2024-05-14_0a3139d43b6e31022ef2740520c76cc7_magniber

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_0a3139d43b6e31022ef2740520c76cc7_magniber
Size

21.4MB
MD5

0a3139d43b6e31022ef2740520c76cc7
SHA1

19d86c82a89ce0769210de9d71a35d5c5ec30160
SHA256

3f7bb302183482ad90ae8213122781c4ba8ff55e33cc110d440ee27f0c27c44d
SHA512

0f7da2f0e1dfc617feb347b65751a6cbca8ecc3faa14c85a6e43554669e9f558072a063eea13eb9f937fb58760f91d589183aeedc3ede8abb89657f0988c4361
SSDEEP

393216:f+eUXx3zWq8tpYzHE694w2ACog8K3rJkEV:fcXx3z4vYzHf4AcD

Score

1^/10

Malware Config

Signatures

Files

2024-05-14_0a3139d43b6e31022ef2740520c76cc7_magniber
.exe windows:6 windows x86 arch:x86

ab5dd79e540ac941352abb9d5f1c9f6c

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:5c:06:08:ea:55:89:ad:7a:a6:4b:c2
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

06/10/2023, 11:45

Not After

06/10/2026, 11:45

Subject

CN=BOOLE SARL,O=BOOLE SARL,L=Champs-sur-Marne,ST=Île-de-France,C=FR,1.2.840.113549.1.9.1=#0c0d696e666f40626f6f6c652e6672

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

07/11/2023, 17:13

Not After

09/12/2034, 17:13

Subject

CN=Globalsign TSA for CodeSign1 - R6 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fc:5c:ae:f1:17:9d:77:a4:47:41:72:58:92:65:c5:74:0a:69:48:76:64:41:45:2a:8b:3a:b3:73:19:94:95:d6
Signer

Actual PE Digest

fc:5c:ae:f1:17:9d:77:a4:47:41:72:58:92:65:c5:74:0a:69:48:76:64:41:45:2a:8b:3a:b3:73:19:94:95:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
IsValidCodePage
ReadConsoleW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
SetFilePointerEx
GetConsoleOutputCP
GetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
SetConsoleCtrlHandler
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
FreeEnvironmentStringsW
LCMapStringEx
TryAcquireSRWLockExclusive
InitOnceComplete
InitOnceBeginInitialize
CreateSymbolicLinkW
GetFileInformationByHandleEx
MoveFileExW
DeviceIoControl
AreFileApisANSI
SetFileInformationByHandle
GetFinalPathNameByHandleW
GetFileInformationByHandle
CreateDirectoryW
GetStringTypeW
RaiseException
GetEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FindResourceExW
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GlobalFlags
GetProfileIntW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetTickCount64
GetStringTypeExW
MoveFileW
UnlockFile
SetEndOfFile
LockFile
FlushFileBuffers
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetStartupInfoW
CompareStringA
GlobalGetAtomNameW
GetFullPathNameW
GetDiskFreeSpaceW
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
lstrcmpA
GlobalReAlloc
GetFileSize
VerifyVersionInfoW
VerSetConditionMask
ResumeThread
SetThreadPriority
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
GlobalAddAtomW
GetShortPathNameW
GetLongPathNameW
GetTempFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryW
GetTempPathW
FindFirstFileW
SearchPathW
RemoveDirectoryW
GetWindowsDirectoryW
FlushInstructionCache
IsDebuggerPresent
CopyFileW
SetFileAttributesW
GetFileAttributesW
OpenFileMappingW
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingW
EncodePointer
GetDateFormatW
GetCommandLineW
DeleteFileW
lstrlenA
OpenProcess
CreatePipe
VirtualProtect
CompareStringW
GlobalMemoryStatusEx
GetPhysicallyInstalledSystemMemory
GetNativeSystemInfo
GetLogicalProcessorInformation
Sleep
GetProcessAffinityMask
SetThreadAffinityMask
GetProductInfo
IsWow64Process
GetVersionExW
GetComputerNameExW
GetVolumeInformationW
GetSystemWindowsDirectoryW
ExpandEnvironmentStringsW
WriteFile
SetFilePointer
LoadLibraryExW
ReleaseSemaphore
OpenMutexW
ReleaseMutex
CreateSemaphoreW
CreateMutexW
FindNextFileW
FindFirstFileExW
GetSystemDirectoryW
TerminateProcess
DuplicateHandle
GetExitCodeProcess
CreateProcessW
GetCurrentProcessId
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
ReadFile
GetCurrentThread
SetLastError
GetCurrentProcess
lstrcpynW
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrcmpW
GlobalAlloc
FindClose
GlobalFree
FreeLibrary
SizeofResource
lstrcmpiW
lstrlenW
GetCurrentThreadId
GetProcAddress
GetUserDefaultLocaleName
GetUserDefaultLCID
GetACP
SetThreadLocale
GetUserDefaultLangID
GetLocaleInfoW
GetModuleFileNameW
LCMapStringW
MultiByteToWideChar
GetLocaleInfoEx
InitializeCriticalSection
AttachConsole
GetFileSizeEx
GetConsoleMode
GetSystemTimeAsFileTime
OutputDebugStringW
CompareStringEx
LocalFree
WideCharToMultiByte
FormatMessageW
FormatMessageA
CloseHandle
SetFileTime
GetFileTime
CreateFileW
ReplaceFileW
GetErrorMode
SetErrorMode
LCIDToLocaleName
lstrcpyW
MulDiv
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetLastError
GetModuleHandleW
GlobalLock
GlobalSize
GlobalUnlock
FindResourceW
LoadResource
LockResource

