2024-05-23_4bca0f5a9d1bc9cb9029680f0ee963ec_floxif_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-23_4bca0f5a9d1bc9cb9029680f0ee963ec_floxif_icedid
Size

5.3MB
MD5

4bca0f5a9d1bc9cb9029680f0ee963ec
SHA1

7b8b031101f8b39a0d3cd59898a6244d29242156
SHA256

0dc49b2541a46b1a75ef16ad81d0fe6538d1949cbbc7c4a16cdc1a5c77d62cdc
SHA512

46e046b8620eba4878fd087b6a6cc842edb5e5214f3d149b1d6ee908c81beddd8c186d43528bb90ef6cf271ed2673e178047d213bbd7322de7dae77c02f4e60a
SSDEEP

49152:0NIAkX0kJ+XbggIaL/XRZUpn42n6QteECyJtbQE41HnaGQ77UkmEWQn7ayYQA6Bk:QSYjR46UW67nm

Score

1^/10

Malware Config

Signatures

Files

2024-05-23_4bca0f5a9d1bc9cb9029680f0ee963ec_floxif_icedid
.exe windows:4 windows x86 arch:x86

d0715e668ae1f9508ea23f5624096a69

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:1a:5f:74:ea:3b:69:b6:8a:ea:e3:e9:18:ab:23:a3
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

25/02/2008, 00:00

Not After

01/03/2010, 23:59

Subject

CN=IMAGE RECOGNITION INTEGRATED SYSTEMS SA,OU=PS,O=IMAGE RECOGNITION INTEGRATED SYSTEMS SA,L=Louvain-la-Neuve,ST=Brabant wallon,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

11:78:9d:48:4f:c0:02:f4:50:dc:19:dc:64:7d:f0:4f:2a:31:67:a6
Signer

Actual PE Digest

11:78:9d:48:4f:c0:02:f4:50:dc:19:dc:64:7d:f0:4f:2a:31:67:a6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\vrl\tex300\read70\read11___Win32_DPE11_Debug\dpe_ocr.pdb

Imports

kernel32

GetThreadPriority
ResumeThread
SuspendThread
GlobalSize
GetAtomNameW
GetModuleHandleA
lstrlenA
FileTimeToSystemTime
SystemTimeToFileTime
GetThreadLocale
GetCurrentProcessId
EnumResourceLanguagesW
ConvertDefaultLocale
GetLocaleInfoW
lstrcmpA
InterlockedExchange
CompareStringA
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
VirtualProtect
GetHandleInformation
DuplicateHandle
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetCurrentThread
GetCurrentProcess
HeapAlloc
FreeResource
GetProcessHeap
HeapFree
lstrcpynW
GetProfileStringW
ExpandEnvironmentStringsW
WriteFile
_lread
CreateFileW
GetVersion
SetErrorMode
CopyFileW
WritePrivateProfileStringW
GetTempPathW
CreateDirectoryW
GetSystemDefaultLangID
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InitializeCriticalSection
RaiseException
DeleteCriticalSection
CreateEventW
CreateThread
InterlockedDecrement
SetEvent
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
GetPrivateProfileIntW
LocalAlloc
GetProfileIntW
WriteProfileStringW
GetCurrentThreadId
GetTempFileNameW
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
SetThreadLocale
FindNextFileW
GlobalReAlloc
GetVersionExW
OpenMutexW
CloseHandle
CompareStringW
SetLastError
lstrcmpW
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExA
DeleteFileW
GetVolumeInformationW
GetFullPathNameW
GetStringTypeExW
GetShortPathNameW
GetFileAttributesW
CreateProcessW
GetCPInfo
SizeofResource
GlobalAlloc
GetFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesW
GetCurrentDirectoryW
FindResourceExW
GetDiskFreeSpaceW
DebugBreak
IsDebuggerPresent
HeapValidate
IsBadReadPtr
RtlUnwind
ExitProcess
GetFullPathNameA
GetConsoleCP
GetConsoleMode
GetFileType
GetSystemTimeAsFileTime
DeleteFileA
GetStdHandle
OutputDebugStringA
WriteConsoleW
VirtualAlloc
GetSystemInfo
VirtualQuery
RemoveDirectoryW
GetStartupInfoW
CreateFileA
GetModuleFileNameA
SetStdHandle
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
HeapReAlloc
SetConsoleCtrlHandler
GetDriveTypeA
SetHandleCount
GetStartupInfoA
WriteConsoleA
GetConsoleOutputCP
GetTimeZoneInformation
QueryPerformanceCounter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
MulDiv
lstrcpyW
LocalFree
GlobalUnlock
Sleep
GetLastError
FormatMessageW
GetTickCount
lstrlenW
OutputDebugStringW
FindResourceW
LoadResource
GlobalLock
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
FindFirstFileW
FindClose
LoadLibraryW
GetProcAddress
GetPrivateProfileStringW
LockResource
SetThreadPriority
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MoveFileW

