d673ea7bfd9e5e3faa7dfc9bffe941ddd354b1132792f8988ef6967172d1a263[.]exe

Resubmissions

30/07/2024, 14:11

240730-rhl3gsshrn 3

21/07/2024, 09:46

240721-lr5y3axhnf 7

Sharing

Copy URL Twitter E-mail

General

Target

d673ea7bfd9e5e3faa7dfc9bffe941ddd354b1132792f8988ef6967172d1a263.exe
Size

23.3MB
MD5

9945bcaa943faec1d9c601fac34a0258
SHA1

c9093445554163099fe83264ecb799990b76bea5
SHA256

d673ea7bfd9e5e3faa7dfc9bffe941ddd354b1132792f8988ef6967172d1a263
SHA512

dc1bb4bb6faa9edcb776f7685daa0d9f20839f9eab249072e2ad9b8134e16c34301ca8db725394d792ddd7f090f46eeff6dce2a830bca28804c2e9fc0791d97a
SSDEEP

393216:DQqsjFOaGcOJOEUtkDcD2joUCPxMt8X/aoxDSnkj5Jsv6tWKFdu9CWuNRxKhaQR:SCnk1/aTO8oLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d673ea7bfd9e5e3faa7dfc9bffe941ddd354b1132792f8988ef6967172d1a263.exe

Files

d673ea7bfd9e5e3faa7dfc9bffe941ddd354b1132792f8988ef6967172d1a263.exe
.exe windows:5 windows x64 arch:x64

491f4423cad652a4db3bfa6ff730eac1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

PathStripToRootW
PathIsUNCW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW
StrChrW
PathRemoveFileSpecW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

uxtheme

GetThemeColor
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
ord47
GetThemePartSize
DrawThemeParentBackground
DrawThemeBackground
OpenThemeData
GetWindowTheme
GetThemeSysColor
GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
DrawThemeText
IsAppThemed
GetCurrentThemeName
IsThemeActive

dwmapi

DwmEnableBlurBehindWindow
DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmSetWindowAttribute

oleaut32

SysAllocStringLen
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SafeArrayCreateVector
SafeArrayPutElement
SysFreeString
SysAllocString
VariantClear
VariantCopy
VariantChangeType
VariantInit
VarBstrFromDate

imm32

ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetOpenStatus
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetDefaultIMEWnd
ImmGetContext

gdi32

CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreatePolygonRgn
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
GetTextColor
GetBitmapBits
CreateEllipticRgn
SwapBuffers
SetDIBColorTable
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
TextOutW
MoveToEx
GetObjectW
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
Ellipse
CreateDCW
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetPaletteEntries
GetNearestPaletteIndex
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
SetBkColor
CopyMetaFileW
GetDIBits
CreatePalette
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetMapMode
GetLayout
SetPolyFillMode
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
Polygon
SetROP2

advapi32

CryptEnumProvidersW
CryptSignHashW
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
ReportEventW
RegisterEventSourceW
DeregisterEventSource
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetLengthSid
FreeSid
DuplicateToken
CopySid
AllocateAndInitializeSid
AccessCheck
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
SystemFunction036
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CreateWellKnownSid
CreateProcessAsUserW
StartServiceW
OpenServiceW
OpenSCManagerW
EnumServicesStatusExW
CloseServiceHandle
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDecrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

kernel32

VerSetConditionMask
FindResourceExW
GetUserDefaultUILanguage
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
GlobalFlags
LoadLibraryExW
UnlockFile
LockFile
GlobalAddAtomW
GlobalGetAtomNameW
lstrcmpA
LocalReAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSection
MulDiv
GlobalFree
FindResourceW
SizeofResource
LockResource
LoadResource
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
OutputDebugStringA
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetLocaleInfoEx
FormatMessageA
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetExitCodeProcess
GetUserGeoID
GetGeoInfoW
VerifyVersionInfoW
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
MultiByteToWideChar
CompareStringW
RegisterWaitForSingleObject
UnregisterWaitEx
SetFilePointerEx
SetEndOfFile
GetFileType
FlushFileBuffers
GetFileInformationByHandleEx
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
MoveFileW
CopyFileW
SetErrorMode
GetVolumePathNamesForVolumeNameW
GetTempPathW
SetFileTime
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetStartupInfoW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesExW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
SwitchToThread
WaitForMultipleObjects
DuplicateHandle
GetSystemDirectoryW
WaitForSingleObjectEx
SetEvent
IsProcessorFeaturePresent
OutputDebugStringW
GetLocalTime
GetSystemTime
GetCommandLineW
CompareStringEx
GetConsoleWindow
GetDriveTypeW
MapViewOfFileEx
lstrlenW
GetProfileIntW
GetTimeZoneInformation
GetLongPathNameW
GetVolumeInformationW
ReleaseSRWLockShared
AcquireSRWLockShared
TryAcquireSRWLockExclusive
GetSystemDirectoryA
GetStdHandle
GetEnvironmentVariableW
GetACP
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
RtlUnwindEx
VirtualQuery
LCIDToLocaleName
AreFileApisANSI
PeekNamedPipe
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointer
GetFileSize
GetUserDefaultLangID
GlobalSize
LoadLibraryA
GetLocaleInfoW
OpenProcess
CheckRemoteDebuggerPresent
CreateProcessW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
FormatMessageW
lstrcmpW
lstrcpyW
LocalFree
LocalAlloc
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
TerminateProcess
WaitForSingleObject
SetLastError
WaitForDebugEvent
ContinueDebugEvent
lstrcatW
LoadLibraryW
WriteProcessMemory
VirtualProtect
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
lstrcmpiW
GlobalLock
GlobalUnlock
GlobalAlloc
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
VirtualFree
VirtualAlloc
GetWindowsDirectoryW
GetTickCount
ExitProcess
GetCurrentProcess
Sleep
CreateEventW
InitializeCriticalSectionAndSpinCount
DeviceIoControl
GetLastError
CloseHandle
WriteFile
ReadFile
CreateFileW
CreateFileA
GetProcessHeap
GetTempFileNameW
SearchPathW
InitializeSRWLock
GetSystemInfo
ReleaseMutex
CreateMutexW

ole32

CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
OleLockRunning
CoUninitialize
CoInitializeEx
CoCreateInstance
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoInitialize
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
StringFromGUID2

shell32

CommandLineToArgvW
ord680
SHGetFileInfoW
SHGetStockIconInfo
ord727
ShellExecuteW
SHGetKnownFolderPath
SHCreateItemFromParsingName
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHCreateItemFromIDList

user32

ToAscii
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
GetUserObjectInformationW
GetProcessWindowStation
MsgWaitForMultipleObjects
GetWindowRgn
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
CharUpperBuffW
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UnionRect
DrawIcon
FrameRect
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
HideCaret
CopyIcon
ShowCaret
SetCaretPos
FindWindowA
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToUnicode
MapVirtualKeyW
TrackPopupMenuEx
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
BringWindowToTop
DrawFrameControl
DrawEdge
SetClassLongPtrW
DrawStateW
LoadMenuW
GetKeyNameTextW
RegisterClassW
EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
GetMenuDefaultItem
NotifyWinEvent
InvertRect
EnableScrollBar
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
IntersectRect
CloseTouchInputHandle
RealGetWindowClassW
ChangeWindowMessageFilterEx
GetSysColorBrush
ChildWindowFromPointEx
DeleteMenu
ShowOwnedPopups
MapDialogRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
PostQuitMessage
IsDialogMessageW
CheckDlgButton
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongPtrW
EqualRect
CopyRect
MapWindowPoints
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetActiveWindow
UpdateWindow
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsMenu
GetClassInfoExW
CallWindowProcW
GetMessageTime
GetMessagePos
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
RealChildWindowFromPoint
GetClassNameW
PtInRect
GetDlgCtrlID
CharUpperW
ValidateRect
GetActiveWindow
GetMessageW
GetLastActivePopup
EnableWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterDeviceNotification
RegisterDeviceNotificationW
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
TranslateMessage
DrawIconEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
LoadImageW
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
wsprintfA
wsprintfW
ExitWindowsEx
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetWindowTextW
GetWindowTextLengthW
EnumWindows
MessageBoxW
GetSystemMetrics
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetMenu
ReleaseCapture
SetCapture
GetCapture

winmm

timeGetDevCaps
timeGetTime
timeKillEvent
timeSetEvent
timeEndPeriod
timeBeginPeriod
PlaySoundW

ntdll

strlen
__chkstk
DbgUiSetThreadDebugObject
NtClose
NtDuplicateObject
NtQueryInformationProcess
NtRemoveProcessDebug
strcmp
wcsrchr
memcmp
toupper
strstr
atan
cos
sin
tan
wcsncmp
pow
strncmp
strrchr
strncpy
qsort
strtol
longjmp
memchr
_setjmp
sqrt
ceil
atoi
bsearch
floor
log
strchr
isdigit
isspace
isxdigit
RtlAllocateHeap
memmove
memset
memcpy
RtlFreeHeap

msimg32

AlphaBlend
TransparentBlt

iphlpapi

GetAdaptersAddresses

ws2_32

getaddrinfo
inet_addr
inet_ntoa
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSAAsyncSelect
ntohs
gethostbyaddr
gethostbyname
getservbyport
getservbyname
WSAStringToAddressW
WSACreateEvent
WSAGetLastError
__WSAFDIsSet
closesocket
ioctlsocket
getpeername
getsockname
getsockopt
htonl
htons
WSACloseEvent
recv
ntohl
select
send
WSACleanup
connect
socket
WSAIoctl
WSASetLastError
shutdown
setsockopt
bind
InetNtopW
WSAStartup
freeaddrinfo

crypt32

CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertOpenStore
CertCloseStore

rpcrt4

RpcAsyncInitializeHandle
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcBindingFree
NdrAsyncClientCall
RpcAsyncCompleteCall
RpcRaiseException

msvcrt

_tzname
_localtime64
_wgetenv
?terminate@@YAXXZ
fgetpos
_hypot
fsetpos
__getmainargs
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
__CxxFrameHandler
_XcptFilter
__set_app_type
_ismbblead
_fmode
___lc_handle_func
?_set_new_mode@@YAHH@Z
_commode
_wcsupr
_wcslwr
_mbslwr
_mbsupr
_CxxThrowException
__C_specific_handler
wcschr
wcsstr
_amsg_exit
?name@type_info@@QEBAPEBDXZ
_wfullpath
__DestructExceptionObject
_local_unwind
_errno
free
malloc
_wsplitpath
fflush
realloc
getenv
fclose
fopen
fread
fseek
ftell
calloc
exp
rand
atan2
log10
strerror
abort
ferror
_gmtime64
floorf
sinf
acos
acosf
mbtowc
_isatty
_wcstoui64
_strtoui64
_sys_errlist
_sys_nerr
_clearfp
fputs
asin
__argv
__argc
_acmdln
iswctype
_iob
_unlock
_lock
wcstol
_aligned_malloc
_aligned_free
signal
raise
_wfopen
strspn
_setmode
setvbuf
strtoul
_itoa
_mkgmtime64
_mbsrchr
_time64
_ismbcspace
_mbsspn
_mbsicmp
_mbscspn
_mbscmp
_mbschr
_stricmp
_endthread
_beginthread
clock
_resetstkoflw
_wcsicoll
abs
_wtol
towlower
towupper
iswprint
_mktime64
_tzset
_beginthreadex
_endthreadex
ceilf
_lseeki64
_timezone
_waccess
_wchmod
_get_osfhandle
feof
_fileno
_close
_open_osfhandle
_getdrive
fgets
_read
_write
_callnewh
_initterm
__pctype_func
isupper
___lc_codepage_func
_wcsdup
islower
strcspn
___mb_cur_max_func
tolower
wcslen
ldiv
wcscspn
labs
_wtoi
_expand
_msize
wcscmp
_strnicmp
__doserrno
_wcsicmp
wcspbrk
iswspace
wcscoll
iswalnum
iswalpha
iswdigit

gdiplus

GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapLockBits
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

bcrypt

BCryptGenRandom

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

NetShareEnum
NetApiBufferFree

Sections

.text
Size: 12.9MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 844KB - Virtual size: 18.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 641KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

491f4423cad652a4db3bfa6ff730eac1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wtsapi32

uxtheme

dwmapi

oleaut32

imm32

gdi32

advapi32

kernel32

ole32

shell32

user32

winmm

ntdll

msimg32

iphlpapi

ws2_32

crypt32

rpcrt4

msvcrt

gdiplus

oleacc

bcrypt

winspool.drv

userenv

version

netapi32

Sections

.text Size: 12.9MB - Virtual size: 12.9MB

.rdata Size: 7.4MB - Virtual size: 7.4MB

.data Size: 844KB - Virtual size: 18.1MB

.pdata Size: 641KB - Virtual size: 640KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

.reloc Size: 142KB - Virtual size: 142KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 12.9MB - Virtual size: 12.9MB

.rdata
Size: 7.4MB - Virtual size: 7.4MB

.data
Size: 844KB - Virtual size: 18.1MB

.pdata
Size: 641KB - Virtual size: 640KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

.reloc
Size: 142KB - Virtual size: 142KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB