASetEvent
ntohs
htons
htonl
ntohl
recv
send
setsockopt
WSASetLastError
getservbyport
gethostbyname
gethostbyaddr
inet_ntoa
inet_addr
inet_ntop
ioctlsocket
inet_pton
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
socket
getservbyname
connect
closesocket
bind
accept
listen

gdiplus

GdipGetImageHorizontalResolution
GdipDrawImageRectI
GdipGraphicsClear
GdipSetInterpolationMode
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipGetImageVerticalResolution
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetTextRenderingHint

urlmon

URLDownloadToFileA

user32

MsgWaitForMultipleObjectsEx
MessageBoxA
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
EnumDisplayDevicesA
FillRect
ReleaseDC
GetDC
SystemParametersInfoA
PeekMessageA
PostMessageA

gdi32

SelectObject
GetGlyphOutlineW
GetFontData
GetCharWidth32A
CreateDIBSection
GetDeviceCaps
GetGlyphOutlineA
EnumFontFamiliesExW
StretchDIBits
CreateSolidBrush
GdiFlush
GetWorldTransform
ExtSelectClipRgn
SelectClipRgn
IntersectClipRect
GetGraphicsMode
GetClipRgn
GetClipBox
ExtCreateRegion
CreateRectRgn
CreateCompatibleBitmap
ExtTextOutW
ModifyWorldTransform
SetWorldTransform
GetTextMetricsA
SetTextAlign
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
BitBlt
GetOutlineTextMetricsA
GetFontUnicodeRanges
GetGlyphIndicesW
RestoreDC
SaveDC
SetBkMode
SetGraphicsMode
SetMapMode
SetTextColor
CreateFontIndirectW

advapi32

CryptGenRandom
RegOpenKeyExW
RegSetValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
RegCreateKeyExW
LookupAccountSidW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetFileSecurityW
RegEnumKeyExW
RegLoadMUIStringW
GetSecurityInfo
RegGetValueW
RegEnumValueW
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
GetUserNameW

bcrypt

BCryptFinishHash
BCryptDestroyHash
BCryptGenRandom
BCryptHashData
BCryptCreateHash
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGetProperty
BCryptDeriveKeyPBKDF2

shell32

SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

ole32

CoGetObjectContext
CoGetApartmentType
CoTaskMemFree

dnsapi

DnsFree
DnsQuery_A

iphlpapi

NotifyRouteChange2
GetIpForwardTable2
CancelMibChangeNotify2

Sections

.text
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webp converter 1.2/sk4d.dll
.dll windows:6 windows x86 arch:x86

07f32d8ab79b9482618710670d853c9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateGuid
CoCreateInstance

fontsub

CreateFontPackage

user32

SystemParametersInfoW

opengl32

wglGetCurrentContext
wglGetProcAddress

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateSemaphoreA
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableCS
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