user32

ModifyMenuW
DeleteMenu
GetWindow
PostThreadMessageW
WaitMessage
GetMenuState
InsertMenuItemW
GetMenuItemInfoW
SubtractRect
SetFocus
EnableMenuItem
CheckMenuItem
LoadAcceleratorsW
GetSysColorBrush
SetRect
TrackMouseEvent
InvertRect
MessageBeep
NotifyWinEvent
GetCapture
DrawFocusRect
IsRectEmpty
SetCapture
EnableScrollBar
ReleaseCapture
GetDialogBaseUnits
AddClipboardFormatListener
DrawIconEx
UpdateWindow
CopyAcceleratorTableW
GetNextDlgTabItem
SetParent
UnionRect
GetClassLongW
GetDlgCtrlID
MapDialogRect
IsWindowEnabled
GetKeyState
RegisterClassW
SetClassLongW
ChangeWindowMessageFilter
RegisterWindowMessageW
SetForegroundWindow
ShowWindowAsync
FindWindowW
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
DrawTextExW
DrawStateW
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExW
HideCaret
RemoveClipboardFormatListener
IsDlgButtonChecked
GetForegroundWindow
ShowScrollBar
GetMessagePos
GetAncestor
CallNextHookEx
GetWindowDC
EnumChildWindows
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
GetClipboardSequenceNumber
WindowFromDC
DestroyCursor
DestroyIcon
DestroyAcceleratorTable
DestroyMenu
GetWindowPlacement
GetComboBoxInfo
ShowWindow
SetWindowPlacement
MonitorFromRect
GetMessageTime
LoadBitmapW
CopyIcon
GetProcessDefaultLayout
SetProcessDefaultLayout
GetDoubleClickTime
ClipCursor
GetCursor
DrawEdge
SetMenu
GetMenu
GetMenuStringW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetWindowThreadProcessId
GetNextDlgGroupItem
SetDlgItemInt
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
IntersectRect
MoveWindow
GetScrollBarInfo
RemovePropW
SetPropW
GetWindowRgn
SetWindowPos
MapWindowPoints
GetWindowTextW
GetWindowTextLengthW
GetClassNameW
GetLastActivePopup
EnumThreadWindows
GetActiveWindow
CheckRadioButton
InsertMenuW
DrawMenuBar
IsZoomed
GetTopWindow
SetWindowRgn
DestroyWindow
KillTimer
CharUpperW
SetMenuDefaultItem
IsMenu
GetMenuDefaultItem
DrawFrameControl
GetDesktopWindow
BringWindowToTop
SetScrollPos
UpdateLayeredWindow
ValidateRect
GetScrollPos
MonitorFromWindow
GetMessageW
LockWindowUpdate
SendMessageTimeoutW
SetMenuItemInfoW
DrawTextW
SetCursorPos
GetTabbedTextExtentW
GetDCEx
GetWindowLongW
CharNextW
CharUpperBuffW
GetDC
ReleaseDC
GetSysColor
MessageBoxW
CreatePopupMenu
LoadIconW
FillRect
IsWindowVisible
RegisterClassExW
DefWindowProcW
GetClassInfoExW
UnregisterClassW
SetTimer
IsIconic
ClientToScreen
CopyImage
GrayStringW
TabbedTextOutW
BeginPaint
EndPaint
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
SetScrollRange
GetScrollRange
AdjustWindowRectEx
SetScrollInfo
GetScrollInfo
WinHelpW
CheckDlgButton
IsDialogMessageW
SetLayeredWindowAttributes
GetKeyNameTextW
MapVirtualKeyW
GetWindowRect
GetParent
InflateRect
CallWindowProcW
IsWindow
CreateWindowExW
GetClassInfoW
LoadCursorW
InvalidateRect
SendMessageW
ScreenToClient
SetCursor
SetWindowLongW
EnableWindow
GetAsyncKeyState
PtInRect
IsChild
GetFocus
OffsetRect
SetDlgItemTextW
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetWindowTextW
GetClientRect
CopyRect
GetSystemMetrics
TranslateAcceleratorW
LoadMenuW
GetSubMenu
RemoveMenu
PostMessageW
GetMenuItemCount
GetMenuItemID
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
CreateAcceleratorTableW
GetDlgItem
AppendMenuW
LoadImageW
GetIconInfo
GetSystemMenu
SystemParametersInfoW
InSendMessageEx
ReplyMessage
RedrawWindow
GetCursorPos
WindowFromPoint
SetActiveWindow
SetRectEmpty
EqualRect
CreateDialogIndirectParamW
EndDialog
UnpackDDElParam
ReuseDDElParam
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
ShowOwnedPopups
SendDlgItemMessageA
IsCharLowerW
MapVirtualKeyExW
FrameRect
DrawIcon
RealChildWindowFromPoint
CreateMenu
GetPropW

gdi32

GetDCBrushColor
GetBkMode
SetStretchBltMode
GetLayout
GetStockObject
CreatePen
GetObjectType
CreatePenIndirect
ExtCreatePen
ExtTextOutW
GdiAlphaBlend
CreateCompatibleDC
StretchBlt
BitBlt
SaveDC
RestoreDC
SetMapMode
SetWindowExtEx
GetBkColor
SetBkColor
GetTextAlign
GetArcDirection
SetArcDirection
GetPolyFillMode
GetStretchBltMode
GetROP2
SetROP2
CreateSolidBrush
MoveToEx
LineTo
PolyBezierTo
BeginPath
CloseFigure
EndPath
StrokeAndFillPath
AbortPath
PathToRegion
WidenPath
PaintRgn
Ellipse
CreateDIBSection
GetTextCharsetInfo
EnumFontFamiliesW
CreateRectRgnIndirect
GetWindowOrgEx
GetViewportOrgEx
GetOutlineTextMetricsW
GetRgnBox
FillRgn
GetDIBits
CreateCompatibleBitmap
CreateDCW
SetAbortProc
StartDocW
StartPage
EndPage
EndDoc
AbortDoc
AddFontMemResourceEx
RemoveFontResourceW
GetDCPenColor
ExtTextOutA
IntersectClipRect
GetCharWidthW
PtVisible
Escape
SetViewportOrgEx
ScaleViewportExtEx
OffsetViewportOrgEx
GetCurrentPositionEx
SetWindowOrgEx
GetTextFaceW
RectVisible
ScaleWindowExtEx
GetNearestColor
CreatePalette
RealizePalette
GetPaletteEntries
PtInRegion
SetPixelV
CreatePolygonRgn
GetNearestPaletteIndex
SetPaletteEntries
PatBlt
CreateRectRgn
ExcludeClipRect
Polyline
SetPixel
CopyMetaFileW
CreateBitmap
CreateHatchBrush
CreatePatternBrush
GetPixel
SelectClipRgn
ExtSelectClipRgn
SelectPalette
OffsetWindowOrgEx
SetRectRgn
CreateDIBitmap
CreateEllipticRgn
SetDIBColorTable
ExtFloodFill
GetSystemPaletteEntries
GetBoundsRect
GetClipBox
EnumFontFamiliesExW
SetBkMode
SetTextColor
SetTextAlign
TextOutW
ResetDCW
GetDeviceCaps
DeleteDC
Rectangle
RoundRect
LPtoDP
SetPolyFillMode
GdiFlush
DeleteObject
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateRoundRectRgn
GdiGradientFill
CombineRgn
OffsetRgn
FrameRgn
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
SetDCBrushColor
SelectObject
GetObjectW
GetCurrentObject
CreateFontIndirectW
SetDCPenColor
SetLayout
GetTextColor
GetTextExtentPoint32A
SetViewportExtEx
Polygon

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobW
EnumFormsW
DocumentPropertiesW
DeviceCapabilitiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegQueryValueExW
RegEnumValueW
GetFileSecurityW
SetFileSecurityW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteTreeW
RegDeleteValueW
RegEnumKeyExW
GetUserNameW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
RegDeleteKeyW
RegSetValueExW

shell32

SHAddToRecentDocs
ExtractIconW
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetKnownFolderPath
DragFinish
DragQueryFileW
SHFileOperationW
FindExecutableW
SHAppBarMessage
SHGetFileInfoW
SHGetMalloc
SHGetDesktopFolder
ShellExecuteExW
ShellExecuteW

comctl32

ImageList_GetImageCount
ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx
ord345
ord413
ord412
ord410
ImageList_GetIconSize
ImageList_Remove
ImageList_AddMasked
ImageList_GetImageInfo

shlwapi

PathStripToRootW
PathIsUNCW
AssocQueryStringW
PathQuoteSpacesW
PathAddBackslashW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathFindNextComponentW
PathIsRelativeW
PathGetCharTypeW
PathCommonPrefixW
PathSearchAndQualifyW
PathRemoveBlanksW
PathIsDirectoryW
PathAppendW
PathCanonicalizeW
PathRelativePathToW
PathRemoveFileSpecW
PathRemoveBackslashW
StrIsIntlEqualW
StrFormatKBSizeW

uxtheme

DrawThemeText
IsThemeBackgroundPartiallyTransparent
IsAppThemed
EnableThemeDialogTexture
GetThemePartSize
DrawThemeBackground
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemeSysColor

ole32

CoTaskMemFree
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CoDisconnectObject
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
StringFromCLSID
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayGetDim
SafeArrayUnlock
SysAllocStringLen
VariantChangeType
VariantCopy
SysFreeString
SysStringLen
VariantInit
SysAllocString
VariantClear
SafeArrayPtrOfIndex
VarBstrFromDate
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

gdiplus

GdipTransformMatrixPoints
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImagePalette
GdipDrawImageI
GdipGetImagePaletteSize
GdipDrawImageRect
GdipMultiplyWorldTransform
GdipRotateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipSetInterpolationMode
GdipSetPageUnit
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipGetImageHeight
GdiplusShutdown

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ws2_32

WSAStartup
WSACleanup

wintrust

WinVerifyTrust

dxgi

CreateDXGIFactory

secur32

GetUserNameExW

d3dx9_43

D3DXVec3Transform
D3DXMatrixOrthoOffCenterLH
D3DXMatrixPerspectiveOffCenterLH
D3DXVec3TransformNormal
D3DXGetImageInfoFromFileW
D3DXMatrixRotationY
D3DXMatrixRotationX
D3DXMatrixScaling
D3DXMatrixLookAtLH
D3DXMatrixInverse
D3DXMatrixTranslation
D3DXMatrixMultiply
D3DXVec3Normalize

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

bcrypt

BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptImportKeyPair
BCryptGetProperty
BCryptFinishHash
BCryptHashData
BCryptDestroyKey
BCryptVerifySignature
BCryptGenRandom

Sections

.text
Size: 15.1MB - Virtual size: 15.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crypt
Size: 42KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 906KB - Virtual size: 906KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab5dd79e540ac941352abb9d5f1c9f6c

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

0a:5c:06:08:ea:55:89:ad:7a:a6:4b:c2Certificate

Extended Key Usages

Key Usages

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

fc:5c:ae:f1:17:9d:77:a4:47:41:72:58:92:65:c5:74:0a:69:48:76:64:41:45:2a:8b:3a:b3:73:19:94:95:d6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

ws2_32

wintrust

dxgi

secur32

d3dx9_43

oleacc

imm32

winmm

bcrypt

Sections

.text Size: 15.1MB - Virtual size: 15.1MB

.crypt Size: 42KB - Virtual size: 68KB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 2.4MB - Virtual size: 2.5MB

_RDATA Size: 68KB - Virtual size: 67KB

.rsrc Size: 772KB - Virtual size: 772KB

.reloc Size: 906KB - Virtual size: 906KB

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

0a:5c:06:08:ea:55:89:ad:7a:a6:4b:c2
Certificate

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

fc:5c:ae:f1:17:9d:77:a4:47:41:72:58:92:65:c5:74:0a:69:48:76:64:41:45:2a:8b:3a:b3:73:19:94:95:d6
Signer

.text
Size: 15.1MB - Virtual size: 15.1MB

.crypt
Size: 42KB - Virtual size: 68KB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 2.4MB - Virtual size: 2.5MB

_RDATA
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 772KB - Virtual size: 772KB

.reloc
Size: 906KB - Virtual size: 906KB