bugreport[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bugreport.exe
Size

410KB
MD5

fc5cea321ac31f03964bf6384b5bfa30
SHA1

59a8b30ffd65d8339caa1c73b48e6ed8c12639eb
SHA256

205addaf844478fa7ffb2405dd53cf1f9a3bbeafe39de4f6d052f0d4ae4f25b0
SHA512

7d9050774756e62b8be54629212d29fec932435bd911af0a4038c4aae7304d422c9a5b6c6930efaabc99eb294b7a76f25baba86ebdeda8ef4c5047db12371e32
SSDEEP

12288:arlnMzqCe7VcGC5DRpT3v94gDf9iKZRCIi:axyuabDRpTl4yf9igoF

Score

1^/10

Malware Config

Signatures

Files

bugreport.exe
.exe windows:5 windows x86 arch:x86

5afff36c96e38c2019cd1cc929959d9b

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/08/2023, 00:00

Not After

15/08/2026, 23:59

Subject

SERIALNUMBER=91310114MA1GWA6R46,CN=Shanghai Baizhi Network Technology Co.\, Ltd.,O=Shanghai Baizhi Network Technology Co.\, Ltd.,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/08/2023, 00:00

Not After

15/08/2026, 23:59

Subject

SERIALNUMBER=91310114MA1GWA6R46,CN=Shanghai Baizhi Network Technology Co.\, Ltd.,O=Shanghai Baizhi Network Technology Co.\, Ltd.,ST=上海市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:60:7e:af:ac:6e:15:5f:c7:81:c3:6a:0e:e2:d2:0e:04:36:84:a6:2e:aa:13:9b:52:aa:e0:a1:5b:a9:df:d6
Signer

Actual PE Digest

6c:60:7e:af:ac:6e:15:5f:c7:81:c3:6a:0e:e2:d2:0e:04:36:84:a6:2e:aa:13:9b:52:aa:e0:a1:5b:a9:df:d6

Digest Algorithm

sha256

PE Digest Matches

true

5d:a2:c0:b0:5a:07:c0:7a:4f:fc:69:2b:61:53:52:91:1f:69:b1:e2
Signer

Actual PE Digest

5d:a2:c0:b0:5a:07:c0:7a:4f:fc:69:2b:61:53:52:91:1f:69:b1:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\build\trunk_en_9.0_助手\simulator\bin\bugreport.pdb

Imports

kernel32

MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
FlushInstructionCache
GetCurrentProcess
ExitProcess
SetLastError
MulDiv
lstrcmpW
CreateProcessW
GlobalMemoryStatus
OpenProcess
ReadProcessMemory
SetEvent
FindClose
GetLocalTime
GetSystemInfo
GetDriveTypeW
FindFirstFileW
GetComputerNameA
LoadLibraryW
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrlenW
FindResourceW
lstrcpynW
GetVersionExW
WideCharToMultiByte
GetFileTime
FileTimeToSystemTime
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
EncodePointer
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
lstrcmpiW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetCurrentThreadId
RaiseException
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DecodePointer
CreateFileW
CreateDirectoryW
GetTempPathW
CloseHandle
SetFilePointer
ReadFile
WriteFile
GetFileSize
IsDebuggerPresent

user32

DestroyWindow
CharNextW
RegisterWindowMessageW
SendMessageW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
UnregisterClassW
IsWindow
IsChild
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
IsDlgButtonChecked
DefWindowProcW
CreateWindowExW
DestroyCursor
PtInRect
SetCursor
DrawTextW
CreateDialogParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetMonitorInfoW
MonitorFromWindow
IsDialogMessageW
LoadImageW
LoadCursorW
GetWindow
GetDlgCtrlID
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
FillRect
GetSysColor
MapWindowPoints
ScreenToClient
ClientToScreen
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetSystemMetrics
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetFocus
SetFocus
GetClassNameW

gdi32

SetBkMode
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
SetTextColor
BitBlt
CreateCompatibleBitmap

advapi32

RegOpenKeyExW
GetUserNameA
RegSetValueExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoInitializeEx
CoTaskMemRealloc

oleaut32

VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayDestroy
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SafeArrayCreate
SafeArrayAccessData

comctl32

InitCommonControlsEx

msvcp120

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Thrd_current
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Xtime_get_ticks
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
_Cnd_signal
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?_Release@_Pad@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
??_7facet@locale@std@@6B@
??_7_Facet_base@std@@6B@
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Future_error_map@std@@YAPBDH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
?id@?$codecvt@DDH@std@@2V0locale@2@A
_Cnd_init
_Mtx_unlock
_Mtx_lock
_Mtx_destroy
_Mtx_init
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?uncaught_exception@std@@YA_NXZ
_Mtx_current_owns
_Cnd_timedwait
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_detach
_Thrd_join
_Thrd_equal
??0_Pad@std@@QAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
??1_Pad@std@@QAE@XZ
_Cnd_destroy
_Cnd_wait
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Throw_C_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
_Getcoll
_Strcoll
_Strxfrm
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
??0facet@locale@std@@IAE@I@Z
?classic@locale@std@@SAABV12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?tolower@?$ctype@D@std@@QBEDD@Z

msvcr120

ungetc
_lock_file
_unlock_file
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
isdigit
isalnum
ferror
fopen
fread
_ftelli64
rand
srand
exit
memchr
atoll
strtoull
sscanf
realloc
isspace
_gmtime64_s
_mkgmtime64
atoi
strncmp
getenv
_localtime64_s
isalpha
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
??1type_info@@UAE@XZ
_except_handler4_common
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
_except1
_vsnprintf_s
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
fwrite
_fseeki64
fsetpos
fputc
fgetpos
fgetc
fflush
fclose
tolower
_snwprintf
_localtime64
strftime
sprintf_s
wcsftime
wcsrchr
strrchr
_snprintf_s
swprintf_s
memmove_s
_purecall
wcsncpy_s
memcpy_s
_recalloc
malloc
free
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
_time64
_snwprintf_s
wcsstr
wcsncat_s
wcschr
strstr
strchr
memmove
??_V@YAXPAX@Z
_wcstoi64
wcstoul
??2@YAPAXI@Z
??3@YAXPAX@Z
setvbuf

ws2_32

WSAStartup

psapi

GetProcessMemoryInfo

libcurl

curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_init
curl_global_cleanup
curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo
curl_easy_reset
curl_easy_setopt
curl_global_init

libeay32

ord333
ord323
ord270
ord2936
ord269
ord3109
ord3883
ord2925
ord962
ord2712
ord2630

Sections

.text
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5afff36c96e38c2019cd1cc929959d9b

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

6c:60:7e:af:ac:6e:15:5f:c7:81:c3:6a:0e:e2:d2:0e:04:36:84:a6:2e:aa:13:9b:52:aa:e0:a1:5b:a9:df:d6Signer

5d:a2:c0:b0:5a:07:c0:7a:4f:fc:69:2b:61:53:52:91:1f:69:b1:e2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msvcp120

msvcr120

ws2_32

psapi

libcurl

libeay32

Sections

.text Size: 263KB - Virtual size: 263KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 9KB - Virtual size: 27KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 16KB - Virtual size: 15KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:42:7d:e0:3b:67:1d:c4:64:de:f6:c3:8b:ee:92:16
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

6c:60:7e:af:ac:6e:15:5f:c7:81:c3:6a:0e:e2:d2:0e:04:36:84:a6:2e:aa:13:9b:52:aa:e0:a1:5b:a9:df:d6
Signer

5d:a2:c0:b0:5a:07:c0:7a:4f:fc:69:2b:61:53:52:91:1f:69:b1:e2
Signer

.text
Size: 263KB - Virtual size: 263KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 9KB - Virtual size: 27KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 15KB