gr4d_backendrendertarget_create_gl
gr4d_backendrendertarget_create_mtl
gr4d_backendrendertarget_create_vk
gr4d_backendrendertarget_destroy
gr4d_backendrendertarget_get_backend_api
gr4d_backendrendertarget_get_height
gr4d_backendrendertarget_get_sample_count
gr4d_backendrendertarget_get_stencil_bits
gr4d_backendrendertarget_get_width
gr4d_backendrendertarget_is_valid
gr4d_backendsemaphore_create
gr4d_backendsemaphore_destroy
gr4d_backendsemaphore_init_vulkan
gr4d_backendsurfacemutablestate_create
gr4d_backendsurfacemutablestate_destroy
gr4d_backendtexture_create_gl
gr4d_backendtexture_create_mtl
gr4d_backendtexture_create_vk
gr4d_backendtexture_destroy
gr4d_backendtexture_get_backend_api
gr4d_backendtexture_get_gl_framebuffer_info
gr4d_backendtexture_get_height
gr4d_backendtexture_get_width
gr4d_backendtexture_has_mipmaps
gr4d_backendtexture_is_valid
gr4d_directcontext_abandon_context
gr4d_directcontext_dump_memory_statistics
gr4d_directcontext_flush
gr4d_directcontext_flush_and_submit
gr4d_directcontext_free_gpu_resources
gr4d_directcontext_get_backend_api
gr4d_directcontext_get_max_surface_sample_count_for_color_type
gr4d_directcontext_get_resource_cache_limit
gr4d_directcontext_get_resource_cache_usage
gr4d_directcontext_is_abandoned
gr4d_directcontext_make_gl
gr4d_directcontext_make_metal
gr4d_directcontext_make_vulkan
gr4d_directcontext_perform_deferred_cleanup
gr4d_directcontext_purge_unlocked_resources
gr4d_directcontext_purge_unlocked_resources2
gr4d_directcontext_release_resources_and_abandon_context
gr4d_directcontext_reset_context
gr4d_directcontext_set_resource_cache_limit
gr4d_directcontext_submit
gr4d_gl_interface_has_extension
gr4d_gl_interface_make_assembled
gr4d_gl_interface_make_assembled_gl
gr4d_gl_interface_make_assembled_gles
gr4d_gl_interface_make_assembled_webgl
gr4d_gl_interface_make_native
gr4d_gl_interface_validate
gr4d_persistentcachebaseclass_create
gr4d_persistentcachebaseclass_destroy
gr4d_persistentcachebaseclass_set_procs
gr4d_shadererrorhandlerbaseclass_create
gr4d_shadererrorhandlerbaseclass_destroy
gr4d_shadererrorhandlerbaseclass_set_procs
gr4d_vk_extensions_create
gr4d_vk_extensions_destroy
gr4d_vk_extensions_has_extension
gr4d_vk_extensions_init
sk4d_animatedwebpencoder_encode_to_file
sk4d_animatedwebpencoder_encode_to_stream
sk4d_animcodecplayer_destroy
sk4d_animcodecplayer_get_dimensions
sk4d_animcodecplayer_get_duration
sk4d_animcodecplayer_get_frame
sk4d_animcodecplayer_make_from_file
sk4d_animcodecplayer_make_from_stream
sk4d_animcodecplayer_seek
sk4d_blender_make_arithmetic
sk4d_blender_make_mode
sk4d_canvas_clear
sk4d_canvas_clear2
sk4d_canvas_clip_path
sk4d_canvas_clip_rect
sk4d_canvas_clip_region
sk4d_canvas_clip_rrect
sk4d_canvas_clip_shader
sk4d_canvas_concat
sk4d_canvas_concat2
sk4d_canvas_destroy
sk4d_canvas_discard
sk4d_canvas_draw_annotation
sk4d_canvas_draw_arc
sk4d_canvas_draw_atlas
