2024-05-26_1a7c165b0241c7c7ab05f323fdc9c20c_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-26_1a7c165b0241c7c7ab05f323fdc9c20c_icedid
Size

24.4MB
MD5

1a7c165b0241c7c7ab05f323fdc9c20c
SHA1

f29658c0d349d51e9904420f9a9831cfa5a25765
SHA256

d8938de8a9448af00e85d68dd884b17f91e3a0366af14d44744dbada9174a21c
SHA512

eee45866803d2d25f971388694660628f5f36049bff676bf04f2a114980382897491de7f3ff461862f6cbedf16e751f01aaf861cdd03f6c3db5f2f15ede624dd
SSDEEP

196608:+hhByZJYwWEy00ce7LVKCYYYcz2zErMhIoHNk538:GBKJNy01eVSYsthIoHos

Score

1^/10

Malware Config

Signatures

Files

2024-05-26_1a7c165b0241c7c7ab05f323fdc9c20c_icedid
.exe windows:5 windows x86 arch:x86

aebec2d0027a4f693a281fa285cf3a16

Code Sign

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

Issuer

CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

07/03/2019, 19:35

Not After

03/03/2034, 19:35

Subject

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6c
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

13/11/2023, 16:04

Not After

12/11/2026, 16:04

Subject

CN=PrestoSoft LLC,O=PrestoSoft LLC,L=Oak Park,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

Issuer

CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

07/03/2019, 19:35

Not After

03/03/2034, 19:35

Subject

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6c
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA ECC R2,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

13/11/2023, 16:04

Not After

12/11/2026, 16:04

Subject

CN=PrestoSoft LLC,O=PrestoSoft LLC,L=Oak Park,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:01:7c:72:7a:56:12:36:29:78:fd:87:d6:c5:6f:b2:f0:b7:1f:23:a7:23:4f:66:7a:7a:df:a4:d5:1f:ea:53
Signer

Actual PE Digest

c3:01:7c:72:7a:56:12:36:29:78:fd:87:d6:c5:6f:b2:f0:b7:1f:23:a7:23:4f:66:7a:7a:df:a4:d5:1f:ea:53

Digest Algorithm

sha256

PE Digest Matches

false

52:cd:7d:2f:bf:bb:22:2b:ec:02:b9:59:6c:0a:7f:f0:a3:9c:b1:8f
Signer

Actual PE Digest

52:cd:7d:2f:bf:bb:22:2b:ec:02:b9:59:6c:0a:7f:f0:a3:9c:b1:8f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Src\ExamDiff\Win32\Release\ExamDiff.pdb

