b8213ace8282a12a29cb4d3416820fd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8213ace8282a12a29cb4d3416820fd4_JaffaCakes118
Size

31.9MB
MD5

b8213ace8282a12a29cb4d3416820fd4
SHA1

a91ea2365498dbc50894b05b4b519dad4638cfa9
SHA256

39d5d3047af0cba47a24c72941654db9697e23a408803f4c4b18987e45070878
SHA512

88e367e18a26ec45828bba5bad92fcc39001748b539dbfe352d0f183a667d728b761600dea3a7a960c472cce1eee975d7c0a69df2ac9de91d8cb3d548a2123f2
SSDEEP

393216:I1/sviN/SQn6PP4kQEOFtgmJXXeJsFpsIGpiBP/mzg9XcBx5cGiW4aTqL:UJiPQtJJX57Gq7MdcQTy

Score

1^/10

Malware Config

Signatures

Files

b8213ace8282a12a29cb4d3416820fd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d89e401d19aaeca9558f263f313fda2

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1c
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20/10/2017, 00:00

Not After

20/10/2019, 23:59

Subject

CN=COVERT PRAGUE s.r.o.,O=COVERT PRAGUE s.r.o.,POSTALCODE=16400,STREET=V hliništi 890,L=Praha,ST=Nebušice,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1c
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20/10/2017, 00:00

Not After

20/10/2019, 23:59

Subject

CN=COVERT PRAGUE s.r.o.,O=COVERT PRAGUE s.r.o.,POSTALCODE=16400,STREET=V hliništi 890,L=Praha,ST=Nebušice,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b0:b3:62:a1:e9:1d:bd:1a:e8:7c:1f:9b:7f:ed:61:66:5a:40:0a:2f:30:1e:98:8b:32:84:ba:fc:c3:40:7e:05
Signer

Actual PE Digest

b0:b3:62:a1:e9:1d:bd:1a:e8:7c:1f:9b:7f:ed:61:66:5a:40:0a:2f:30:1e:98:8b:32:84:ba:fc:c3:40:7e:05

Digest Algorithm

sha256

PE Digest Matches

true

c4:c1:f4:4f:11:41:94:c0:fe:85:cc:fd:de:f8:55:2d:9d:4c:43:0f
Signer

Actual PE Digest

c4:c1:f4:4f:11:41:94:c0:fe:85:cc:fd:de:f8:55:2d:9d:4c:43:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GlobalAddAtomA
FindResourceA
SetEnvironmentVariableA
GetOEMCP
GetACP
GetLocaleInfoW
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetStdHandle
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
Sleep
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
VirtualAlloc
VirtualFree
HeapFree
HeapReAlloc
HeapAlloc
FatalAppExitA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
ExitThread
CreateThread
RaiseException
GetStartupInfoW
GetModuleFileNameA
OutputDebugStringA
GetStdHandle
DebugBreak
MoveFileA
ExitProcess
RtlUnwind
HeapValidate
CopyFileW
GlobalSize
SetFileAttributesW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetTickCount
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetTempFileNameW
GetShortPathNameW
GetStringTypeExW
GetVolumeInformationW
DeleteFileW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
SetErrorMode
FindResourceExW
OutputDebugStringW
GetThreadLocale
GetCurrentDirectoryW
GetPrivateProfileIntW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProfileIntW
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFlags
FindNextFileW
FindFirstFileW
FindClose
CreateEventW
SetEvent
WaitForSingleObject
lstrcmpW
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
lstrcmpA
LoadLibraryA
GetCurrentThreadId
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
lstrcpynW
GetModuleHandleA
SetLastError
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
GetModuleHandleW
GetFileAttributesW
GetModuleFileNameW
GetFullPathNameW
WideCharToMultiByte
lstrcatW
WinExec
LoadLibraryExW
FreeLibrary
GetWindowsDirectoryW
WritePrivateProfileStringW
CreateProcessW
FormatMessageW
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32NextW
GetPrivateProfileStringW
SizeofResource
GetDriveTypeW
CreateDirectoryW
LocalAlloc
LocalFree
GetLastError
IsDebuggerPresent
GetVersionExW
GetLogicalDrives
GetCurrentProcess
GetProcAddress
LoadLibraryW
lstrcpyW
MulDiv
GetDiskFreeSpaceExW
CreateFileW
WriteFile
CloseHandle
lstrlenW
lstrcmpiW
FreeResource
FindResourceW
LoadResource
LockResource
GetCPInfo
lstrlenA
GetVersion
InterlockedExchange

user32

TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowPlacement
DeferWindowPos
DefWindowProcW
GetDlgCtrlID
GetKeyState
OpenIcon
CloseWindow
LoadCursorW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
MapDialogRect
EnableWindow
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetTopWindow
GetWindow
FindWindowW
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
RegisterClassW
UpdateWindow
MapWindowPoints
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
DrawMenuBar
SetMenu
GetMenu
PeekMessageW
PostQuitMessage
GetWindowDC
ClientToScreen
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectW
LoadMenuW
SetMenuItemBitmaps
RemoveMenu
ModifyMenuW
SendDlgItemMessageA
GetSubMenu
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
CheckMenuItem
AppendMenuW
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringW
GetTabbedTextExtentW
DrawTextW
DrawFocusRect
DrawFrameControl
DrawIcon
InvertRect
FrameRect
ExcludeUpdateRgn
WindowFromDC
LoadBitmapW
SubtractRect
GetMenuItemInfoW
GetSysColor
UnregisterClassW
GetWindowTextLengthA
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
UnionRect
IntersectRect
OffsetRect
InflateRect
EqualRect
SetRectEmpty
PtInRect
IsRectEmpty
CopyRect
TabbedTextOutW
IsWindow
DestroyMenu
DrawStateW
DrawEdge
CreateWindowExW
SetFocus
DestroyWindow
GetParent
GetClassInfoW
wsprintfW
MessageBoxW
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
AdjustWindowRectEx
GetUpdateRect
DispatchMessageW
GetClientRect
SetWindowPos
SetForegroundWindow
SetTimer
GetSystemMenu
EnableMenuItem
BeginPaint
EndPaint
WinHelpW
GetWindowRect
MoveWindow
KillTimer
EndDialog
GetCursorPos
ScreenToClient
DialogBoxIndirectParamW
LoadIconW
GetActiveWindow
GetLastActivePopup
LoadStringW
CopyIcon
MessageBeep
ExitWindowsEx
GetWindowLongW
SetWindowLongW
SetRect
LoadImageW
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
SendMessageW
PostMessageW
SetCursor
IsMenu
DestroyCursor
GetSysColorBrush
FillRect
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
SystemParametersInfoW
DestroyIcon
DrawIconEx
GetSystemMetrics
SendDlgItemMessageW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
SetWindowTextW
ShowWindow
IsWindowEnabled
GetMenuCheckMarkDimensions
CreateDialogIndirectParamW
wvsprintfW
TranslateMessage
GetMessageW
GetAsyncKeyState
ReleaseCapture
SetCursorPos
LoadAcceleratorsW
TranslateAcceleratorW
ReuseDDElParam
UnpackDDElParam
wsprintfA
GetClipboardFormatNameA
GetClipboardFormatNameW
GetDialogBaseUnits
WaitMessage
GetWindowThreadProcessId
CharNextW
CopyAcceleratorTableW
CharUpperW
RegisterClipboardFormatW
InSendMessage
GetTabbedTextExtentA
InsertMenuW
IsClipboardFormatAvailable

gdi32

CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateICW
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
FloodFill
ExtFloodFill
GetTextAlign
GetTextFaceW
GetTextCharacterExtra
GetCharWidthW
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCW
GetOutlineTextMetricsW
GetCharABCWidthsW
GetFontData
GetKerningPairsW
GetGlyphOutlineW
CreateRectRgnIndirect
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatW
GetCharWidthFloatW
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SaveDC
RestoreDC
SelectPalette
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetTextExtentPointA
ExtTextOutA
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontW
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
ExtCreatePen
CreatePenIndirect
GetObjectType
UnrealizeObject
ExtTextOutW
CloseEnhMetaFile
CreateEnhMetaFileW
CloseMetaFile
CreateMetaFileW
SetTextJustification
TextOutW
CreateFontIndirectW
CreateDIBitmap
SetBkMode
GetTextMetricsW
CreatePen
MoveToEx
LineTo
StretchBlt
GetTextExtentPoint32W
DeleteDC
DeleteObject
CreateSolidBrush
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
GetStockObject
SetTextColor
SetBkColor
CreateBitmap
CreateCompatibleBitmap
SetPixel
GetPixel
GetObjectW
GetDeviceCaps
StartDocW
DeleteMetaFile
CopyMetaFileW
EnumFontFamiliesExW
GetDCOrgEx
StretchDIBits
PlayMetaFile
EnumMetaFile
CreateDCW

comdlg32

PrintDlgW
PageSetupDlgW
GetFileTitleW
ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
RegSetValueW
SetFileSecurityW
GetFileSecurityW

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHFileOperationW
ShellExecuteExW
ExtractIconW

comctl32

ImageList_GetIconSize
_TrackMouseEvent
ImageList_GetIcon
ImageList_GetImageCount
ord17
ImageList_AddMasked
ord13
ImageList_Destroy
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Write
ord14
ImageList_Add
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_Draw
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ord8
ImageList_SetImageCount
ImageList_Copy
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Create

oledlg

OleUIInsertObjectW
OleUIConvertW
OleUIChangeIconW
OleUIEditLinksW
OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIBusyW

ole32

OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
OleSetContainedObject
OleLockRunning
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleLoad
OleQueryCreateFromData
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleCreate
OleCreateLinkToFile
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsRunning
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgIsStorageILockBytes
CoRevokeClassObject
OleSave
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleIsCurrentClipboard
OleCreateFromData

olepro32

ord253

oleaut32

VarCyFromStr
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayCreate
SysStringByteLen
SysAllocStringByteLen
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
DosDateTimeToVariantTime
SysStringLen
LoadTypeLi

winmm

PlaySoundW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29.1MB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d89e401d19aaeca9558f263f313fda2

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1cCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1cCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

b0:b3:62:a1:e9:1d:bd:1a:e8:7c:1f:9b:7f:ed:61:66:5a:40:0a:2f:30:1e:98:8b:32:84:ba:fc:c3:40:7e:05Signer

c4:c1:f4:4f:11:41:94:c0:fe:85:cc:fd:de:f8:55:2d:9d:4c:43:0fSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 174KB - Virtual size: 173KB

.data Size: 123KB - Virtual size: 146KB

.idata Size: 25KB - Virtual size: 24KB

.rsrc Size: 29.1MB - Virtual size: 29.1MB

.reloc Size: 172KB - Virtual size: 171KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1c
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

48:6e:9f:a8:42:1a:b0:b6:4d:d9:bb:74:d0:f2:74:1c
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

b0:b3:62:a1:e9:1d:bd:1a:e8:7c:1f:9b:7f:ed:61:66:5a:40:0a:2f:30:1e:98:8b:32:84:ba:fc:c3:40:7e:05
Signer

c4:c1:f4:4f:11:41:94:c0:fe:85:cc:fd:de:f8:55:2d:9d:4c:43:0f
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 174KB - Virtual size: 173KB

.data
Size: 123KB - Virtual size: 146KB

.idata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 29.1MB - Virtual size: 29.1MB

.reloc
Size: 172KB - Virtual size: 171KB