sk4d_canvas_draw_circle
sk4d_canvas_draw_color
sk4d_canvas_draw_color2
sk4d_canvas_draw_glyphs
sk4d_canvas_draw_glyphs2
sk4d_canvas_draw_image
sk4d_canvas_draw_image_lattice
sk4d_canvas_draw_image_nine
sk4d_canvas_draw_image_rect
sk4d_canvas_draw_line
sk4d_canvas_draw_oval
sk4d_canvas_draw_paint
sk4d_canvas_draw_patch
sk4d_canvas_draw_path
sk4d_canvas_draw_picture
sk4d_canvas_draw_point
sk4d_canvas_draw_points
sk4d_canvas_draw_rect
sk4d_canvas_draw_region
sk4d_canvas_draw_rrect
sk4d_canvas_draw_rrect2
sk4d_canvas_draw_rrect_difference
sk4d_canvas_draw_simple_text
sk4d_canvas_draw_text_blob
sk4d_canvas_draw_vertices
sk4d_canvas_get_base_props
sk4d_canvas_get_device_clip_bounds
sk4d_canvas_get_local_clip_bounds
sk4d_canvas_get_local_to_device
sk4d_canvas_get_local_to_device_as_3x3
sk4d_canvas_get_save_count
sk4d_canvas_get_top_props
sk4d_canvas_make_surface
sk4d_canvas_quick_reject
sk4d_canvas_quick_reject2
sk4d_canvas_reset_matrix
sk4d_canvas_restore
sk4d_canvas_restore_to_count
sk4d_canvas_rotate
sk4d_canvas_rotate2
sk4d_canvas_save
sk4d_canvas_save_layer
sk4d_canvas_save_layer_alpha
sk4d_canvas_scale
sk4d_canvas_set_matrix
sk4d_canvas_set_matrix2
sk4d_canvas_skew
sk4d_canvas_translate
sk4d_codec_destroy
sk4d_codec_get_dimensions
sk4d_codec_get_encoded_image_format
sk4d_codec_get_image
sk4d_codec_get_pixels
sk4d_codec_make_from_file
sk4d_codec_make_from_stream
sk4d_codec_make_with_copy
sk4d_codec_make_without_copy
sk4d_colorfilter_make_blend
sk4d_colorfilter_make_blend2
sk4d_colorfilter_make_compose
sk4d_colorfilter_make_high_contrast
sk4d_colorfilter_make_hsla_matrix
sk4d_colorfilter_make_lighting
sk4d_colorfilter_make_linear_to_srgb_gamma
sk4d_colorfilter_make_luma_color
sk4d_colorfilter_make_matrix
sk4d_colorfilter_make_overdraw
sk4d_colorfilter_make_table
sk4d_colorspace_gamma_close_to_srgb
sk4d_colorspace_gamma_is_linear
sk4d_colorspace_is_equal
sk4d_colorspace_is_numerical_transfer_fn
sk4d_colorspace_is_srgb
sk4d_colorspace_make
sk4d_colorspace_make_linear_gamma
sk4d_colorspace_make_rgb
sk4d_colorspace_make_srgb
sk4d_colorspace_make_srgb_gamma
sk4d_colorspace_make_srgb_linear
sk4d_colorspace_ref
sk4d_colorspace_to_profile
sk4d_colorspace_to_xyz
sk4d_colorspace_unref
sk4d_colorspaceiccprofile_destroy
sk4d_colorspaceiccprofile_get_buffer
sk4d_colorspaceiccprofile_make_with_parse
sk4d_colorspaceiccprofile_to_xyz
sk4d_colorspaceprimaries_to_xyz
sk4d_colorspacetransferfn_invert
sk4d_colorspacetransferfn_transform
sk4d_data_make_empty
sk4d_data_make_with_copy
sk4d_data_ref
sk4d_data_unref
sk4d_document_begin_page
sk4d_document_close
sk4d_document_end_page
sk4d_document_make_pdf
sk4d_document_make_pdf2
sk4d_document_make_xps
sk4d_document_terminate
sk4d_font_create
sk4d_font_create2
sk4d_font_destroy
sk4d_font_get_baseline_snap
sk4d_font_get_edging
sk4d_font_get_embedded_bitmaps
sk4d_font_get_embolden
sk4d_font_get_force_auto_hinting
sk4d_font_get_glyphs
