2024-06-16_92e8dce29e3daa342a6856bb356d85cf_icedid_silence

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-16_92e8dce29e3daa342a6856bb356d85cf_icedid_silence
Size

3.3MB
MD5

92e8dce29e3daa342a6856bb356d85cf
SHA1

c56a7193358c5348bd73e2b80111fee9b2e64775
SHA256

af07b0d7e4d0df32f208d857a0b505bae526a35543ec9d27eb3527379133a11d
SHA512

018ecce7ed1b1d1c535bcf4515f833c17010b6e9a1df3d2a3b565a9f83e4e784f88fd4f9b44d621d457b666af0f36038a5be9286751c30dd1a466cd0897ec8da
SSDEEP

98304:7HdtZoicwVC6co8vqJ8/eAtBjYkorByG6PqSLnbkxDzF5Xy:7HdtuvI8mARokHJnbkx6

Score

1^/10

Malware Config

Signatures

Files

2024-06-16_92e8dce29e3daa342a6856bb356d85cf_icedid_silence
.exe windows:5 windows x86 arch:x86

ca98416e602a0213bf7bcfc8140441f0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:75:ea:ae:b9:ba:84:e1:3f:03:08:fc:4b:63:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/09/2022, 00:00

Not After

01/10/2025, 23:59

Subject

CN=ESM SOFTWARE,O=ESM SOFTWARE,L=Pierrefonds,ST=Quebec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:2a:29:c2:96:2e:31:51:46:df:53:f9:44:dd:0a:18:91:9e:1f:e5:59:10:6b:92:53:73:dc:d9:ac:8c:d0:97
Signer

Actual PE Digest

42:2a:29:c2:96:2e:31:51:46:df:53:f9:44:dd:0a:18:91:9e:1f:e5:59:10:6b:92:53:73:dc:d9:ac:8c:d0:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Esm Software Projects\Transparent Screen Lock\Code v5\Password Lock Main Module\Password Lock Win2000 6.24 RFID\Release\Transparent Screen Lock.pdb

Imports

secur32

GetUserNameExA

netapi32

NetUserChangePassword
NetQueryDisplayInformation
NetApiBufferFree
NetUserEnum
NetUserGetGroups
NetGroupEnum
NetLocalGroupEnum
NetLocalGroupGetMembers
NetGetDCName
NetUserGetInfo

pwdlockhk

?SetIgnoreInject@@YGHH@Z
ResetTime
installhook

kernel32

GetStartupInfoW
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateSemaphoreW
GetTimeZoneInformation
GetFileAttributesExW
CreateFileW
FatalAppExitA
SetConsoleCtrlHandler
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
OutputDebugStringW
IsValidLocale
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
LockResource
LoadResource
SizeofResource
FindResourceW
GetTempPathA
DeleteFileA
WideCharToMultiByte
GetLastError
GetModuleFileNameA
ExitThread
GetVersionExA
WaitForSingleObject
CloseHandle
GetTickCount
MapViewOfFile
UnmapViewOfFile
lstrlenA
CreateEventA
OpenFileMappingA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LocalFree
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
GetCurrentThread
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
FormatMessageA
lstrcmpA
lstrcpyA
WaitForSingleObjectEx
LoadLibraryA
CreateProcessA
GetStartupInfoA
GetSystemDirectoryA
GetTempFileNameA
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapReAlloc
GetCommandLineA
PeekNamedPipe
GetFileType
GetFileInformationByHandle
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetStdHandle
FindFirstFileExA
RaiseException
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
VerifyVersionInfoA
VerSetConditionMask
SetErrorMode
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
SystemTimeToFileTime
LocalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetUserDefaultUILanguage
FindResourceExW
GetACP
GetAtomNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
LoadLibraryExA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
InterlockedDecrement
MulDiv
GlobalSize
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
ProcessIdToSessionId
SetStdHandle
HeapQueryInformation
SystemTimeToTzSpecificLocalTime
HeapSize
VirtualProtect
GetVersion
CreateToolhelp32Snapshot
Process32First
Process32Next
GetFileAttributesW
_llseek
_lread
_hread
_lwrite
_hwrite
_lclose
GlobalHandle
FindResourceA
ExpandEnvironmentStringsA
CopyFileA
RemoveDirectoryA
CreateDirectoryA
GetPriorityClass
SetThreadExecutionState
GetThreadPriority
SetThreadPriority
CreateMutexA
lstrcpynA
lstrcmpiA
ReleaseMutex
GetCurrentDirectoryA
SetCurrentDirectoryA
ResetEvent
SetEvent
SetSystemPowerState
Sleep
OpenFile
WriteFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
GetWindowsDirectoryA
lstrcatA
WinExec
GetComputerNameA
WritePrivateProfileStringA
OutputDebugStringA
CreateFileMappingA
GetShortPathNameA
LocalAlloc
FindNextFileA
FindFirstFileA
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
SetFilePointer
ReadFile
InterlockedExchange
InterlockedIncrement
GetFileAttributesA
ResumeThread
CreateThread