Imports

mpr

WNetGetConnectionW

iphlpapi

GetAdaptersInfo

winhttp

WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpSetTimeouts

kernel32

WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GlobalGetAtomNameW
ReleaseSemaphore
GlobalReAlloc
GetProfileIntW
CompareStringA
GetFileAttributesExW
UnlockFile
LockFile
FlushFileBuffers
SuspendThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadTimes
SetVolumeLabelW
UnregisterWaitEx
QueryDepthSList
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
HeapQueryInformation
TzSpecificLocalTimeToSystemTime
PeekNamedPipe
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
SetConsoleMode
ReadConsoleInputA
GetCommandLineA
SetFilePointerEx
SetStdHandle
ReadConsoleW
GetConsoleMode
GetFileType
InterlockedFlushSList
RtlUnwind
GetUserDefaultLangID
GetPrivateProfileSectionNamesW
GetCurrencyFormatW
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
CreateThread
SwitchToThread
GetNativeSystemInfo
GetStringTypeW
TryEnterCriticalSection
GetSystemDefaultUILanguage
GlobalFlags
SetErrorMode
ReplaceFileW
GetDiskFreeSpaceW
GetCurrentDirectoryW
ExpandEnvironmentStringsA
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCPInfo
VirtualAlloc
VirtualFree
SetEndOfFile
lstrlenA
GetCurrentThread
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
CancelIo
PostQueuedCompletionStatus
CreateIoCompletionPort
FreeResource
GetModuleHandleA
GetSystemInfo
CopyFileExW
DecodePointer
HeapReAlloc
HeapSize
GetSystemTimeAsFileTime
lstrcmpA
GetTimeZoneInformation
GetCPInfoExW
EnumSystemCodePagesW
GetPrivateProfileSectionW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
LocalReAlloc
LocalAlloc
GetFileTime
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
WinExec
SetThreadPriority
InterlockedExchange
GetLocalTime
SetUnhandledExceptionFilter
GetGeoInfoW
GetUserGeoID
MoveFileW
GetTimeFormatW
GetDateFormatW
ExitProcess
GetThreadLocale
UnmapViewOfFile
GetFileSizeEx
MapViewOfFile
CreateFileMappingW
ExpandEnvironmentStringsW
GetFileSize
GetNumberFormatW
GetWindowsDirectoryW
WaitForMultipleObjects
OpenProcess
GetSystemDirectoryW
CompareFileTime
CopyFileW
WriteConsoleW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetShortPathNameW
DuplicateHandle
GetProcessHeap
SetLastError
GlobalFree
LocalFree
FormatMessageW
GetFullPathNameW
TerminateThread
SetConsoleTextAttribute
SetConsoleWindowInfo
FillConsoleOutputAttribute
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetStdHandle
AllocConsole
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
SetFileAttributesW
CreateDirectoryW
GetExitCodeProcess
ResetEvent
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
LCMapStringW
LoadLibraryA
GetStringTypeExW
GetUserDefaultLCID
lstrlenW
GetTempFileNameW
GetTempPathW
SearchPathW
lstrcmpW
WriteFile
SetFilePointer
GlobalHandle
ReadFile
CreateFileW
ResumeThread
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalSize
lstrcpynW
GetTickCount
HeapCreate
HeapAlloc
HeapDestroy
HeapFree
lstrcmpiW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetCurrentProcessId
GetSystemTime
GetPrivateProfileIntW
WritePrivateProfileSectionW
GetCurrentProcess
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
GetFileAttributesW
GetACP
GetLocaleInfoW
InterlockedDecrement
InterlockedIncrement
InterlockedPushEntrySList
TlsSetValue
TlsGetValue
TlsFree
InterlockedPopEntrySList
InitializeSListHead
TlsAlloc
SetEvent
InterlockedCompareExchange
CreateEventW
FreeLibrary
LoadLibraryW
CreateProcessW
lstrcatW
lstrcpyW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetCommandLineW
GetVersionExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLastError
RaiseException
WideCharToMultiByte
GetVolumeInformationW
GetComputerNameW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetUserDefaultUILanguage
OutputDebugStringW
InitializeCriticalSection

user32

RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
SendDlgItemMessageA
OemToCharBuffA
CharToOemBuffA
DrawEdge
GetWindowDC
CreateIconIndirect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
CharNextExA
IsClipboardFormatAvailable
GetAsyncKeyState
BringWindowToTop
DestroyCaret
GetScrollInfo
ScrollWindowEx
SetScrollPos
VkKeyScanW
SetCaretPos
BeginPaint
EndPaint
CreateCaret
ShowCaret
TranslateAcceleratorW
MoveWindow
PostThreadMessageW
CreateWindowExW
RegisterClassW
DestroyWindow
UnregisterClassW
GetDlgItem
HideCaret
GetActiveWindow
IsChild
GetClassNameW
GetMenuDefaultItem
GetMenuItemInfoW
CheckMenuItem
EnumChildWindows
EnumDisplayMonitors
GetMenuItemID
AttachThreadInput
ShowScrollBar
CopyIcon
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
GetMenu
SetMenu
TrackPopupMenu
TrackPopupMenuEx
SetActiveWindow
SetMenuItemBitmaps
ValidateRect
RegisterWindowMessageW
GetWindowRect
EnableWindow
SendMessageW
PtInRect
InvalidateRect
IsWindow
PostMessageW
LoadCursorW
wsprintfA
SetScrollInfo
wsprintfW
DrawStateW
DrawMenuBar
SetFocus
IsWindowEnabled
MessageBeep
GetWindowThreadProcessId
MsgWaitForMultipleObjects
GetMessageW
MsgWaitForMultipleObjectsEx
GetForegroundWindow
GetKeyboardLayout
SetWindowTextW
GetWindowTextW
IntersectRect
PostQuitMessage
PeekMessageW
SetRect
MessageBoxW
WindowFromPoint
UnionRect
LoadBitmapW
SendMessageTimeoutW
GetFocus
SetKeyboardState
GetKeyboardState
SetClassLongW
GetClassLongW
CharLowerBuffW
IsIconic
CloseDesktop
CreateDesktopW
LoadStringW
GetWindowLongW
MapDialogRect
GetDlgCtrlID
IsWindowVisible
GetWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
ScrollWindow
DestroyCursor
CopyRect
GetLastActivePopup
GetCursorPos
ScreenToClient
DrawIconEx
GetClipboardData
SetWindowLongW
LockWindowUpdate
SetWindowPos
IsZoomed
GetComboBoxInfo
FrameRect
ChildWindowFromPointEx
ChildWindowFromPoint
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
AdjustWindowRectEx
GetTopWindow
WinHelpW
MonitorFromWindow
ShowWindow
SetDlgItemTextW
CheckDlgButton
IsDlgButtonChecked
IsDialogMessageW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetDialogBaseUnits
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
ShowOwnedPopups
SetCursorPos
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
ReuseDDElParam
DrawIcon
NotifyWinEvent
WaitMessage
SetParent
GetTabbedTextExtentW
GetDCEx
RealChildWindowFromPoint
WindowFromDC
CreateMenu
UnpackDDElParam
DrawFocusRect
MapWindowPoints
GetMessagePos
GrayStringW
DrawTextExW
TabbedTextOutW
GetCursor
DrawTextW
GetClassInfoW
DispatchMessageW
TranslateMessage
CharPrevW
CharNextW
LoadIconW
GetDesktopWindow
CharLowerW
GetPriorityClipboardFormat
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
EqualRect
ReleaseCapture
RegisterClassExW
GetSysColorBrush
DefWindowProcW
SetWindowRgn
SetRectEmpty
DrawFrameControl
GetMonitorInfoW
MonitorFromPoint
IsRectEmpty
SetCapture
GetCapture
KillTimer
SetTimer
SetMenuDefaultItem
DeleteMenu
GetMenuItemCount
AppendMenuW
CreatePopupMenu
GetSystemMenu
EnableMenuItem
GetSubMenu
LoadMenuW
LoadImageW
DestroyIcon
CreateIconFromResourceEx
GetIconInfo
EnableScrollBar
ClientToScreen
RedrawWindow
SetForegroundWindow
GetClientRect
GetParent
GetSysColor
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
OffsetRect
SystemParametersInfoW
GetDC
ReleaseDC
InvertRect
mouse_event
GetDoubleClickTime
OpenInputDesktop
GetUserObjectInformationW
GetWindowRgn
LookupIconIdFromDirectoryEx
IsWindowUnicode
GetWindowLongA
SetWindowLongA
ToUnicodeEx
GetKeyboardLayoutList
IsCharLowerW
VkKeyScanExW
MapVirtualKeyExW
EnumWindows
GetClipboardFormatNameW
GetTabbedTextExtentA
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SetWindowContextHelpId
InvalidateRgn
GetNextDlgGroupItem
GetSystemMetrics
RegisterClipboardFormatW
SetCursor
UpdateWindow
InflateRect
FillRect

gdi32

ScaleWindowExtEx
GetMapMode
SetRectRgn
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetCharWidthW
ScaleViewportExtEx
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextColor
GetWindowOrgEx
GetTextFaceW
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
PolyBezierTo
DeleteDC
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
DeleteObject
GetObjectW
GetBitmapBits
CreateCompatibleDC
CreateCompatibleBitmap
StretchBlt
CreateFontIndirectW
GetStockObject
OffsetRgn
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateRectRgn
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetViewportExtEx
CombineRgn
GetWindowExtEx
IntersectClipRect
EqualRgn
SelectObject
GetROP2
GetDIBits
SetDIBits
SetPixel
GetBkColor
BitBlt
Rectangle
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreatePen
CreateHatchBrush
GetTextMetricsW
CreateRectRgnIndirect
PatBlt
EnumFontFamiliesExW
SetBkColor
SetTextColor
ExtTextOutA
SetBkMode
MoveToEx
LineTo
GetViewportOrgEx
SetViewportOrgEx
DPtoLP
SetBrushOrgEx
CreateDCW
SetAbortProc
StartDocW
StartPage
EndPage
EndDoc
AbortDoc
CreateFontW
Polygon
StretchDIBits
SetTextAlign
TextOutA
GetBkMode
CreateBitmap
CreatePatternBrush
GetTextExtentExPointW
GetCurrentObject
SetTextJustification
CopyMetaFileW
CreateBrushIndirect
BeginPath
EndPath
StrokePath
GetBitmapDimensionEx
GetBoundsRect
PtInRegion
ExtCreateRegion
Polyline
ExtFloodFill
GetRgnBox
RoundRect
GetObjectA
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
ChoosePixelFormat
SetPixelFormat
GdiFlush
ExcludeClipRect
GetPixel

advapi32

CryptAcquireContextA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
IsTextUnicode
RegDeleteValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
SetFileSecurityW
GetFileSecurityW
RegEnumKeyW
RegSetValueW
CryptGenRandom
CryptReleaseContext
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegQueryValueW

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_DrawEx
ord13
ord14
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragShowNolock
ord17
ImageList_Destroy
ImageList_Duplicate
ImageList_ReplaceIcon

shlwapi

PathCombineW
UrlUnescapeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
UrlCreateFromPathW
UrlEscapeW
StrCmpIW
StrCmpLogicalW
StrStrW
SHStrDupW

uxtheme

SetWindowTheme
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
OpenThemeData
IsAppThemed
DrawThemeParentBackground
CloseThemeData

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VarBstrFromDate
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
SysStringLen
VariantCopy
LoadTypeLi
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr
VariantClear
VariantInit
SysAllocString
OleLoadPicturePath
VariantChangeTypeEx
VarCmp
SafeArrayCreateVector
OleCreateFontIndirect
GetErrorInfo
SafeArrayGetDim

oledlg

OleUIAddVerbMenuW
OleUIBusyW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

glu32

gluPerspective
gluLookAt
gluProject
gluUnProject

opengl32

glDeleteLists
glRotated
glNormal3d
glMultMatrixd
glVertex3d
glLineWidth
glDisable
glViewport
glShadeModel
glReadPixels
glPushMatrix
glPushAttrib
glPopMatrix
glPopAttrib
glMaterialfv
glLoadIdentity
glLightfv
glLightModelfv
glIsEnabled
glHint
glGetDoublev
glFrontFace
glFlush
glFinish
glEnable
glCullFace
glColorMaterial
glClearDepth
glClearColor
glClearAccum
glClear
glBlendFunc
glAccum
wglMakeCurrent
wglDeleteContext
wglCreateContext
glTranslated
glMatrixMode
glLoadMatrixf
glGetIntegerv
glGetFloatv
glEnd
glColor4f
glBegin

Exports

Exports

tree_sitter_bash
tree_sitter_c_sharp
tree_sitter_cpp
tree_sitter_css
tree_sitter_html
tree_sitter_java
tree_sitter_javascript
tree_sitter_json
tree_sitter_php
tree_sitter_python
tree_sitter_ruby
tree_sitter_typescript

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aebec2d0027a4f693a281fa285cf3a16

Code Sign

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7Certificate

Extended Key Usages

Key Usages

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6cCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7Certificate

Extended Key Usages

Key Usages

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6cCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c3:01:7c:72:7a:56:12:36:29:78:fd:87:d6:c5:6f:b2:f0:b7:1f:23:a7:23:4f:66:7a:7a:df:a4:d5:1f:ea:53Signer

52:cd:7d:2f:bf:bb:22:2b:ec:02:b9:59:6c:0a:7f:f0:a3:9c:b1:8fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpr

iphlpapi

winhttp

kernel32

user32

gdi32

advapi32

comctl32

shlwapi

uxtheme

oleaut32

oledlg

version

oleacc

glu32

opengl32

Exports

Exports

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 13.6MB - Virtual size: 13.6MB

.data Size: 130KB - Virtual size: 817KB

.rsrc Size: 3.4MB - Virtual size: 3.4MB

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6c
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

1c:cf:9d:67:cd:e2:19:ff:12:d9:9a:ff:36:82:e5:a7
Certificate

3e:52:72:98:db:e6:b6:93:88:b7:bc:34:1a:d0:14:6c
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c3:01:7c:72:7a:56:12:36:29:78:fd:87:d6:c5:6f:b2:f0:b7:1f:23:a7:23:4f:66:7a:7a:df:a4:d5:1f:ea:53
Signer

52:cd:7d:2f:bf:bb:22:2b:ec:02:b9:59:6c:0a:7f:f0:a3:9c:b1:8f
Signer

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 13.6MB - Virtual size: 13.6MB

.data
Size: 130KB - Virtual size: 817KB

.rsrc
Size: 3.4MB - Virtual size: 3.4MB