2024-05-14_d7a0b624a06942c702c09651faaa93ac_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_d7a0b624a06942c702c09651faaa93ac_mafia
Size

4.8MB
MD5

d7a0b624a06942c702c09651faaa93ac
SHA1

992a1bb8ed9db6c27a735a605ee606fcf3aa49f1
SHA256

e1e3fec16b6dadfb59c0d47a12ac066ba9ee1c9ec6cdc62d7a04e5a2bc0d8ddf
SHA512

663b4d0ed4e6b020ad85afe757369b28283272cf07460ed6e30b3d18948130491508d7711b0867b80b546abb545b2532182b42479e7eee3d991d9bbd02f45d02
SSDEEP

98304:BeVs4uvt0+sKdEl1uKO8GV0zLULIJq0do/puWRtyv6gGJCgPDwECE4iVyxx4hFrK:kW4uvtXdhg0htU6xiE4iVqmGIk

Score

1^/10

Malware Config

Signatures

Files

2024-05-14_d7a0b624a06942c702c09651faaa93ac_mafia
.exe windows:5 windows x86 arch:x86

8b513d98d6446a63489b415a96ba7ee4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

40:a5:34:ae:b6:e1:06:5d:40:7e:4b:dd:6b:04:85:ea
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/03/2015, 00:00

Not After

12/03/2016, 23:59

Subject

CN=Stardock Corporation,O=Stardock Corporation,L=Plymouth,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c7:f7:cf:4e:d4:93:84:5d:e3:38:1c:10:6e:30:c9:98:6e:ef:a6:93
Signer

Actual PE Digest

c7:f7:cf:4e:d4:93:84:5d:e3:38:1c:10:6e:30:c9:98:6e:ef:a6:93

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Code\FourConfig\Release\WindowFXConfig.pdb

Imports

gdiplus

GdipSaveImageToFile
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdiplusStartup
GdipGetImageEncoders
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdiplusShutdown
GdipCreateFromHDC
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageI
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipGetImageEncodersSize
GdipFree

msimg32

TransparentBlt
AlphaBlend

winmm

timeKillEvent
timeBeginPeriod
timeEndPeriod
PlaySoundW
timeSetEvent

uxtheme

DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
OpenThemeData
IsThemeActive

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsA
SHDeleteKeyA
PathFileExistsW
PathStripToRootW

crypt32

CryptVerifyMessageSignature
CertGetNameStringA
CryptStringToBinaryA
CertGetNameStringW
CertFreeCertificateContext

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader

dwrite

DWriteCreateFactory

d2d1

ord1

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetConnectA
InternetOpenA
InternetCrackUrlA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetOpenUrlW
InternetGetConnectedState
InternetSetOptionW
InternetOpenW
HttpOpenRequestA
InternetCloseHandle

kernel32

GetFullPathNameW
GetFileAttributesExW
SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetNumberFormatW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
SetErrorMode
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
ExitThread
CreateThread
LockFile
RaiseException
CreateDirectoryA
HeapFree
HeapAlloc
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
CreateDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetDriveTypeW
GetFullPathNameA
HeapReAlloc
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
FatalAppExitA
SetConsoleCtrlHandler
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
WriteConsoleW
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
FlushFileBuffers
SetFilePointer
MoveFileW
lstrcmpiW
GetStringTypeExW
FindResourceExW
GetCurrentDirectoryW
SystemTimeToFileTime
GetThreadLocale
lstrcpyW
GetAtomNameW
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
ReleaseActCtx
CreateActCtxW
SuspendThread
ResumeThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalGetAtomNameW
GetVolumeInformationW
GlobalAddAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
FreeResource
GlobalSize
DuplicateHandle
FormatMessageW
lstrlenW
MulDiv
GetThreadTimes
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedDecrement
GetCurrentProcessId
ProcessIdToSessionId
WaitNamedPipeA
GetPrivateProfileIntW
GetCurrentThreadId
CreateProcessA
GetExitCodeProcess
GetFileSize
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
CopyFileW
GetSystemDirectoryW
lstrcmpA
lstrcatA
SetLastError
lstrlenA
LoadLibraryExA
GetWindowsDirectoryW
ReadFile
SetCurrentDirectoryW
LoadLibraryW
GetModuleHandleExA
DeleteCriticalSection
InitializeCriticalSection
GetWindowsDirectoryA
GetSystemDirectoryA
GetFileAttributesExA
FindFirstFileW
DeleteFileW
FindNextFileW
RemoveDirectoryW
Beep
CreateFileW
FileTimeToLocalFileTime
GetUserGeoID
DeleteFileA
WritePrivateProfileStringA
OutputDebugStringW
GlobalLock
GlobalUnlock
GetShortPathNameW
WideCharToMultiByte
GlobalFindAtomW
GetModuleFileNameA
GetModuleHandleW
FreeLibrary
GlobalFindAtomA
GetCurrentProcess
SetProcessWorkingSetSize
LocalFree
SetEndOfFile
GlobalAddAtomA
GetPrivateProfileStringA
WaitForSingleObject
GlobalAlloc
CreateFileA
WriteFile
CloseHandle
GlobalFree
LocalAlloc
Sleep
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
SetCurrentDirectoryA
FindFirstFileA
GetPrivateProfileIntA
FindNextFileA
FindClose
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateEventW
GetLastError
GetTickCount
LoadLibraryA
GetModuleFileNameW
GetProcAddress
SetEvent
GetComputerNameA
FileTimeToSystemTime
OutputDebugStringA
GetCurrentThread
SetThreadPriority
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualProtect
UnlockFile
ExitProcess

user32

GetNextDlgGroupItem
UnregisterClassW
InvertRect
HideCaret
GetIconInfo
DestroyAcceleratorTable
SetClassLongW
DrawEdge
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatW
FrameRect
CopyIcon
CharUpperBuffW
PostThreadMessageW
GetDCEx
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
IsClipboardFormatAvailable
SendNotifyMessageW
GetUpdateRect
GetDoubleClickTime
SubtractRect
DestroyCursor
WindowFromDC
GetWindowRgn
GetTabbedTextExtentW
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
InflateRect
MapDialogRect
GetAsyncKeyState
MapVirtualKeyW
GetKeyNameTextW
GrayStringW
DrawTextExW
TabbedTextOutW
DrawStateW
LoadMenuW
ScrollWindowEx
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenuEx
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
ValidateRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetMenu
CopyRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InvalidateRgn
GetMenuItemCount
GetSubMenu
RemoveMenu
DestroyIcon
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
ChildWindowFromPoint
AdjustWindowRect
wsprintfA
LoadStringW
SystemParametersInfoW
BroadcastSystemMessageW
SetSysColors
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassW
EnumChildWindows
GetClassWord
CallNextHookEx
WindowFromPoint
DestroyWindow
IsZoomed
DrawIcon
MessageBoxW
IsIconic
SetForegroundWindow
LoadImageA
IntersectRect
DrawFrameControl
DrawFocusRect
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
ClientToScreen
GetWindowLongA
DrawTextA
wsprintfW
CreateWindowExA
LoadIconW
RegisterWindowMessageA
PostMessageA
SetPropW
MonitorFromWindow
GetMonitorInfoW
GetSysColor
GetPropW
SendMessageA
DefWindowProcW
OffsetRect
IsHungAppWindow
PostMessageW
SetWindowTextA
SetFocus
FindWindowA
IsWindow
GetWindow
FindWindowExA
GetWindowDC
UpdateLayeredWindow
IsWindowVisible
ShowWindow
MoveWindow
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
SystemParametersInfoA
RedrawWindow
GetWindowTextA
SetWindowTextW
MonitorFromPoint
ScreenToClient
LoadCursorW
SetCursor
BeginPaint
EndPaint
SetWindowPos
MessageBoxA
GetDlgItem
GetWindowLongW
SetWindowLongW
GetFocus
GetSystemMetrics
RemovePropA
SetPropA
CallWindowProcW
MapWindowPoints
FillRect
IsWindowEnabled
GetWindowTextW
GetPropA
DrawIconEx
GetDesktopWindow
EqualRect
UpdateWindow
GetDC
ReleaseDC
RegisterWindowMessageW
GetParent
SendMessageW
KillTimer
SetTimer
DrawTextW
GetCursorPos
GetKeyState
ToAscii
GetClientRect
PtInRect
SetCapture
InvalidateRect
GetWindowRect
EnableWindow
SetRect
CopyAcceleratorTableW
CharNextW
WaitMessage
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
EnableScrollBar
UnionRect
IsRectEmpty
CharUpperW
NotifyWinEvent
MessageBeep
SetWindowRgn
GetSystemMenu
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
GetMenuItemInfoW
GetDialogBaseUnits
RealChildWindowFromPoint
GetSysColorBrush
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
LoadImageW
InsertMenuW
GetWindowThreadProcessId
SendMessageTimeoutW

gdi32

ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
GetClipRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
SelectPalette
SetWorldTransform
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32W
CreateFontIndirectW
CreateDIBitmap
SetGraphicsMode
GetTextCharsetInfo
SetRectRgn
GetMapMode
DPtoLP
CreateRoundRectRgn
EnumFontFamiliesExW
GetCharWidthW
StretchDIBits
GetBkColor
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreatePolygonRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
SetPixel
RoundRect
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
SetDIBitsToDevice
GetDeviceCaps
SetDCBrushColor
CreateBitmap
CreateDCW
CopyMetaFileW
CreatePatternBrush
GetObjectType
EnumFontFamiliesW
CombineRgn
CreateEllipticRgn
CreateCompatibleBitmap
CreatePen
CreateFontW
CreateDIBSection
SetDIBits
SetDCPenColor
CreateRectRgn
Rectangle
StretchBlt
GetDIBits
GetTextMetricsW
GetTextColor
GetCurrentObject
CreateSolidBrush
SetBrushOrgEx
SelectClipRgn
GdiFlush
BitBlt
SetBkColor
ExtTextOutW
CreateCompatibleDC
GetObjectW
SetStretchBltMode
SelectObject
SetBkMode
SetTextColor
GetStockObject
MoveToEx
LineTo
DeleteDC
DeleteObject
PlayMetaFileRecord
CreateFontA

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseColorA

winspool.drv

OpenPrinterW
GetJobW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegEnumValueW
RegSetValueW
CryptGenRandom
RegDeleteKeyA
CryptAcquireContextA
CryptImportKey
CryptCreateHash
CryptHashData
CryptVerifySignatureW
CryptDestroyHash
CryptReleaseContext
LookupAccountNameA
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegNotifyChangeKeyValue
RegDeleteValueA
OpenSCManagerW
OpenServiceW
ControlService
QueryServiceStatus
StartServiceW
CloseServiceHandle
RegEnumValueA
RegOpenKeyExA
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
GetUserNameA
GetFileSecurityW
SetFileSecurityW
RegEnumKeyExW
RegCloseKey

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetDataFromIDListW
SHGetDesktopFolder
ShellExecuteExW
SHBrowseForFolderW
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHAddToRecentDocs
SHGetFileInfoW
DragQueryFileW
SHGetFolderPathA
SHGetPathFromIDListA
ShellExecuteW
ord6
ExtractIconW
DragQueryFileA
DragFinish
SHGetFolderPathW
SHGetDataFromIDListA
SHGetMalloc

comctl32

ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx
ImageList_Destroy

ole32

CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
OleQueryCreateFromData
OleSetContainedObject
OleIsRunning
GetRunningObjectTable
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleGetIconOfClass
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
PropVariantCopy
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateFromFile
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoUninitialize
CoInitialize
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CreateStreamOnHGlobal
OleQueryLinkFromData

oleaut32

SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
LoadRegTypeLi
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
RegisterTypeLi
SysStringByteLen
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
VariantInit
VariantChangeType
SafeArrayPutElement
VariantClear
SysFreeString
CreateErrorInfo
SysAllocString
GetErrorInfo
SetErrorInfo
SysAllocStringLen

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 753KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b513d98d6446a63489b415a96ba7ee4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

40:a5:34:ae:b6:e1:06:5d:40:7e:4b:dd:6b:04:85:eaCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

c7:f7:cf:4e:d4:93:84:5d:e3:38:1c:10:6e:30:c9:98:6e:ef:a6:93Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

msimg32

winmm

uxtheme

shlwapi

crypt32

imagehlp

dwrite

d2d1

version

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oledlg

oleacc

imm32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 753KB - Virtual size: 752KB

.data Size: 85KB - Virtual size: 154KB

.rsrc Size: 672KB - Virtual size: 672KB

.reloc Size: 257KB - Virtual size: 257KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

40:a5:34:ae:b6:e1:06:5d:40:7e:4b:dd:6b:04:85:ea
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

c7:f7:cf:4e:d4:93:84:5d:e3:38:1c:10:6e:30:c9:98:6e:ef:a6:93
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 753KB - Virtual size: 752KB

.data
Size: 85KB - Virtual size: 154KB

.rsrc
Size: 672KB - Virtual size: 672KB

.reloc
Size: 257KB - Virtual size: 257KB