user32

GetTabbedTextExtentW
GetTabbedTextExtentA
WindowFromDC
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
InSendMessage
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetDCEx
EnumChildWindows
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
GetDoubleClickTime
SetClassLongA
LockWindowUpdate
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
SetParent
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
SetRectEmpty
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
DestroyIcon
IsIconic
DeleteMenu
CopyImage
RealChildWindowFromPoint
UnregisterClassA
GetSysColorBrush
GetDialogBaseUnits
ShowOwnedPopups
PostQuitMessage
LoadBitmapA
GetMenuItemInfoA
DestroyMenu
WindowFromPoint
IntersectRect
MapVirtualKeyA
GetKeyNameTextA
GetSystemMetrics
CharUpperA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
RemoveMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
MapDialogRect
GetWindowLongA
RemovePropA
GetPropA
SetPropA
SetActiveWindow
IsWindowEnabled
GetCapture
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
GetDlgItem
UpdateWindow
LoadIconA
GetKeyState
IsWindowVisible
GetMessageA
LoadBitmapW
UnhookWinEvent
SetWinEventHook
ShowCursor
LoadIconW
GetForegroundWindow
GetTopWindow
MessageBoxA
ExitWindowsEx
GetCursorPos
InsertMenuA
GetSystemMenu
SetWindowPos
CopyIcon
SetWindowLongA
PtInRect
InflateRect
GetSysColor
ScreenToClient
MessageBeep
GetMessagePos
RegisterRawInputDevices
EnumWindows
FindWindowExA
OffsetRect
GetWindowTextA
SetForegroundWindow
ShowWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetDesktopWindow
KillTimer
SetTimer
keybd_event
CopyRect
GetClientRect
FillRect
GetWindowRect
InvalidateRect
ReleaseDC
GetDC
GetParent
IsWindow
BlockInput
SystemParametersInfoA
GetWindowThreadProcessId
WaitForInputIdle
PostMessageA
SendNotifyMessageA
SendMessageTimeoutA
RegisterWindowMessageA
GetUserObjectInformationA
GetProcessWindowStation
GetThreadDesktop
CloseDesktop
OpenInputDesktop
wsprintfA
LoadCursorA
GetClassNameA
FindWindowA
SetCursor
EnableWindow
SendMessageA
IsDialogMessageA

gdi32

DPtoLP
EnumFontFamiliesExA
GetSystemPaletteEntries
GetBkColor
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
GetRgnBox
OffsetRgn
CreateRoundRectRgn
CreateFontA
GetCharWidthA
GetCurrentObject
RoundRect
FrameRgn
PtInRegion
SetRectRgn
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
CombineRgn
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
CreatePen
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
SetPixelV
GetMapMode
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
GetPaletteEntries
GetNearestPaletteIndex
CreateDCA
CopyMetaFileA
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
ExcludeClipRect
Escape
CreateRectRgn
CreateBitmap
CreateHatchBrush
CreateFontIndirectA
GetObjectA
CreateSolidBrush
CreatePalette
DeleteObject
RealizePalette
SelectPalette
StretchDIBits
SetStretchBltMode
DeleteDC
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
GetTextMetricsA
EndDoc
CreateDIBPatternBrushPt
GetTextExtentPoint32A
GetBitmapBits
GetDeviceCaps
GetDIBits
SetBitmapBits
GetClipBox
CreateDIBitmap
SetDIBitsToDevice
CreatePatternBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameA

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

CloseServiceHandle
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExW
RegSetValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueA
CreateProcessAsUserA
GetUserNameA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
CopySid
AccessCheck
DuplicateToken
ReportEventA
RegisterEventSourceA
DeregisterEventSource
OpenServiceA
OpenSCManagerA
ControlService
IsValidSid
LsaNtStatusToWinError
LsaRetrievePrivateData
LsaStorePrivateData
LsaOpenPolicy
LsaClose
LsaFreeMemory
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
CheckTokenMembership
DuplicateTokenEx
ImpersonateLoggedOnUser
LookupAccountSidA
GetLengthSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
FreeSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
RevertToSelf
LogonUserA
LookupAccountNameA
AllocateAndInitializeSid
EqualSid

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExA
ExtractIconA
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
ord680
FindExecutableA
ShellExecuteA
SHAddToRecentDocs

comctl32

_TrackMouseEvent

shlwapi

PathRemoveExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA

uxtheme

CloseThemeData
GetWindowTheme
GetThemeSysColor
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
IsAppThemed
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

ole32

StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CreateStreamOnHGlobal
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoInitialize
OleCreateFromFile
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
StgCreateDocfileOnILockBytes
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateOleAdviseHolder
CreateDataAdviseHolder
GetRunningObjectTable
CoGetMalloc
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleRegEnumVerbs
OleRegGetMiscStatus
PropVariantCopy
OleRun
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
ReadFmtUserTypeStg
OleLoad
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
CoCreateGuid
CreateFileMoniker

oleaut32

SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
VarCyFromStr
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SystemTimeToVariantTime
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SafeArrayPtrOfIndex
VariantCopy
VariantTimeToSystemTime
VarDateFromStr
SafeArrayDestroy
SysStringLen
SysFreeString

oledlg

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca98416e602a0213bf7bcfc8140441f0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

01:24:75:ea:ae:b9:ba:84:e1:3f:03:08:fc:4b:63:19Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

42:2a:29:c2:96:2e:31:51:46:df:53:f9:44:dd:0a:18:91:9e:1f:e5:59:10:6b:92:53:73:dc:d9:ac:8c:d0:97Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

secur32

netapi32

pwdlockhk

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 615KB - Virtual size: 615KB

.data Size: 39KB - Virtual size: 206KB

.rsrc Size: 256KB - Virtual size: 256KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

01:24:75:ea:ae:b9:ba:84:e1:3f:03:08:fc:4b:63:19
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

42:2a:29:c2:96:2e:31:51:46:df:53:f9:44:dd:0a:18:91:9e:1f:e5:59:10:6b:92:53:73:dc:d9:ac:8c:d0:97
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 615KB - Virtual size: 615KB

.data
Size: 39KB - Virtual size: 206KB

.rsrc
Size: 256KB - Virtual size: 256KB