2024-06-24_debd0b841c8c32d8e85e395a3512d0d9_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_debd0b841c8c32d8e85e395a3512d0d9_avoslocker
Size

6.7MB
MD5

debd0b841c8c32d8e85e395a3512d0d9
SHA1

591fc83b627475bedf1ed7e3b26164c45b6f8e20
SHA256

48edc40161d6104b4f1a560a60ed188ee8d1f162ea2437d5739b06671e61d1a8
SHA512

446c917354dcb9b9df60baac67ab6edafe2c8cec91661f82f1a4c66af9d2acbfac1b386932d5ddd79299e5249f65e9b5dea741e723cf5701941bbb5c9a178deb
SSDEEP

98304:Hr2K57oAZUI7aVmabouczPAjQ41yosPfKWZ6A03BB20E4gTqkFDPsg780CKgc38D:Hr757oAZUIu+2E03BB20E4gudj

Score

1^/10

Malware Config

Signatures

Files

2024-06-24_debd0b841c8c32d8e85e395a3512d0d9_avoslocker
.exe windows:6 windows x86 arch:x86

c375c6c9957073e3e8cb75fe4e423681

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:85:b1:df:04:2f:b0:95:e4:c1:6c:49
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

17/05/2023, 09:52

Not After

09/07/2024, 07:40

Subject

SERIALNUMBER=0200-01-043507,CN=FUJI SOFT INCORPORATED,OU=Fudegurume Dept.,O=FUJI SOFT INCORPORATED,L=Yokohama-shi,ST=Kanagawa,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

28:d8:32:9f:dc:83:69:1a:7e:bd:ef:c0:c1:6a:d4:f8:4b:e1:0d:93
Signer

Actual PE Digest

28:d8:32:9f:dc:83:69:1a:7e:bd:ef:c0:c1:6a:d4:f8:4b:e1:0d:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\00.work\00.Fgw\01.silver96i\fsi\FgwWICA\trunk\FgwSetupMenu\Release\FgwSetupMenu.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetSystemInfo
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
SetStdHandle
MoveFileExW
GetTimeZoneInformation
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
VirtualAlloc
QueryPerformanceFrequency
GetStdHandle
SetEnvironmentVariableW
GetCPInfo
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
IsValidLocale
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
FindFirstFileExW
GetEnvironmentStringsW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
SearchPathW
GetProfileIntW
FindResourceExW
ExitProcess
SetErrorMode
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SystemTimeToFileTime
GetAtomNameW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetVersionExW
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GetThreadLocale
GetStringTypeExW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetCurrentThreadId
EncodePointer
OutputDebugStringA
CopyFileW
LocalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
DecodePointer
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
VerifyVersionInfoW
MoveFileW
FormatMessageW
SetFileAttributesW
RemoveDirectoryW
GetLogicalDrives
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
VerSetConditionMask
WideCharToMultiByte
MultiByteToWideChar
SetDllDirectoryW
lstrcatW
lstrcpynW
GlobalFree
GetModuleHandleW
GetWindowsDirectoryW
GetCurrentProcess
GetTempPathW
WriteFile
GetVolumeInformationW
GetShortPathNameW
GetFileAttributesW
GetDriveTypeW
CreateFileW
GetCommandLineW
lstrlenW
lstrcmpW
CreateMutexW
GetLastError
GetTickCount
GetModuleFileNameW
LoadLibraryW
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryW
lstrcpyW
MulDiv
FindResourceW
SizeofResource
LockResource
LoadResource
CreateProcessW
WriteConsoleW
GetExitCodeProcess
Sleep
WaitForSingleObject
CloseHandle
FreeEnvironmentStringsW
SetConsoleCtrlHandler
SetCurrentDirectoryW
GetFileType

user32

SetCapture
GetNextDlgGroupItem
DeleteMenu
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
CopyImage
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
IntersectRect
ShowOwnedPopups
PostQuitMessage
GetMessageW
CharUpperW
WindowFromPoint
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
ReleaseCapture
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
NotifyWinEvent
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
SendMessageW
AttachThreadInput
SetFocus
SetTimer
KillTimer
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
OffsetRect
SetRectEmpty
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
IsWindowVisible
LoadCursorW
GetParent
ClientToScreen
SetCursor
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
CreateAcceleratorTableW
BringWindowToTop
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
GetKeyState
InvertRect
EnableWindow
GetSystemMetrics
GetForegroundWindow
GetDC
ReleaseDC
GetClientRect
SetRect
CopyRect
GetDesktopWindow
GetWindowThreadProcessId
LoadBitmapW
SystemParametersInfoW
GetWindowRect
PostMessageW
GetSysColor
GetSysColorBrush
GetWindowTextW
FindWindowW
EnumWindows
GetClassNameW
RegisterWindowMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
ExitWindowsEx
IsIconic
CreatePopupMenu
AppendMenuW
DrawIcon
InvalidateRect
PtInRect
LoadIconW
IsWindow
SetCursorPos
CopyIcon
FrameRect
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
GetTabbedTextExtentW
GetDCEx
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
CopyAcceleratorTableW
DestroyAcceleratorTable
DestroyWindow

gdi32

RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreatePalette
RectVisible
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
CreateDCW
CopyMetaFileW
GetStockObject
Polygon
GetTextMetricsW
GetTextExtentPoint32W
CreateSolidBrush
CreatePen
GetObjectW
GetDeviceCaps
CreateFontIndirectW
CreateCompatibleDC
GetNearestPaletteIndex
Rectangle
BitBlt

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
RegUnLoadKeyW
RegSetValueExW
RegLoadKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCloseKey
LookupAccountSidW
GetTokenInformation
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ExtractIconW
SHAddToRecentDocs
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetDesktopFolder
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
ShellExecuteExW
DragQueryFileW
DragFinish

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
CloseThemeData
GetThemeColor
OpenThemeData
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
GetCurrentThemeName

ole32

OleGetClipboard
CoFreeUnusedLibraries
OleInitialize
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
CoLockObjectExternal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
CreateStreamOnHGlobal
CLSIDFromString
CoDisconnectObject
OleCreateStaticFromData
OleCreateLinkToFile
StringFromGUID2
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
OleRun
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleUninitialize
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleQueryCreateFromData

oleaut32

VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SysStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
VarBstrFromDate
VariantInit
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
SystemTimeToVariantTime
SysAllocStringLen
SysAllocStringByteLen
SafeArrayGetUBound
SysStringByteLen
SafeArrayGetElemsize
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c375c6c9957073e3e8cb75fe4e423681

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

74:85:b1:df:04:2f:b0:95:e4:c1:6c:49Certificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

28:d8:32:9f:dc:83:69:1a:7e:bd:ef:c0:c1:6a:d4:f8:4b:e1:0d:93Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 584KB - Virtual size: 583KB

.data Size: 31KB - Virtual size: 51KB

.rsrc Size: 3.4MB - Virtual size: 3.4MB

.reloc Size: 208KB - Virtual size: 208KB

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

74:85:b1:df:04:2f:b0:95:e4:c1:6c:49
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

28:d8:32:9f:dc:83:69:1a:7e:bd:ef:c0:c1:6a:d4:f8:4b:e1:0d:93
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 584KB - Virtual size: 583KB

.data
Size: 31KB - Virtual size: 51KB

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

.reloc
Size: 208KB - Virtual size: 208KB