user32

ScreenToClient
GetWindowRect
EnableMenuItem
CheckMenuItem
SendMessageW
GetMenu
DrawMenuBar
SetDlgItemTextW
SetWindowTextW
EnableWindow
IsDlgButtonChecked
CheckDlgButton
wsprintfW
GetFocus
MessageBeep
ShowWindow
PostMessageW
BringWindowToTop
DdeNameService
DdeCreateStringHandleW
DdeInitializeW
DdeUninitialize
DispatchMessageW
TranslateMessage
GetDlgItem
DestroyWindow
TranslateAcceleratorW
PeekMessageW
CharUpperW
DdeCreateDataHandle
DdeGetData
DdeQueryStringW
IsWindow
DdeClientTransaction
DdeConnect
LoadStringW
SetMenu
DestroyMenu
AppendMenuW
OffsetRect
DdeDisconnect
UpdateWindow
FrameRect
InflateRect
InvalidateRect
IsDialogMessageW
DialogBoxIndirectParamW
GetSystemMetrics
CreateDialogParamW
CreateDialogIndirectParamW
GetDialogBaseUnits
CreateWindowExW
DefWindowProcW
GetSysColor
GetWindow
MoveWindow
ClientToScreen
ReleaseCapture
SetCapture
GetClassLongW
GetSysColorBrush
EndPaint
BeginPaint
SetTimer
GetWindowPlacement
SystemParametersInfoA
IntersectRect
GetMessagePos
GetMessageTime
GetClassNameW
GetWindowTextLengthW
SetWindowPlacement
TrackPopupMenuEx
WinHelpW
GetCapture
GetTopWindow
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
GetClassInfoW
GetClassInfoExW
RegisterWindowMessageW
MapDialogRect
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
DragDetect
HiliteMenuItem
IsZoomed
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
GetWindowDC
GetUpdateRect
GetUpdateRgn
InvalidateRgn
ValidateRgn
ShowOwnedPopups
GetDCEx
LockWindowUpdate
SetFocus
DrawAnimatedRects
DrawCaption
DlgDirListW
DlgDirListComboBoxW
DlgDirSelectExW
DlgDirSelectComboBoxExW
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
ChildWindowFromPoint
ChildWindowFromPointEx
FindWindowExW
GetLastActivePopup
SetParent
FlashWindow
ChangeClipboardChain
SetClipboardViewer
GetOpenClipboardWindow
GetClipboardOwner
GetClipboardViewer
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
GetForegroundWindow
SendNotifyMessageW
SetWindowContextHelpId
GetWindowContextHelpId
CloseWindow
OpenIcon
ScrollWindowEx
GetKeyNameTextW
MapVirtualKeyW
GetMenuItemID
InsertMenuW
GetSubMenu
GetMenuItemCount
IsMenu
RemoveMenu
WindowFromDC
ExcludeUpdateRgn
InvertRect
DrawIcon
DrawStateW
DrawEdge
DrawFrameControl
DrawTextExW
GetTabbedTextExtentW
GrayStringW
DeleteMenu
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
InsertMenuItemW
LoadMenuW
LoadMenuIndirectW
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetWindowThreadProcessId
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
GetAsyncKeyState
SetRectEmpty
ReuseDDElParam
IsRectEmpty
SetRect
UnionRect
SubtractRect
UnregisterClassA
DispatchMessageA
GetMessageA
IsWindowUnicode
PeekMessageA
MsgWaitForMultipleObjects
GetDoubleClickTime
IsIconic
IsWindowVisible
KillTimer
ScrollDC
SetScrollPos
GetScrollRange
GetScrollPos
GetParent
GetKeyState
GetMenuState
GetPropW
RedrawWindow
SetWindowPos
SetScrollRange
TrackPopupMenu
CreatePopupMenu
CallNextHookEx
RemovePropW
UnhookWindowsHookEx
GetDlgCtrlID
SetWindowsHookExW
SetPropW
ValidateRect
IsChild
WindowFromPoint
GetCursorPos
MessageBoxW
CharToOemA
FillRect
SendDlgItemMessageW
IsWindowEnabled
LoadBitmapW
DrawFocusRect
SetCursorPos
GetDesktopWindow
SetWindowLongW
SystemParametersInfoW
GetClientRect
PtInRect
LoadCursorW
SetCursor
EndDialog
GetDC
ReleaseDC
EnableScrollBar
GetMessageW
EnumChildWindows
SetClassLongW
GetMenuItemRect
GetDlgItemInt
LoadCursorA
MessageBoxA
DestroyIcon
LoadImageW
GetMenuStringW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgItemTextW
GetWindowTextW
GetSystemMenu
ChangeMenuW
SetActiveWindow
LoadIconW
RegisterClassW
CreateMenu
ModifyMenuW
UnregisterClassW
FindWindowW
LoadAcceleratorsW
PostThreadMessageW
CharNextW
CallWindowProcW
PostQuitMessage
DrawTextW
SetDlgItemInt
GetActiveWindow
SetForegroundWindow
CheckRadioButton
GetWindowLongW

gdi32

PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
CreateRoundRectRgn
CreateICW
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
UpdateColors
GetBkMode
CreateRectRgnIndirect
ResizePalette
CreatePolyPolygonRgn
CreateEllipticRgnIndirect
RectInRegion
CreateEllipticRgn
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreateDiscardableBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
CreateBitmapIndirect
CreateDIBPatternBrushPt
CreatePatternBrush
ExtCreatePen
CreatePenIndirect
GetObjectType
GetPolyFillMode
GetStretchBltMode
GetTextColor
GetGraphicsMode
GetPixel
PatBlt
CreateBrushIndirect
CreatePalette
StretchBlt
GetBkColor
CreateFontW
CreatePolygonRgn
FrameRgn
SetBitmapBits
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
CreateSolidBrush
CreateCompatibleDC
BitBlt
CreatePen
StartDocW
StartPage
MoveToEx
LineTo
EndPage
AbortDoc
EndDoc
DeleteDC
GetDeviceCaps
GetTextMetricsW
ExtTextOutW
CreateHatchBrush
SetROP2
CombineRgn
FillRgn
CreateRectRgn
UnrealizeObject
CreateDCW
CopyMetaFileW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
GetClipBox
GetROP2
EnumFontFamiliesExW
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetPolyFillMode
RestoreDC
SaveDC
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatW
GetCharABCWidthsFloatW
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
SetAbortProc
GetGlyphOutlineW
GetKerningPairsW
GetFontData
GetCharABCWidthsW
GetOutlineTextMetricsW
ResetDCW
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharacterPlacementW
GetFontLanguageInfo
GetCharWidthW
GetTextCharacterExtra
GetTextFaceW
GetTextAlign
ExtFloodFill
FloodFill
SetPixel
RoundRect
Rectangle
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
InvertRgn
LPtoDP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetWorldTransform
GetTextExtentPoint32W
DeleteObject
CreateDIBitmap
RealizePalette
SelectPalette
GetStockObject
SetBkColor
GetObjectW
TextOutW
SelectObject
CreateFontIndirectW
SetTextColor
SetBkMode
PaintRgn
GetDCOrgEx

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW
PrintDlgW

advapi32

RegEnumKeyExW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegCreateKeyW
SetFileSecurityW
GetFileSecurityW
SetThreadToken
RevertToSelf
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityInfo
RegDeleteValueW
RegSetValueW
RegQueryInfoKeyW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
OpenThreadToken

shell32

ShellExecuteW
SHGetFileInfoW
DragAcceptFiles
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHCreateDirectoryExW
ExtractIconW

ole32

ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CLSIDFromString
OleRun
CoDisconnectObject
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoCreateInstance
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CLSIDFromProgID
CoRegisterMessageFilter

oleaut32

LoadTypeLi
UnRegisterTypeLi
SystemTimeToVariantTime
SysStringLen
RegisterTypeLi
VarUI4FromStr
SysAllocString
VariantClear
VariantInit
GetActiveObject
SysFreeString
VariantChangeType
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
LoadRegTypeLi

ltdis15u

ord91
ord51
ord110
ord3
ord125
ord122
ord116
ord134
ord124
ord82
ord34
ord32

ltfil15u

ord103
ord93
ord32
ord23
ord107
ord125
ord33
ord95
ord96
ord100
ord65

ltimgclr15u

ord36
ord28

ltkrn15u

ord1
ord61
ord190
ord67
ord32
ord171
ord74
ord181
ord234
ord110
ord100
ord196
ord31
ord2
ord116
ord173
ord37
ord251
ord79
ord8
ord172
ord24
ord14
ord129
ord204
ord228
ord254
ord132
ord54
ord118
ord26
ord40
ord178