sk4d_font_get_glyphs_count
sk4d_font_get_hinting
sk4d_font_get_horizontal_positions
sk4d_font_get_intercepts
sk4d_font_get_linear_metrics
sk4d_font_get_metrics
sk4d_font_get_path
sk4d_font_get_paths
sk4d_font_get_positions
sk4d_font_get_scale_x
sk4d_font_get_size
sk4d_font_get_skew_x
sk4d_font_get_subpixel
sk4d_font_get_typeface
sk4d_font_get_typeface_or_default
sk4d_font_get_widths_bounds
sk4d_font_is_equal
sk4d_font_measure_text
sk4d_font_set_baseline_snap
sk4d_font_set_edging
sk4d_font_set_embedded_bitmaps
sk4d_font_set_embolden
sk4d_font_set_force_auto_hinting
sk4d_font_set_hinting
sk4d_font_set_linear_metrics
sk4d_font_set_scale_x
sk4d_font_set_size
sk4d_font_set_skew_x
sk4d_font_set_subpixel
sk4d_font_set_typeface
sk4d_font_unichar_to_glyph
sk4d_font_unichars_to_glyphs
sk4d_graphics_allow_jit
sk4d_graphics_dump_memory_statistics
sk4d_graphics_get_font_cache_count_limit
sk4d_graphics_get_font_cache_count_used
sk4d_graphics_get_font_cache_limit
sk4d_graphics_get_font_cache_used
sk4d_graphics_get_resource_cache_single_allocation_byte_limit
sk4d_graphics_get_resource_cache_total_byte_limit
sk4d_graphics_get_resource_cache_total_bytes_used
sk4d_graphics_init
sk4d_graphics_purge_all_caches
sk4d_graphics_purge_font_cache
sk4d_graphics_purge_resource_cache
sk4d_graphics_set_font_cache_count_limit
sk4d_graphics_set_font_cache_limit
sk4d_graphics_set_resource_cache_single_allocation_byte_limit
sk4d_graphics_set_resource_cache_total_byte_limit
sk4d_image_encode_to_file
sk4d_image_encode_to_stream
sk4d_image_get_alpha_type
sk4d_image_get_color_space
sk4d_image_get_color_type
sk4d_image_get_height
sk4d_image_get_image_info
sk4d_image_get_unique_id
sk4d_image_get_width
sk4d_image_is_lazy_generated
sk4d_image_is_texture_backed
sk4d_image_is_valid
sk4d_image_make_cross_context
sk4d_image_make_from_adopted_texture
sk4d_image_make_from_encoded_file
sk4d_image_make_from_encoded_stream
sk4d_image_make_from_picture
sk4d_image_make_from_raster
sk4d_image_make_from_texture
sk4d_image_make_non_texture_image
sk4d_image_make_raster_copy
sk4d_image_make_raster_image
sk4d_image_make_raw_shader
sk4d_image_make_shader
sk4d_image_make_subset
sk4d_image_make_texture_image
sk4d_image_make_with_filter
sk4d_image_peek_pixels
sk4d_image_read_pixels
sk4d_image_scale_pixels
sk4d_imageencoder_encode_to_file
sk4d_imageencoder_encode_to_stream
sk4d_imagefilter_can_compute_fast_bounds
sk4d_imagefilter_compute_fast_bounds
sk4d_imagefilter_make_alpha_threshold
sk4d_imagefilter_make_arithmetic
sk4d_imagefilter_make_blend
sk4d_imagefilter_make_blur
sk4d_imagefilter_make_colorfilter
sk4d_imagefilter_make_compose
sk4d_imagefilter_make_dilate
sk4d_imagefilter_make_displacement_map
sk4d_imagefilter_make_distant_lit_diffuse
sk4d_imagefilter_make_distant_lit_specular
sk4d_imagefilter_make_drop_shadow
sk4d_imagefilter_make_drop_shadow_only
sk4d_imagefilter_make_erode
sk4d_imagefilter_make_image
