5deee7047ac0dc407ccc82e852910e55384e04c61474c8c28bb31581ce174198

Sharing

Copy URL Twitter E-mail

General

Target

5deee7047ac0dc407ccc82e852910e55384e04c61474c8c28bb31581ce174198
Size

4.6MB
MD5

64866b15b08f7428d5a8039c9452b32b
SHA1

ecd63c04cf37ffeee05144d15980455d500f47a9
SHA256

5deee7047ac0dc407ccc82e852910e55384e04c61474c8c28bb31581ce174198
SHA512

98a5157c866fc7acea379660a676ed2461b84a525bb90a30f7afb7ff09d5d7a989ddd13803e519e8fdcecdba8eec4643e81f2d9694bdb9836ce69f64e6e4fdb4
SSDEEP

98304:HAlI6QepnJcV0P/53PC1tUEMccr0oBFLOAkGkzdnEVomFHKnPZI:s560RdEncr0oBFLOyomFHKnPZI

Score

1^/10

Malware Config

Signatures

Files

5deee7047ac0dc407ccc82e852910e55384e04c61474c8c28bb31581ce174198
.dll windows:6 windows x86 arch:x86

97f1ff3f756feed89f7611714ac1b113

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2
Signer

Actual PE Digest

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2

Digest Algorithm

sha256

PE Digest Matches

true

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2
Signer

Actual PE Digest

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\mfc140u.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExpandEnvironmentStringsA
LoadLibraryExA
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
TerminateProcess
LockResource
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
RaiseException
GetSystemInfo
VirtualQuery
GetSystemDefaultUILanguage
FormatMessageA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
GetTickCount64
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
GetTempFileNameW
VirtualProtect
lstrcpyA
CompareStringW
IsDBCSLeadByte
GetCurrentThread
GetVersionExW
WideCharToMultiByte
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetUserDefaultLCID
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
SizeofResource

vcruntime140

__current_exception
__current_exception_context
_except_handler4_common
memcmp
wcsrchr
wcsstr
wcschr
_purecall
memmove
memset
memcpy
__std_terminate
__CxxFrameHandler3
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_recalloc
_expand
_msize
calloc

api-ms-win-crt-runtime-l1-1-0

__p___argc
_endthread
__p___wargv
_resetstkoflw
_errno
_beginthreadex
_initterm_e
_initterm
terminate
_cexit
_endthreadex
_beginthread
_invalid_parameter_noinfo
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
__doserrno

api-ms-win-crt-string-l1-1-0

wcscspn
wcsspn
_strnicmp
_wcsupr_s
iswspace
wcscmp
wmemcpy_s
wcsnlen
toupper
wcscoll
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
wcspbrk
iswalnum
iswprint
towupper
towlower
wcsncpy_s
strnlen
_wcslwr_s
wcscat_s
_wcsrev
wcslen
strcpy_s
_wcsdup
strlen
_wcsnicmp
iswalpha
_wcsicmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fgetws
fflush
fclose
fseek
__stdio_common_vsprintf_s
__stdio_common_vswscanf
_get_osfhandle
_fileno
_open_osfhandle
ftell
__stdio_common_vswprintf_s
__stdio_common_vswprintf
fread
fputws
feof
fwrite
clearerr_s
ferror
__stdio_common_vsnwprintf_s

api-ms-win-crt-utility-l1-1-0

labs
abs
rand_s
ldiv

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstod
wcstoul
_wtol
wcstol
_ltow_s
_ultow_s
_wtoi

api-ms-win-crt-math-l1-1-0

ceil
exp
sqrt
atan2
cos
sin
floor
_fdopen
fabs

api-ms-win-crt-time-l1-1-0

_localtime64_s
_mktime64
clock
_time64

api-ms-win-crt-filesystem-l1-1-0

_wfullpath
_wsplitpath_s
_wmakepath_s

api-ms-win-crt-multibyte-l1-1-0

_mbscspn
_mbsicmp
_mbsstr
_ismbcspace
_mbsrchr
_mbscmp
_mbscoll
_mbschr
_mbspbrk
_mbsspn
_mbsinc
_mbsrev
_mbsicoll
_mbslwr_s
_mbsupr_s

user32

LoadAcceleratorsW
TranslateAcceleratorW
GetSystemMetrics
DestroyMenu
LoadMenuW
GetSubMenu
PostThreadMessageW
GetClassInfoW
DefWindowProcW
GetWindow
GetMenuItemCount
IsWindowVisible
IsIconic
GetForegroundWindow
DrawIcon
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
ValidateRect
SetLayeredWindowAttributes
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetUpdateRect
UnionRect
SetWindowPos
LockWindowUpdate
GetKeyState
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuW
CreatePopupMenu
IntersectRect
SetScrollPos
EnableMenuItem
GetNextDlgTabItem
GetSystemMenu
IsMenu
IsZoomed
ModifyMenuW
DeleteMenu
SetWindowRgn
DestroyAcceleratorTable
GetTopWindow
DestroyWindow
MonitorFromRect
EnumDisplayMonitors
GetSysColor
GetClassLongW
IsClipboardFormatAvailable
DestroyCursor
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
CharUpperW
SetWindowTextW
GetMenuState
CheckMenuItem
SetFocus
GetMenuItemInfoW
DrawFrameControl
SubtractRect
GetLastActivePopup
GetMessageW
UpdateLayeredWindow
EnableScrollBar
GetScrollPos
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
GetDC
ReleaseDC
GetWindowRgn
FrameRect
ShowScrollBar
IsWindowEnabled
InsertMenuW
GetActiveWindow
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
DrawEdge
PostQuitMessage
UnregisterClassW
GetCapture
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
SetMenuItemBitmaps
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CallWindowProcW
SetActiveWindow
CreateMenu
MoveWindow
InvalidateRgn
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowTextLengthW
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
BeginPaint
EndPaint
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
InvalidateRect
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
LoadImageW
CopyImage
GetIconInfo
FillRect
NotifyWinEvent
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
ScreenToClient
ShowOwnedPopups
GetCursorPos
GetMenuItemID
RedrawWindow

gdi32

GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutW
Polyline
SetDIBColorTable
GetDIBits
SelectPalette
StretchBlt
SetBkColor
CreateBitmap
EnumFontFamiliesExW
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
DeleteDC
GetCurrentObject
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesW
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetBkColor
SetPixel
Ellipse
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetPaletteEntries
GetStockObject
Rectangle
RectVisible
GetTextColor
GetObjectType
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
Escape
TextOutW
GetClipBox
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
PtVisible
Polygon

ole32

OleRegGetMiscStatus
CoCreateInstance
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
WriteClassStg
GetRunningObjectTable
OleTranslateAccelerator
IsAccelerator
OleUninitialize
CoInitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
OleDraw
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
OleIsCurrentClipboard
CoCreateGuid
CoUninitialize
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
PropVariantClear
RevokeDragDrop
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReleaseStgMedium
CoTaskMemAlloc
CreateDataAdviseHolder
CreateDataCache
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarParseNumFromStr
SafeArrayCreateVector
VarBstrFromDec
VarDecFromStr
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SafeArrayDestroy
VariantCopy
VarBstrCmp
DispCallFunc
VariantInit
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
OleTranslateColor
OleCreatePropertyFrame
VarBstrFromDate

shlwapi

StrFormatKBSizeW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

uxtheme

DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground
GetThemeColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f1ff3f756feed89f7611714ac1b113

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8Certificate

Extended Key Usages

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14Certificate

Key Usages

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2Signer

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

user32

gdi32

ole32

oleaut32

shlwapi

imm32

uxtheme

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.data Size: 41KB - Virtual size: 56KB

.idata Size: 21KB - Virtual size: 20KB

.didat Size: 1024B - Virtual size: 676B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 231KB - Virtual size: 231KB

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2
Signer

39:5c:f6:0a:65:01:c5:3a:9d:ae:36:41:e1:a2:85:8b:19:24:a4:39:31:75:a8:6f:ff:da:09:ae:60:04:c7:d2
Signer

.text
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 41KB - Virtual size: 56KB

.idata
Size: 21KB - Virtual size: 20KB

.didat
Size: 1024B - Virtual size: 676B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 231KB - Virtual size: 231KB