drs832

drs7_free_coords
drs7_prep_coords
drs6_read_coordinates
drs6_read_one
ord2
do_xml_output
do_format
drs_set_image_add_color
drs_set_image_add_grey
drs_set_format_color
drs_new_shapes
drs_reset_language
ord14
drs_set_underscore
ord1
ord63
ord4
drs_add_barcode
drs_reset_barcode
drs_save_shapes
do_ocr_separ
drs_load_shapes
drs_use_handprint_env
drs_set_best_accuracy
drs_set_gr_filter
set_drs_language
use_apptek_lexicon
drs_set_contrast
drs_set_brightness
drs_set_smoothing
do_zones
do_zones_rect
drs_rotate_zones

format5

FMT_Set_Callback_ImgTools_GetResolution
FMT_Set_Metadata
FMT_SetTextOverImageFlag
FMT_SetTextColorFlag
FMT_SetParagColorFlag
FMT_SetFormatOptions
FMT_SetOutputFormat
FMT_SetPdfEmbededFontsFlag
FMT_SetColumnBreakFlag
FMT_SetOutFileW
FMT_SetNumberOfFiles
FMT_SetOutputImage_Resolution
FMT_SetTypeColorText
FMT_Close
FMT_GetCodePageUsed
FMT_Init
FMT_Write
FMT_API_SetParamNew
FMT_Callback_MemoryTools_GlobalFree
FMT_Callback_MemoryTools_GlobalUnLock
FMT_Callback_MemoryTools_GlobalLock
FMT_Set_PreferredDocumentSize
FMT_Callback_ImageFileNameW
FMT_Set_Callback_ImgTools_CopyBitmapPolygon
FMT_Set_Callback_ImageHandle
FMT_SetNextInFileW
FMT_Set_Callback_ImgTools_IsGrayScale
FMT_Set_Callback_ImgTools_GrayScaleBitmap
FMT_Set_Callback_ImgTools_SizeBitmap
FMT_Set_Callback_ImgTools_SetResolution
FMT_Set_Callback_ImgTools_CopyBitmap
FMT_Set_Callback_ImgTools_FreeBitmap
FMT_Set_Callback_ImgTools_InvertBitmap
FMT_Set_Callback_ImgTools_SaveFileW
FMT_Set_Callback_ImgTools_SaveBitmapMemory
FMT_Set_Callback_ImgTools_FillBitmap
FMT_Set_Callback_ImgTools_CreateBitmap
FMT_Set_Callback_ImgTools_PutPixelColor
FMT_Set_Callback_ImgTools_GetPixelColor
FMT_Set_Callback_ImgTools_GetBitsPerPixel
FMT_Set_Callback_ImgTools_GetHeight
FMT_Set_Callback_ImgTools_GetWidth
FMT_SetOutputImage_Color
FMT_SetSeparatorFlag
FMT_SetIgnoreTextOutsideTable
FMT_SetPagePerSheetFlag
FMT_Set_Callback_ImgTools_InitImageHandle
FMT_Set_Callback_ImgTools_DeleteImageHandle

prepro

despeckl
skrotimg
skrotdim
sk_color
skrotbmp
skbitmap
bi_upset
bi_gradl_do
bi_set_satur
bi_set_sigma
bi_set_smooth
bi_set_delta2
bi_set_black2
bi_set_black1
bi_setup
bi_set_delta1

comctl32

InitCommonControlsEx
ImageList_Destroy
ord17

shlwapi

PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 620KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0715e668ae1f9508ea23f5624096a69

Code Sign

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

5c:1a:5f:74:ea:3b:69:b6:8a:ea:e3:e9:18:ab:23:a3Certificate

Extended Key Usages

11:78:9d:48:4f:c0:02:f4:50:dc:19:dc:64:7d:f0:4f:2a:31:67:a6Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ltdis15u

ltfil15u

ltimgclr15u

ltkrn15u

drs832

format5

prepro

comctl32

shlwapi

oleacc

winspool.drv

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 620KB - Virtual size: 617KB

.data Size: 588KB - Virtual size: 622KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5c:1a:5f:74:ea:3b:69:b6:8a:ea:e3:e9:18:ab:23:a3
Certificate

11:78:9d:48:4f:c0:02:f4:50:dc:19:dc:64:7d:f0:4f:2a:31:67:a6
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 620KB - Virtual size: 617KB

.data
Size: 588KB - Virtual size: 622KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB