2024-07-06_104e05b59e7c6f61f99f7d640b2abd08_bkransomware_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-06_104e05b59e7c6f61f99f7d640b2abd08_bkransomware_magniber
Size

10.5MB
MD5

104e05b59e7c6f61f99f7d640b2abd08
SHA1

24f0157dd278c6bf8b3fdf0b4082f8855bafd478
SHA256

08335711ee5f76cfe83460b2bce138941c1c6ae0d628d23c6ae8d8d772ff4e53
SHA512

11cfc5af951effeebeadf198db65f332196f77b19f586493bfa63211ff9e5cc0fb8a4ab9afb25a726d1bc889347a32afda74daaba252d91a50a3f3a07c6d83ea
SSDEEP

196608:Duj1EUJbCTY1JOL5WNHj2f6iijVkFk3KWKm1Cu1YGS:ajuQbGY1JOi2f6iijSoK4CMYGS

Score

1^/10

Malware Config

Signatures

Files

2024-07-06_104e05b59e7c6f61f99f7d640b2abd08_bkransomware_magniber
.exe windows:5 windows x86 arch:x86

ae075710dcb75f7c1b5639ed5ed36d71

Code Sign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:62:bd:66:36:51:c3:a6:46:6a:63:08
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

25-12-2023 13:12

Not After

26-10-2025 14:50

Subject

CN=OOO Info-Buhgalter,O=OOO Info-Buhgalter,L=Moscow,ST=Moscow,C=RU,1.2.840.113549.1.9.1=#0c0a68656c704069622e7275

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

07-11-2023 17:13

Not After

09-12-2034 17:13

Subject

CN=Globalsign TSA for CodeSign1 - R6 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ba:9c:31:21:75:82:8d:4b:2f:de:0b:4a:93:d4:e1:53:c2:02:01:7a:72:4e:99:72:7c:31:37:2f:fa:7b:f1:83
Signer

Actual PE Digest

ba:9c:31:21:75:82:8d:4b:2f:de:0b:4a:93:d4:e1:53:c2:02:01:7a:72:4e:99:72:7c:31:37:2f:fa:7b:f1:83

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\_D\ibw8cxx\output\msvc_v120_xp_win32\releases\infodocnav\infodocnav.pdb

Imports

kernel32

GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
FatalAppExitA
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
CreateSemaphoreW
TerminateProcess
GetConsoleCP
CreateProcessA
GetExitCodeProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetCurrentDirectoryW
CreateDirectoryW
FindFirstFileExW
GetDriveTypeW
MoveFileExW
PeekNamedPipe
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
GetFullPathNameA
MapViewOfFile
CreateFileMappingA
CreateFileA
UnmapViewOfFile
CreateEventA
SetFilePointerEx
ReadConsoleW
SetUnhandledExceptionFilter
GetConsoleMode
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
ExitThread
CreateThread
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
LocalUnlock
LocalLock
FindResourceExW
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
SearchPathW
GetProfileIntW
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
SetErrorMode
lstrcpyW
GetWindowsDirectoryW
GetStringTypeExW
MoveFileW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
GlobalGetAtomNameW
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryW
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
GetThreadLocale
SystemTimeToFileTime
GetModuleHandleW
WideCharToMultiByte
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
DecodePointer
HeapSize
RaiseException
GetProcessHeap
HeapFree
HeapReAlloc
ResetEvent
WaitForMultipleObjects
CreateMutexW
WaitForSingleObject
SetEvent
CloseHandle
CreateEventW
lstrlenW
VirtualProtect
WriteProcessMemory
GetCurrentProcess
GetModuleHandleA
lstrcmpiA
GetProcAddress
FreeLibrary
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
ReleaseMutex
HeapAlloc
HeapDestroy
HeapCreate
GetCurrentDirectoryW
CompareFileTime
FindNextFileW
FindClose
FindFirstFileW
GetLastError
lstrcmpiW
GetFileAttributesW
lstrcmpW
InterlockedDecrement
InterlockedIncrement

user32

SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
SetMenu
GetMenu
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
GetDesktopWindow
GetWindowLongW
EqualRect
IntersectRect
InvalidateRgn
CopyAcceleratorTableW
IsWindowEnabled
GetFocus
SetFocus
IsWindowVisible
SetWindowPos
IsWindow
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
UnregisterClassW
CharUpperW
IsIconic
UpdateWindow
RegisterClassExW
GetClassInfoExW
SetWindowLongW
ClientToScreen
DispatchMessageW
TranslateMessage
GetMessageW
DrawStateW
SetCursor
ReleaseCapture
GetCapture
SetCapture
LoadMenuW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
wsprintfW
GetParent
MessageBoxA
EnumClipboardFormats
DefWindowProcW
LoadAcceleratorsW
LoadImageW
OffsetRect
ReleaseDC
GetDC
SetRect
PtInRect
ScreenToClient
GetCursorPos
InvalidateRect
GetWindowRect
IsRectEmpty
GetWindow
GetKeyState
GetSysColor
SetForegroundWindow
SetMenuItemInfoW
LoadBitmapW
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetActiveWindow
GetKeyNameTextW
MapVirtualKeyW
SendDlgItemMessageA
WindowFromPoint
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
PeekMessageW
KillTimer
RemoveMenu
FillRect
DestroyMenu
GetMenuItemInfoW
InflateRect
SystemParametersInfoW
GetWindowThreadProcessId
BringWindowToTop
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CreatePopupMenu
InsertMenuItemW
SetRectEmpty
DestroyIcon
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
PostQuitMessage
ShowOwnedPopups
GetSysColorBrush
RegisterClipboardFormatW
CharNextW
RealChildWindowFromPoint
CopyImage
GetDialogBaseUnits
UnionRect
GetSystemMenu
LoadCursorW
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
GetAsyncKeyState
EnableScrollBar
TranslateAcceleratorW
SendMessageW
SetWindowContextHelpId
IsCharAlphaNumericW
MonitorFromRect
CreateIconIndirect
GetClipboardData
CharUpperA
CharLowerA
CharLowerW
EnumChildWindows
SetPropW
GetPropW
RemovePropW
PostMessageW
TrackPopupMenu
TrackPopupMenuEx
GetMenuDefaultItem
CallWindowProcW
DeleteMenu
EnableWindow
SetTimer
GetClientRect
GetSystemMetrics
GetMonitorInfoW
CopyRect
GetSubMenu
CheckMenuItem
EnableMenuItem
HideCaret
InvertRect
NotifyWinEvent
GetDCEx
LockWindowUpdate
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawEdge
DrawFrameControl
SetWindowRgn
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
GetComboBoxInfo
IsZoomed
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetClassLongW
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuW
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
SendNotifyMessageW
InSendMessage
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
WindowFromDC
GetTabbedTextExtentW
PostThreadMessageW
SetParent

gdi32

GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetMapMode
DeleteDC
DPtoLP
CreateCompatibleBitmap
GetBkColor
GetTextColor
GetTextMetricsW
CreateFontW
GetCharWidthW
GetClipRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
GetCurrentObject
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetRgnBox
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
GetClipBox
ExcludeClipRect
Escape
StretchDIBits
DeleteObject
SetRectRgn
PatBlt
CopyMetaFileW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExA
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegCloseKey
SetSecurityInfo
RegOpenKeyExA

shell32

SHPathPrepareForWriteW
SHFileOperationW
ShellExecuteW
ShellExecuteExW
DragQueryFileW
DragFinish
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderW
SHAppBarMessage
SHGetSpecialFolderPathW

comctl32

ImageList_GetIcon
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

UrlIsW
PathAddExtensionW
PathRemoveExtensionW
PathFileExistsW
SHDeleteKeyW
PathCreateFromUrlW
UrlHashW
PathAddBackslashW
PathMatchSpecW
PathCombineW
PathStripPathW
PathRelativePathToW
PathGetArgsW
PathRemoveArgsW
PathUnquoteSpacesW
PathIsURLW
PathIsRelativeW
PathRemoveFileSpecW
UrlUnescapeW
UrlCreateFromPathW
UrlEscapeW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathIsDirectoryW
PathCanonicalizeW
PathRemoveBackslashW
PathAppendW

uxtheme

GetThemePartSize
GetThemeSysColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetCurrentThemeName
IsAppThemed
GetThemeColor
GetWindowTheme

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CLSIDFromProgID
CoInitialize
CoRegisterMessageFilter
CreateStreamOnHGlobal
DoDragDrop
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
CreateDataAdviseHolder
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
CoCreateGuid
CoInitializeEx
CoUninitialize
StringFromGUID2
OleCreateFromFile
OleLoad
CLSIDFromString
CoCreateInstance
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
PropVariantCopy
OleRegGetMiscStatus
OleRegEnumVerbs
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
CoGetMalloc
GetRunningObjectTable
CreateOleAdviseHolder
OleSetClipboard
SetConvertStg

oleaut32

VariantClear
SafeArrayCreateVector
OleLoadPicturePath
OleLoadPicture
OleCreatePictureIndirect
SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
OleCreateFontIndirect
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantInit
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantChangeType
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
SysAllocStringLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

oledlg

OleUIBusyW

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate
UuidEqual

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1012KB - Virtual size: 1011KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae075710dcb75f7c1b5639ed5ed36d71

Code Sign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

29:62:bd:66:36:51:c3:a6:46:6a:63:08Certificate

Extended Key Usages

Key Usages

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

ba:9c:31:21:75:82:8d:4b:2f:de:0b:4a:93:d4:e1:53:c2:02:01:7a:72:4e:99:72:7c:31:37:2f:fa:7b:f1:83Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

rpcrt4

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 1012KB - Virtual size: 1011KB

.data Size: 120KB - Virtual size: 153KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 288KB - Virtual size: 287KB

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

29:62:bd:66:36:51:c3:a6:46:6a:63:08
Certificate

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

ba:9c:31:21:75:82:8d:4b:2f:de:0b:4a:93:d4:e1:53:c2:02:01:7a:72:4e:99:72:7c:31:37:2f:fa:7b:f1:83
Signer

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 1012KB - Virtual size: 1011KB

.data
Size: 120KB - Virtual size: 153KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 288KB - Virtual size: 287KB