sk4d_imagefilter_make_magnifier
sk4d_imagefilter_make_matrix_convolution
sk4d_imagefilter_make_matrix_transform
sk4d_imagefilter_make_merge
sk4d_imagefilter_make_offset
sk4d_imagefilter_make_picture
sk4d_imagefilter_make_point_lit_diffuse
sk4d_imagefilter_make_point_lit_specular
sk4d_imagefilter_make_shader
sk4d_imagefilter_make_spot_lit_diffuse
sk4d_imagefilter_make_spot_lit_specular
sk4d_imagefilter_make_tile
sk4d_imagefilter_make_with_local_matrix
sk4d_maskfilter_make_blur
sk4d_maskfilter_make_shader
sk4d_maskfilter_make_table
sk4d_maskfilter_make_table_clip
sk4d_maskfilter_make_table_gamma
sk4d_opbuilder_add
sk4d_opbuilder_create
sk4d_opbuilder_destroy
sk4d_opbuilder_detach
sk4d_paint_create
sk4d_paint_create2
sk4d_paint_destroy
sk4d_paint_get_alpha
sk4d_paint_get_alphaf
sk4d_paint_get_anti_alias
sk4d_paint_get_blender
sk4d_paint_get_color
sk4d_paint_get_color_filter
sk4d_paint_get_colorf
sk4d_paint_get_dither
sk4d_paint_get_fill_path
sk4d_paint_get_image_filter
sk4d_paint_get_mask_filter
sk4d_paint_get_path_effect
sk4d_paint_get_shader
sk4d_paint_get_stroke_cap
sk4d_paint_get_stroke_join
sk4d_paint_get_stroke_miter
sk4d_paint_get_stroke_width
sk4d_paint_get_style
sk4d_paint_reset
sk4d_paint_set_alpha
sk4d_paint_set_alphaf
sk4d_paint_set_antialias
sk4d_paint_set_argb
sk4d_paint_set_blender
sk4d_paint_set_color
sk4d_paint_set_color_filter
sk4d_paint_set_colorf
sk4d_paint_set_dither
sk4d_paint_set_image_filter
sk4d_paint_set_mask_filter
sk4d_paint_set_path_effect
sk4d_paint_set_shader
sk4d_paint_set_stroke_cap
sk4d_paint_set_stroke_join
sk4d_paint_set_stroke_miter
sk4d_paint_set_stroke_width
sk4d_paint_set_style
sk4d_paragraph_destroy
sk4d_paragraph_did_exceed_max_lines
sk4d_paragraph_get_alphabetic_baseline
sk4d_paragraph_get_glyph_position_at_coordinate
sk4d_paragraph_get_height
sk4d_paragraph_get_ideographic_baseline
sk4d_paragraph_get_line_metrics
sk4d_paragraph_get_longest_line
sk4d_paragraph_get_max_intrinsic_width
sk4d_paragraph_get_max_width
sk4d_paragraph_get_min_intrinsic_width
sk4d_paragraph_get_rects_for_placeholders
sk4d_paragraph_get_rects_for_range
sk4d_paragraph_get_word_boundary
sk4d_paragraph_layout
sk4d_paragraph_paint
sk4d_paragraph_to_path
sk4d_paragraph_visit
sk4d_paragraphbuilder_add_placeholder
sk4d_paragraphbuilder_add_text
sk4d_paragraphbuilder_build
sk4d_paragraphbuilder_create
sk4d_paragraphbuilder_create2
sk4d_paragraphbuilder_destroy
sk4d_paragraphbuilder_pop
sk4d_paragraphbuilder_push_style
sk4d_paragraphstyle_create
sk4d_paragraphstyle_destroy
sk4d_paragraphstyle_disable_hinting
sk4d_paragraphstyle_get_ellipsis
sk4d_paragraphstyle_get_height
sk4d_paragraphstyle_get_max_lines
sk4d_paragraphstyle_get_strut_style
sk4d_paragraphstyle_get_text_align
sk4d_paragraphstyle_get_text_direction
sk4d_paragraphstyle_get_text_height_behaviors
sk4d_paragraphstyle_get_text_style
sk4d_paragraphstyle_set_ellipsis
sk4d_paragraphstyle_set_height
sk4d_paragraphstyle_set_max_lines
sk4d_paragraphstyle_set_strut_style
sk4d_paragraphstyle_set_text_align
sk4d_paragraphstyle_set_text_direction
sk4d_paragraphstyle_set_text_height_behaviors
sk4d_paragraphstyle_set_text_style
sk4d_particleeffect_get_position
sk4d_particleeffect_get_rate
sk4d_particleeffect_get_uniform
sk4d_particleeffect_get_uniform_count
sk4d_particleeffect_get_uniform_data
sk4d_particleeffect_get_uniform_data_count
sk4d_particleeffect_get_uniform_name
sk4d_particleeffect_init
sk4d_particleeffect_make_from_file
sk4d_particleeffect_make_from_stream
sk4d_particleeffect_render
sk4d_particleeffect_set_position
sk4d_particleeffect_set_rate
sk4d_particleeffect_set_uniform
sk4d_particleeffect_start
sk4d_particleeffect_update
sk4d_path_contains
sk4d_path_convert_conic_to_quads
sk4d_path_create
sk4d_path_create2
sk4d_path_destroy
sk4d_path_get_bounds
sk4d_path_get_fill_type
sk4d_path_get_last_point
sk4d_path_get_segment_masks
sk4d_path_get_tight_bounds
sk4d_path_interpolate
sk4d_path_is_convex
sk4d_path_is_empty
sk4d_path_is_finite
sk4d_path_is_interpolatable
sk4d_path_is_last_contour_closed
sk4d_path_is_line
sk4d_path_is_oval
sk4d_path_is_rect
sk4d_path_is_rrect
sk4d_path_op
sk4d_path_serialize_to_stream
sk4d_path_to_svg
sk4d_path_transform
sk4d_pathbuilder_add_arc
sk4d_pathbuilder_add_circle
sk4d_pathbuilder_add_oval
sk4d_pathbuilder_add_path
sk4d_pathbuilder_add_polygon
sk4d_pathbuilder_add_rect
sk4d_pathbuilder_add_rrect
sk4d_pathbuilder_arc_to
sk4d_pathbuilder_arc_to2
sk4d_pathbuilder_arc_to3
sk4d_pathbuilder_close
sk4d_pathbuilder_conic_to
sk4d_pathbuilder_create
sk4d_pathbuilder_create2
sk4d_pathbuilder_cubic_to
sk4d_pathbuilder_destroy
sk4d_pathbuilder_detach
sk4d_pathbuilder_get_bounds
sk4d_pathbuilder_get_fill_type
sk4d_pathbuilder_inc_reserve
sk4d_pathbuilder_line_to
sk4d_pathbuilder_move_to
sk4d_pathbuilder_offset
sk4d_pathbuilder_polyline_to
sk4d_pathbuilder_quad_to
sk4d_pathbuilder_r_conic_to
sk4d_pathbuilder_r_cubic_to
sk4d_pathbuilder_r_line_to
sk4d_pathbuilder_r_quad_to
sk4d_pathbuilder_reset
sk4d_pathbuilder_set_filltype
sk4d_pathbuilder_snapshot
sk4d_pathbuilder_toggle_inverse_filltype
sk4d_patheffect_make_1dpath
sk4d_patheffect_make_2dline
sk4d_patheffect_make_2dpath
sk4d_patheffect_make_compose
sk4d_patheffect_make_corner
sk4d_patheffect_make_dash
sk4d_patheffect_make_discrete
sk4d_patheffect_make_matrix
sk4d_patheffect_make_merge
sk4d_patheffect_make_stroke
sk4d_patheffect_make_stroke_and_fill
sk4d_patheffect_make_sum
sk4d_patheffect_make_translate
sk4d_patheffect_make_trim
sk4d_pathiterator_create
sk4d_pathiterator_destroy
sk4d_pathiterator_next
sk4d_pathmeasure_create
sk4d_pathmeasure_destroy
sk4d_pathmeasure_get_length
sk4d_pathmeasure_get_matrix
sk4d_pathmeasure_get_position_and_tangent
sk4d_pathmeasure_get_segment
sk4d_pathmeasure_is_closed
sk4d_pathmeasure_next_contour
sk4d_picture_approximate_bytes_used

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 334B

.reloc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webp converter 1.2/webpconverter.exe
.exe windows:5 windows x86 arch:x86

abc423002db00056ebf52caa3157b306

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

25/08/2022, 00:00

Not After

25/08/2023, 23:59

Subject

CN=FATİH RAMAZAN ÇIKAN,O=FATİH RAMAZAN ÇIKAN,ST=Isparta,C=TR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:62:20:5e:e0:f9:57:9e:c6:66:f9:7a:a9:ea:14:4d:6a:f2:2a:65:6d:25:49:42:b1:73:86:76:90:2e:a9:02
Signer

Actual PE Digest

5c:62:20:5e:e0:f9:57:9e:c6:66:f9:7a:a9:ea:14:4d:6a:f2:2a:65:6d:25:49:42:b1:73:86:76:90:2e:a9:02

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

sndPlaySoundW
timeGetTime

oleacc

LresultFromObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW

comdlg32

GetOpenFileNameW

comctl32

ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage

shell32

SHBrowseForFolderW
DragFinish
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW

user32

CopyImage
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
GetDlgCtrlID
FrameRect
RegisterWindowMessageW
GetMenuStringW
FillRect
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
UnhookWindowsHookEx
SetCapture
GetCapture
ShowCaret
CreatePopupMenu
GetMenuItemID
CharLowerBuffW
PostMessageW
SetWindowLongW
IsZoomed
SetParent
DrawMenuBar
GetClientRect
IsChild
IsIconic
CallNextHookEx
ShowWindow
GetWindowTextW
SetForegroundWindow
GetAsyncKeyState
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
GetClassLongW
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
SetClassLongW
RemovePropW
GetSubMenu
DestroyIcon
IsWindowVisible
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
NotifyWinEvent
LoadStringW
CreateMenu
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DrawTextExW
EnumClipboardFormats
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
GetClassNameW
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
IsCharAlphaW
GetCursor
KillTimer
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
CreateWindowExW
ChildWindowFromPoint
GetDCEx
PeekMessageW
MonitorFromWindow
GetUpdateRect
AnimateWindow
SetTimer
WindowFromPoint
DrawStateW
BeginPaint
RegisterClipboardFormatW
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
DrawFocusRect
ReleaseCapture
LoadCursorW
ScrollWindow
GetLastActivePopup
GetSystemMetrics
CharUpperBuffW
SetClipboardData
GetClipboardData
ClientToScreen
SetWindowPlacement
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetParent
MonitorFromRect
InsertMenuItemW
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
SetKeyboardState
GetKeyboardState
ScreenToClient
DrawFrameControl
IsCharAlphaNumericW
SetCursor
CreateIcon
RemoveMenu
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CountClipboardFormats
CallWindowProcW
CloseClipboard
DestroyCursor
CopyIcon
PostQuitMessage
ShowScrollBar
EnableMenuItem
HideCaret
FindWindowExW
MonitorFromPoint
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowRect
GetWindowLongW
InsertMenuW
IsWindowEnabled
IsDialogMessageA
FindWindowW
GetKeyboardLayout
DeleteMenu

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

GetErrorInfo
SysFreeString
VariantClear
VariantInit
SysReAllocStringLen
SafeArrayCreate
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
VariantChangeType
VariantCopyInd

advapi32

RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegFlushKey
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

isupper
isalpha
isalnum
toupper
memchr
memcmp
memcpy
memset
isprint
isspace
iscntrl
isxdigit
ispunct
isgraph
islower
tolower

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpWriteData
WinHttpSetCredentials
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryOption

kernel32

GetACP
LocalFree
CloseHandle
GetCurrentProcessId
SizeofResource
VirtualProtect
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
ExitProcess
HeapAlloc
GetCPInfoExW
GlobalSize
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
FileTimeToDosDateTime
ReadFile
CreateProcessW
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
CreateThread
CompareStringW
CreateMutexW
LoadLibraryA
ResetEvent
MulDiv
FreeResource
GetVersion
RaiseException
GlobalAddAtomW
FormatMessageW
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetCurrentThread
LoadLibraryExW
LockResource
FileTimeToSystemTime
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
GlobalFindAtomW
VirtualQueryEx
GlobalFree
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GlobalDeleteAtom
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
SetThreadPriority
GlobalLock
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetTempPathW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
GlobalHandle
lstrlenW
QueryPerformanceCounter
SetEndOfFile
lstrcmpW
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
EnumResourceNamesW
DeleteFileW
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
WriteFile
ExitThread
CreatePipe
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
WaitForMultipleObjectsEx
SetThreadLocale
GetThreadLocale

shfolder

SHGetFolderPathW

ole32

IsEqualGUID
OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc

gdi32

Pie
SetBkMode
CreateCompatibleBitmap
GetEnhMetaFileHeader
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
StretchBlt
RoundRect
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
PolyBezierTo
CreateICW
CreateDCW
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
CreatePenIndirect
SetMapMode
CreateFontIndirectW
PolyBezier
EndDoc
GetObjectW
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
Arc
SelectPalette
ExcludeClipRect
MaskBlt
SetWindowOrgEx
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
IntersectClipRect
Polyline
CreateBitmap
SetWinMetaFileBits
GetStretchBltMode
CreateDIBitmap
SetStretchBltMode
GetDIBits
CreateDIBSection
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
SetBkColor
CreateCompatibleDC
GetBrushOrgEx
GetCurrentPositionEx
SetDCPenColor
GetNearestPaletteIndex
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 128KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 92B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 854KB - Virtual size: 854KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d7061e9b00d4dfb5a2c11b015148d6b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

e4:24:b6:4c:66:e5:e9:e4:77:56:08:ac:4c:4a:41:3dCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

4b:f2:39:d3:f2:5e:5a:47:11:70:e1:85:2b:b3:e3:4a:53:97:ed:5e:55:4c:d0:88:7a:52:6c:0e:f9:fc:a4:20Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcomp140

ws2_32

gdiplus

urlmon

user32

gdi32

advapi32

bcrypt

shell32

ole32

dnsapi

iphlpapi

Sections

.text Size: 12.1MB - Virtual size: 12.1MB

.rdata Size: 6.3MB - Virtual size: 6.3MB

.data Size: 360KB - Virtual size: 735KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 409KB - Virtual size: 409KB

07f32d8ab79b9482618710670d853c9a

Headers

DLL Characteristics

File Characteristics

Imports

ole32

fontsub

user32

opengl32

kernel32

Exports

Exports

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 10.7MB - Virtual size: 10.7MB

.data Size: 27KB - Virtual size: 51KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 29B

.voltbl Size: 512B - Virtual size: 334B

.reloc Size: 218KB - Virtual size: 218KB

abc423002db00056ebf52caa3157b306

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

e4:24:b6:4c:66:e5:e9:e4:77:56:08:ac:4c:4a:41:3d
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

4b:f2:39:d3:f2:5e:5a:47:11:70:e1:85:2b:b3:e3:4a:53:97:ed:5e:55:4c:d0:88:7a:52:6c:0e:f9:fc:a4:20
Signer

.text
Size: 12.1MB - Virtual size: 12.1MB

.rdata
Size: 6.3MB - Virtual size: 6.3MB

.data
Size: 360KB - Virtual size: 735KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 409KB - Virtual size: 409KB

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 10.7MB - Virtual size: 10.7MB

.data
Size: 27KB - Virtual size: 51KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 29B

.voltbl
Size: 512B - Virtual size: 334B

.reloc
Size: 218KB - Virtual size: 218KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

5c:62:20:5e:e0:f9:57:9e:c6:66:f9:7a:a9:ea:14:4d:6a:f2:2a:65:6d:25:49:42:b1:73:86:76:90:2e:a9:02
Signer

.text
Size: 4.5MB - Virtual size: 4.5MB

.itext
Size: 11KB - Virtual size: 10KB

.data
Size: 139KB - Virtual size: 139KB

.bss
Size: - Virtual size: 128KB

.idata
Size: 15KB - Virtual size: 14KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 159B

.tls
Size: - Virtual size: 92B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 403KB - Virtual size: 402KB

.rsrc
Size: 854KB - Virtual size: 854KB