2024-07-05_8b5334063cd383c33450765341b73318_avoslocker_revil

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-05_8b5334063cd383c33450765341b73318_avoslocker_revil
Size

7.4MB
MD5

8b5334063cd383c33450765341b73318
SHA1

ec6ad02b97496a2be25ca647577708ded629150e
SHA256

5b2f72808719e41aeb8f7bc7d47ce4ea8bcbb8059659666cebcf6c9e7f7e9ae9
SHA512

c30153cd4f05f5af9438dc6d617fb246fbfbdd0ac2bf5b02f99a81da1c25e1ff2e2de106e01f9688e910aaf2f452e354fded1cc335d8130e6d6fc0e15b30994a
SSDEEP

98304:aZVAoeSUzvNhEKvQOygufj56Rg1pOs5mRa83wm6GT4xJadb0Q53HPvLqUhGJgZFQ:aleSUzvcOGig10FCQBvvLqUIqZfqdT

Score

1^/10

Malware Config

Signatures

Files

2024-07-05_8b5334063cd383c33450765341b73318_avoslocker_revil
.exe windows:6 windows x86 arch:x86

40506ada4972940930552e6e197a4ec3

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:59:0a:56:a0:a9:26:a7:36:6d:af:6a:20:bd:c3:67
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10/02/2022, 00:00

Not After

09/02/2025, 23:59

Subject

CN=Halcom d.d.,O=Halcom d.d.,ST=Ljubljana,C=SI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a4:03:15:6c:30:d4:1b:a1:0c:5f:0d:9d:e8:07:25:47:62:05:c4:31:91:05:3e:cc:38:51:5d:04:8f:be:81:8c
Signer

Actual PE Digest

a4:03:15:6c:30:d4:1b:a1:0c:5f:0d:9d:e8:07:25:47:62:05:c4:31:91:05:3e:cc:38:51:5d:04:8f:be:81:8c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\views\PROD_LJR_GUI_REF_1\ebank_pc\utilities\CertificateManager\CertificateManager\CertificateRenewal\_bin\x86\Release SSL\CertificateRenewal_SLO_SSL.pdb

Imports

kernel32

PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
SetFilePointerEx
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetConsoleCP
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
OutputDebugStringW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
DeleteFileW
GetTimeZoneInformation
IsValidCodePage
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
GetFileAttributesExW
SetFileAttributesW
CompareStringEx
GetStringTypeW
LCMapStringEx
GetLocaleInfoEx
GetSystemDirectoryA
GetSystemTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
FindNextFileW
FindFirstFileW
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
GetFileType
GetStdHandle
GetModuleHandleExW
FormatMessageW
GetEnvironmentVariableW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
CompareStringW
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetTickCount
Sleep
SearchPathA
GetProfileIntA
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
GetTickCount64
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryA
lstrcpyA
GetCPInfo
GetOEMCP
VirtualProtect
GetStringTypeExA
MoveFileA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetACP
lstrcmpiA
LocalUnlock
LocalLock
GlobalFlags
GetThreadLocale
SystemTimeToFileTime
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
SetEvent
CloseHandle
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
FormatMessageA
FindResourceA
GetModuleHandleA
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
ExitProcess
WaitForSingleObject
GetTempPathA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
LoadLibraryA
GetProcAddress
CreateProcessA
GetLastError
GetTempFileNameA
ExitThread
WriteConsoleW

user32

TrackMouseEvent
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
InflateRect
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
CopyImage
GetDialogBaseUnits
SetRect
MessageBeep
InvalidateRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
OffsetRect
SetRectEmpty
MapVirtualKeyA
GetKeyNameTextA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
LoadImageW
GetWindowRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
DefFrameProcA
DrawMenuBar
EmptyClipboard
UnregisterClassA
MessageBoxA
SendMessageA
IsIconic
EnableWindow
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
MapDialogRect
SetWindowContextHelpId
SetWindowPos
CreatePopupMenu
GetMenuDefaultItem
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
AdjustWindowRectEx
GetSystemMetrics
DrawIcon
GetClientRect
LoadIconW
BringWindowToTop
SetActiveWindow
SetForegroundWindow
GetWindowLongA
GetDesktopWindow
GetWindow
LoadIconA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
EnumChildWindows
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
ShowOwnedPopups
SetCursor
GetWindowThreadProcessId
GetLastActivePopup
SetClipboardData
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
UnionRect
PostThreadMessageA
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
GetUpdateRect
GetDCEx
DefMDIChildProcA
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
GetTabbedTextExtentW
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel

gdi32

SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
GetCharWidthA
GetTextMetricsA
DPtoLP
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
SetRectRgn
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetLayout
CreateFontA
StretchDIBits
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetObjectA
CreateFontIndirectA
CreateCompatibleBitmap
GetPixel
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
GetJobA
DocumentPropertiesA
OpenPrinterA

advapi32

CryptDestroyKey
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CryptAcquireContextA
RegSetValueA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
RegCloseKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExW
RegEnumValueA

shell32

ShellExecuteExA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHGetSpecialFolderPathA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
DragFinish
ShellExecuteA

shlwapi

PathRemoveExtensionA
PathFindExtensionA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindFileNameA

uxtheme

GetThemeSysColor
IsAppThemed
GetThemeColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemePartSize
GetWindowTheme

ole32

OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CoRevokeClassObject
WriteClassStm
CoRegisterClassObject
CreateGenericComposite
CreateItemMoniker
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleCreate
OleCreateFromData
PropVariantCopy
CoTreatAsClass
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
GetHGlobalFromILockBytes

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SysAllocStringLen
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SysAllocString
VariantInit
VariantClear
VariantChangeType
SafeArrayGetUBound
LoadTypeLi

oledlg

ord8

crypt32

CertCreateCertificateContext
CertFreeCertificateContext
CertGetNameStringA
CryptSignAndEncodeCertificate
CertGetIntendedKeyUsage
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

gdiplus

GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipDisposeImage
GdiplusStartup
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromFileICM
GdipAlloc
GdiplusShutdown
GdipCloneImage
GdipFree
GdipCreateBitmapFromScan0

wsock32

WSAGetLastError
WSACleanup
WSAStartup
WSASetLastError
socket
shutdown
setsockopt
sendto
send
select
getsockname
gethostbyname
recvfrom
recv
ntohs
ntohl
listen
ioctlsocket
htons
htonl
getsockopt
connect
closesocket
bind
accept
__WSAFDIsSet
inet_ntoa

ws2_32

getaddrinfo
freeaddrinfo
getnameinfo

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

bcrypt

BCryptGenRandom

Exports

Exports

?isPKCS11Initialized@@YA_NXZ
C_CloseAllSessions
C_CloseSession
C_CreateObject
C_DecryptFinal
C_DecryptInit
C_DecryptUpdate
C_DestroyObject
C_Digest
C_DigestFinal
C_DigestInit
C_DigestUpdate
C_Encrypt
C_EncryptFinal
C_EncryptInit
C_EncryptUpdate
C_Finalize
C_FindObjects
C_FindObjectsFinal
C_FindObjectsInit
C_GenerateKey
C_GenerateRandom
C_GetAttributeValue
C_GetFunctionList
C_GetInfo
C_GetMechanismList
C_GetSessionInfo
C_GetSlotInfo
C_GetSlotList
C_GetTokenInfo
C_InitPIN
C_Initialize
C_Login
C_Logout
C_OpenSession
C_SeedRandom
C_SetAttributeValue
C_SetPIN
C_Sign
C_SignInit
C_UnblockPIN
C_UnwrapKey
C_Verify
C_VerifyInit
C_VerifyRecover
C_VerifyRecoverInit
C_WaitForSlotEvent
C_WrapKey

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40506ada4972940930552e6e197a4ec3

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

7f:59:0a:56:a0:a9:26:a7:36:6d:af:6a:20:bd:c3:67Certificate

Extended Key Usages

Key Usages

a4:03:15:6c:30:d4:1b:a1:0c:5f:0d:9d:e8:07:25:47:62:05:c4:31:91:05:3e:cc:38:51:5d:04:8f:be:81:8cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

crypt32

gdiplus

wsock32

ws2_32

oleacc

imm32

winmm

bcrypt

Exports

Exports

Sections

.text Size: 5.3MB - Virtual size: 5.3MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 53KB - Virtual size: 125KB

.rsrc Size: 323KB - Virtual size: 322KB

.reloc Size: 442KB - Virtual size: 441KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

7f:59:0a:56:a0:a9:26:a7:36:6d:af:6a:20:bd:c3:67
Certificate

a4:03:15:6c:30:d4:1b:a1:0c:5f:0d:9d:e8:07:25:47:62:05:c4:31:91:05:3e:cc:38:51:5d:04:8f:be:81:8c
Signer

.text
Size: 5.3MB - Virtual size: 5.3MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 53KB - Virtual size: 125KB

.rsrc
Size: 323KB - Virtual size: 322KB

.reloc
Size: 442KB - Virtual size: 441KB