2024-06-19_10e808ad919ad0802490037da76ed037_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-19_10e808ad919ad0802490037da76ed037_ryuk
Size

4.5MB
MD5

10e808ad919ad0802490037da76ed037
SHA1

2ffc9880d347d26ca0563b2bf8e49d201abcc9d1
SHA256

87b018ff31d8c17fd959cc9b68908c1ebe49258def4d9fe6fa0bc9fa93f23230
SHA512

a85d71439602e689f4397a4c4b4fa94669c4167f0b78ecca5848245bee208a00404017573b67d1a2c0dfddf1415ab610c60165393d102b8c10591e0cf37e7744
SSDEEP

98304:vHIJ9GaOqoqlQLKm53Y+FLOAkGkzdnEVomFHKnPX:voJ7OqEvY+FLOyomFHKnPX

Score

1^/10

Malware Config

Signatures

Files

2024-06-19_10e808ad919ad0802490037da76ed037_ryuk
.exe windows:6 windows x64 arch:x64

611e616a1e5359cff6d790447c2ef220

Code Sign

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/04/2021, 00:00

Not After

26/04/2024, 23:59

Subject

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/04/2021, 00:00

Not After

26/04/2024, 23:59

Subject

CN=HTC CORPORATION,O=HTC CORPORATION,ST=New Taipei City,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f5:4f:51:c8:00:5e:1f:61:66:58:61:71:62:b5:f8:f5:dc:f7:b2:a5:35:9c:9e:10:d3:1f:ac:ad:53:f5:38:b0
Signer

Actual PE Digest

f5:4f:51:c8:00:5e:1f:61:66:58:61:71:62:b5:f8:f5:dc:f7:b2:a5:35:9c:9e:10:d3:1f:ac:ad:53:f5:38:b0

Digest Algorithm

sha256

PE Digest Matches

true

45:f5:34:48:ae:b9:f3:58:3a:30:bb:82:f4:d0:76:0a:35:96:f7:8c
Signer

Actual PE Digest

45:f5:34:48:ae:b9:f3:58:3a:30:bb:82:f4:d0:76:0a:35:96:f7:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\HTC\HUS_OOBE\FirmwareUpdateManager\x64\Release\FirmwareUpdateManager.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetACP
IsProcessorFeaturePresent
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
ExitProcess
RtlUnwindEx
RtlPcToFileHeader
GetCPInfo
LCMapStringW
GetStringTypeW
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetTempFileNameW
FindResourceExW
GetTickCount
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
VirtualProtect
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GlobalGetAtomNameW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
FreeResource
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetThreadLocale
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpiW
GetModuleHandleExW
GetModuleHandleW
DuplicateHandle
OutputDebugStringA
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThread
SetLastError
FormatMessageW
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FlushFileBuffers
ReleaseMutex
GetCurrentThreadId
FindClose
FindNextFileW
FindFirstFileW
SystemTimeToFileTime
SetFilePointer
ReadFile
WriteFile
GetFileSize
CreateFileW
DeleteFileW
GetTimeZoneInformation
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
MulDiv
WritePrivateProfileStringW
CreateMutexW
WideCharToMultiByte
GetCurrentProcess
MultiByteToWideChar
TerminateThread
LoadLibraryW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateEventW
CreateThread
ResetEvent
WaitForMultipleObjects
FreeLibrary
GetProcAddress
LoadLibraryA
GetUserPreferredUILanguages
K32EnumProcesses
K32GetModuleBaseNameW
K32GetProcessImageFileNameW
GetLastError
K32GetModuleFileNameExW
QueryFullProcessImageNameW
SetEvent
LocalFree
GetCommandLineW
WriteConsoleW
Sleep
GetTempPathW
GetCurrentProcessId
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
CopyFileW
GetLocalTime
CreateDirectoryW
TerminateProcess
CloseHandle
WaitForSingleObject
OpenProcess
GetFileType

user32

MessageBeep
GetNextDlgGroupItem
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoW
CopyImage
WindowFromPoint
WaitMessage
GetSysColorBrush
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
FillRect
InvalidateRect
DrawStateW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
DestroyIcon
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetLastActivePopup
GetWindowThreadProcessId
ShowOwnedPopups
CallNextHookEx
RegisterClipboardFormatW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
InsertMenuItemW
CheckMenuItem
IsDialogMessageW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
PostMessageW
LoadIconW
SetWindowLongW
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowEnabled
GetFocus
SetFocus
GetDlgCtrlID
CheckDlgButton
GetDlgItem
ShowWindow
DestroyMenu
GetMenuItemInfoW
InflateRect
SendDlgItemMessageA
GetAsyncKeyState
SetLayeredWindowAttributes
EnumDisplayMonitors
TrackMouseEvent
IsZoomed
LoadMenuW
GetSystemMenu
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapDialogRect
GetWindow
GetParent
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
LoadAcceleratorsW
EndDeferWindowPos
TranslateAcceleratorW
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetParent
LockWindowUpdate
SetClassLongPtrW
OpenClipboard
CloseClipboard
GetWindowRgn
MessageBoxW
GetDesktopWindow
SendMessageW
LoadCursorW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
KillTimer
EnableWindow
OffsetRect
PtInRect
LoadBitmapW
SetRectEmpty
CopyRect
GetClassInfoW
DefWindowProcW
IsRectEmpty
ReleaseCapture
IsWindow
GetWindowRect
SetCapture
SetCursor
MoveWindow
GetDC
ReleaseDC
BringWindowToTop
IsWindowVisible
UnregisterClassW
wsprintfW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PostQuitMessage
CharUpperW
UnhookWindowsHookEx
GetComboBoxInfo
DestroyCursor
SetWindowPos
SetWindowContextHelpId
LoadImageW
UnpackDDElParam
EnableMenuItem
ReuseDDElParam
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetKeyNameTextW
PostThreadMessageW
FrameRect
CopyIcon
ModifyMenuW
CharUpperBuffW
EmptyClipboard
SetWindowsHookExW
SetClipboardData

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
Escape
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
EnumFontFamiliesExW
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
CreateRectRgn
CreatePatternBrush
CreatePen
GetStockObject
DeleteObject
CreateSolidBrush
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC
BitBlt
SelectObject
CreateFontIndirectW
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
RemoveFontResourceExW
GetTextExtentPoint32W
CreateHatchBrush
AddFontResourceExW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey

shell32

SHGetDesktopFolder
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
DragQueryFileW
SHBrowseForFolderW
SHAppBarMessage
SHGetKnownFolderPath
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
IsAppThemed

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarBstrFromDate
OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipDrawLineI
GdipCreatePen2
GdipCreateLineBrushI
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetPixelOffsetMode
GdipDrawImageRectRect
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipSetInterpolationMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFillRectangle
GdipDeleteRegion
GdipCreateRegion
GdipSetStringFormatMeasurableCharacterRanges
GdipMeasureCharacterRanges
GdipGetRegionBoundsI
GdipGetFontHeight
GdipSetSolidFillColor
GdipDrawString
GdipFillRegion
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreatePen1
GdipDeletePen
GdipDrawRectangle
GdipGetImageGraphicsContext

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

hid

HidD_GetHidGuid

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 728KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

611e616a1e5359cff6d790447c2ef220

Code Sign

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dcCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dcCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

f5:4f:51:c8:00:5e:1f:61:66:58:61:71:62:b5:f8:f5:dc:f7:b2:a5:35:9c:9e:10:d3:1f:ac:ad:53:f5:38:b0Signer

45:f5:34:48:ae:b9:f3:58:3a:30:bb:82:f4:d0:76:0a:35:96:f7:8cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

hid

oleacc

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 728KB - Virtual size: 728KB

.data Size: 32KB - Virtual size: 77KB

.pdata Size: 95KB - Virtual size: 94KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 61KB - Virtual size: 61KB

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

06:37:2c:3f:12:c1:67:7c:78:9e:f1:04:67:cd:4b:dc
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f5:4f:51:c8:00:5e:1f:61:66:58:61:71:62:b5:f8:f5:dc:f7:b2:a5:35:9c:9e:10:d3:1f:ac:ad:53:f5:38:b0
Signer

45:f5:34:48:ae:b9:f3:58:3a:30:bb:82:f4:d0:76:0a:35:96:f7:8c
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 728KB - Virtual size: 728KB

.data
Size: 32KB - Virtual size: 77KB

.pdata
Size: 95KB - Virtual size: 94KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 61KB - Virtual size: 61KB