bbd0f9a042cadb0128038b78803318c0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bbd0f9a042cadb0128038b78803318c0N.exe
Size

78KB
MD5

bbd0f9a042cadb0128038b78803318c0
SHA1

2eee342aed437cbcaf84f43256534194c5c5527e
SHA256

eed36d1ec00b34deeda1181fc3a4b1e0e7c3adf18c6cba370428e9a5a00dba01
SHA512

c86dddfc71a4465daee8d46c3559177c76a4d901ac157b2c3e501ace913c04ca529ea97fe1acbec6471adb0ba2571e12b6cbdcc5766d24f33ee0f6766e52f20d
SSDEEP

1536:F80frbmGUg1N2+/7S5473jn3g8koDcYc6+OM7ciD09:F1OGUg1N2+Du473jn3g6DcYcppor

Score

1^/10

Malware Config

Signatures

Files

bbd0f9a042cadb0128038b78803318c0N.exe
.dll windows:6 windows x64 arch:x64

01a0758fa0df1a456d629aabf5520ce8

Code Sign

0d:f7:a7:c9:09:06:30:1a:d2:f0:c2:4d:33:77:18:7b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/05/2022, 00:00

Not After

21/05/2024, 23:59

Subject

CN=Eclipse.org Foundation\, Inc.,OU=IT,O=Eclipse.org Foundation\, Inc.,L=Ottawa,ST=Ontario,C=CA,1.2.840.113549.1.9.1=#0c157765626d61737465724065636c697073652e6f7267

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2d:cd:42:a9:f1:f5:67:ee:6a:75:f4:44:9a:a1:13:5b:38:cb:e6:e7:78:dd:6a:e7:ca:49:7e:c0:c9:e4:17:c4
Signer

Actual PE Digest

2d:cd:42:a9:f1:f5:67:ee:6a:75:f4:44:9a:a1:13:5b:38:cb:e6:e7:78:dd:6a:e7:ca:49:7e:c0:c9:e4:17:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

nio.pdb

Imports

ws2_32

WSAStartup
WSASocketW
WSAEnumProtocolsW
bind
closesocket
socket
shutdown
setsockopt
ntohl
listen
htonl
getsockopt
getsockname
getpeername
accept
__WSAFDIsSet
WSAEventSelect
send
recv
ioctlsocket
WSASend
WSARecv
WSAIoctl
WSAGetLastError
sendto
select
recvfrom
connect

java

Java_sun_security_provider_NativeSeedGenerator_nativeGenerateSeed
JNU_ThrowInternalError
JNU_ThrowIOExceptionWithLastError
JNU_ThrowByName
JNU_ThrowIOException
JNU_NewObjectByName
JNU_ThrowOutOfMemoryError

net

NET_WinBind
initInetAddressIDs
NET_ThrowNew
ipv6_available
NET_InetAddressToSockaddr
NET_SockaddrToInetAddress
NET_GetPortFromSockaddr
NET_SocketAvailable
NET_GetSockOpt
NET_SetSockOpt
NET_EnableFastTcpLoopback
NET_EnableFastTcpLoopbackConnect

advapi32

ConvertStringSidToSidW
ConvertSidToStringSidW
LookupPrivilegeValueW
LookupAccountNameW
LookupAccountSidW
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
SetFileSecurityW
MapGenericMask
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetSecurityDescriptorOwner
GetSecurityDescriptorDacl
GetLengthSid
GetFileSecurityW
GetAclInformation
GetAce
DuplicateTokenEx
AdjustTokenPrivileges
AddAccessDeniedAceEx
AddAccessAllowedAceEx
AccessCheck
OpenThreadToken
OpenProcessToken
SetThreadToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

mswsock

TransmitFile

kernel32

SetFileTime
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
GetVolumePathNameW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
FindFirstStreamW
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FindNextStreamW
DeviceIoControl
CancelIo
CreateEventW
GetCurrentThread
LocalAlloc
LocalFree
CopyFileExW
MoveFileExW
CreateHardLinkW
ReadDirectoryChangesW
CreateSymbolicLinkW
GetHandleInformation
SetLastError
GetQueuedCompletionStatusEx
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitOnceExecuteOnce
GetTickCount64
GetModuleHandleW
GetProcAddress
ReOpenFile
GetCurrentThreadId
GetVolumeInformationW
GetLogicalDrives
SetFilePointerEx
CloseHandle
GetLastError
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
FlushFileBuffers
GetDiskFreeSpaceW
GetFileSizeEx
LockFileEx
ReadFile
SetFileInformationByHandle
UnlockFileEx
WriteFile
DuplicateHandle
GetOverlappedResult
GetCurrentProcess
GetFullPathNameW
GetFileInformationByHandle
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
FormatMessageW
FlushViewOfFile
SetHandleInformation
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileAttributesW
GetFileAttributesExW
GetFinalPathNameByHandleW
SetFileCompletionNotificationModes

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-string-l1-1-0

strncpy
strlen
wcslen

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
abort
_errno
_cexit
_initialize_narrow_environment

Exports

Exports

JNI_OnLoad
Java_java_nio_MappedMemoryUtils_force0
Java_java_nio_MappedMemoryUtils_isLoaded0
Java_java_nio_MappedMemoryUtils_load0
Java_java_nio_MappedMemoryUtils_unload0
Java_sun_nio_ch_DatagramChannelImpl_disconnect0
Java_sun_nio_ch_DatagramChannelImpl_receive0
Java_sun_nio_ch_DatagramChannelImpl_send0
Java_sun_nio_ch_DatagramDispatcher_read0
Java_sun_nio_ch_DatagramDispatcher_readv0
Java_sun_nio_ch_DatagramDispatcher_write0
Java_sun_nio_ch_DatagramDispatcher_writev0
Java_sun_nio_ch_FileChannelImpl_initIDs
Java_sun_nio_ch_FileChannelImpl_map0
Java_sun_nio_ch_FileChannelImpl_maxDirectTransferSize0
Java_sun_nio_ch_FileChannelImpl_transferTo0
Java_sun_nio_ch_FileChannelImpl_unmap0
Java_sun_nio_ch_FileDispatcherImpl_close0
Java_sun_nio_ch_FileDispatcherImpl_duplicateHandle
Java_sun_nio_ch_FileDispatcherImpl_force0
Java_sun_nio_ch_FileDispatcherImpl_lock0
Java_sun_nio_ch_FileDispatcherImpl_pread0
Java_sun_nio_ch_FileDispatcherImpl_pwrite0
Java_sun_nio_ch_FileDispatcherImpl_read0
Java_sun_nio_ch_FileDispatcherImpl_readv0
Java_sun_nio_ch_FileDispatcherImpl_release0
Java_sun_nio_ch_FileDispatcherImpl_seek0
Java_sun_nio_ch_FileDispatcherImpl_setDirect0
Java_sun_nio_ch_FileDispatcherImpl_size0
Java_sun_nio_ch_FileDispatcherImpl_truncate0
Java_sun_nio_ch_FileDispatcherImpl_write0
Java_sun_nio_ch_FileDispatcherImpl_writev0
Java_sun_nio_ch_FileKey_init
Java_sun_nio_ch_FileKey_initIDs
Java_sun_nio_ch_IOUtil_configureBlocking
Java_sun_nio_ch_IOUtil_drain
Java_sun_nio_ch_IOUtil_fdVal
Java_sun_nio_ch_IOUtil_initIDs
Java_sun_nio_ch_IOUtil_iovMax
Java_sun_nio_ch_IOUtil_randomBytes
Java_sun_nio_ch_IOUtil_setfdVal
Java_sun_nio_ch_IOUtil_write1
Java_sun_nio_ch_Iocp_close0
Java_sun_nio_ch_Iocp_createIoCompletionPort
Java_sun_nio_ch_Iocp_getErrorMessage
Java_sun_nio_ch_Iocp_getQueuedCompletionStatus
Java_sun_nio_ch_Iocp_initIDs
Java_sun_nio_ch_Iocp_postQueuedCompletionStatus
Java_sun_nio_ch_NativeSocketAddress_AFINET
Java_sun_nio_ch_NativeSocketAddress_AFINET6
Java_sun_nio_ch_NativeSocketAddress_offsetFamily
Java_sun_nio_ch_NativeSocketAddress_offsetSin4Addr
Java_sun_nio_ch_NativeSocketAddress_offsetSin4Port
Java_sun_nio_ch_NativeSocketAddress_offsetSin6Addr
Java_sun_nio_ch_NativeSocketAddress_offsetSin6FlowInfo
Java_sun_nio_ch_NativeSocketAddress_offsetSin6Port
Java_sun_nio_ch_NativeSocketAddress_offsetSin6ScopeId
Java_sun_nio_ch_NativeSocketAddress_sizeofFamily
Java_sun_nio_ch_NativeSocketAddress_sizeofSockAddr4
Java_sun_nio_ch_NativeSocketAddress_sizeofSockAddr6
Java_sun_nio_ch_Net_accept
Java_sun_nio_ch_Net_available
Java_sun_nio_ch_Net_bind0
Java_sun_nio_ch_Net_blockOrUnblock4
Java_sun_nio_ch_Net_blockOrUnblock6
Java_sun_nio_ch_Net_canIPv6SocketJoinIPv4Group0
Java_sun_nio_ch_Net_canJoin6WithIPv4Group0
Java_sun_nio_ch_Net_canUseIPv6OptionsWithIPv4LocalAddress0
Java_sun_nio_ch_Net_connect0
Java_sun_nio_ch_Net_discardOOB
Java_sun_nio_ch_Net_getIntOption0
Java_sun_nio_ch_Net_getInterface4
Java_sun_nio_ch_Net_getInterface6
Java_sun_nio_ch_Net_initIDs
Java_sun_nio_ch_Net_isExclusiveBindAvailable
Java_sun_nio_ch_Net_isIPv6Available0
Java_sun_nio_ch_Net_isReusePortAvailable0
Java_sun_nio_ch_Net_joinOrDrop4
Java_sun_nio_ch_Net_joinOrDrop6
Java_sun_nio_ch_Net_listen
Java_sun_nio_ch_Net_localInetAddress
Java_sun_nio_ch_Net_localPort
Java_sun_nio_ch_Net_poll
Java_sun_nio_ch_Net_pollConnect
Java_sun_nio_ch_Net_pollconnValue
Java_sun_nio_ch_Net_pollerrValue
Java_sun_nio_ch_Net_pollhupValue
Java_sun_nio_ch_Net_pollinValue
Java_sun_nio_ch_Net_pollnvalValue
Java_sun_nio_ch_Net_polloutValue
Java_sun_nio_ch_Net_remoteInetAddress
Java_sun_nio_ch_Net_remotePort
Java_sun_nio_ch_Net_sendOOB
Java_sun_nio_ch_Net_setIntOption0
Java_sun_nio_ch_Net_setInterface4
Java_sun_nio_ch_Net_setInterface6
Java_sun_nio_ch_Net_shouldSetBothIPv4AndIPv6Options0
Java_sun_nio_ch_Net_shutdown
Java_sun_nio_ch_Net_socket0
Java_sun_nio_ch_SocketDispatcher_close0
Java_sun_nio_ch_SocketDispatcher_read0
Java_sun_nio_ch_SocketDispatcher_readv0
Java_sun_nio_ch_SocketDispatcher_write0
Java_sun_nio_ch_SocketDispatcher_writev0
Java_sun_nio_ch_UnixDomainSockets_accept0
Java_sun_nio_ch_UnixDomainSockets_bind0
Java_sun_nio_ch_UnixDomainSockets_connect0
Java_sun_nio_ch_UnixDomainSockets_init
Java_sun_nio_ch_UnixDomainSockets_localAddress0
Java_sun_nio_ch_UnixDomainSockets_socket0
Java_sun_nio_ch_WEPoll_close
Java_sun_nio_ch_WEPoll_create
Java_sun_nio_ch_WEPoll_ctl
Java_sun_nio_ch_WEPoll_dataOffset
Java_sun_nio_ch_WEPoll_eventSize
Java_sun_nio_ch_WEPoll_eventsOffset
Java_sun_nio_ch_WEPoll_wait
Java_sun_nio_ch_WindowsAsynchronousFileChannelImpl_lockFile
Java_sun_nio_ch_WindowsAsynchronousFileChannelImpl_readFile
Java_sun_nio_ch_WindowsAsynchronousFileChannelImpl_writeFile
Java_sun_nio_ch_WindowsAsynchronousServerSocketChannelImpl_accept0
Java_sun_nio_ch_WindowsAsynchronousServerSocketChannelImpl_closesocket0
Java_sun_nio_ch_WindowsAsynchronousServerSocketChannelImpl_initIDs
Java_sun_nio_ch_WindowsAsynchronousServerSocketChannelImpl_updateAcceptContext
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_closesocket0
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_connect0
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_initIDs
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_read0
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_shutdown0
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_updateConnectContext
Java_sun_nio_ch_WindowsAsynchronousSocketChannelImpl_write0
Java_sun_nio_ch_WindowsSelectorImpl_00024SubSelector_poll0
Java_sun_nio_ch_WindowsSelectorImpl_resetWakeupSocket0
Java_sun_nio_ch_WindowsSelectorImpl_setWakeupSocket0
Java_sun_nio_fs_RegistryFileTypeDetector_queryStringValue
Java_sun_nio_fs_WindowsNativeDispatcher_AccessCheck
Java_sun_nio_fs_WindowsNativeDispatcher_AddAccessAllowedAceEx
Java_sun_nio_fs_WindowsNativeDispatcher_AddAccessDeniedAceEx
Java_sun_nio_fs_WindowsNativeDispatcher_AdjustTokenPrivileges
Java_sun_nio_fs_WindowsNativeDispatcher_CancelIo
Java_sun_nio_fs_WindowsNativeDispatcher_CloseHandle
Java_sun_nio_fs_WindowsNativeDispatcher_ConvertSidToStringSid
Java_sun_nio_fs_WindowsNativeDispatcher_ConvertStringSidToSid0
Java_sun_nio_fs_WindowsNativeDispatcher_CopyFileEx0
Java_sun_nio_fs_WindowsNativeDispatcher_CreateDirectory0
Java_sun_nio_fs_WindowsNativeDispatcher_CreateEvent
Java_sun_nio_fs_WindowsNativeDispatcher_CreateFile0
Java_sun_nio_fs_WindowsNativeDispatcher_CreateHardLink0
Java_sun_nio_fs_WindowsNativeDispatcher_CreateIoCompletionPort
Java_sun_nio_fs_WindowsNativeDispatcher_CreateSymbolicLink0
Java_sun_nio_fs_WindowsNativeDispatcher_DeleteFile0
Java_sun_nio_fs_WindowsNativeDispatcher_DeviceIoControlGetReparsePoint
Java_sun_nio_fs_WindowsNativeDispatcher_DeviceIoControlSetSparse
Java_sun_nio_fs_WindowsNativeDispatcher_DuplicateTokenEx
Java_sun_nio_fs_WindowsNativeDispatcher_FindClose
Java_sun_nio_fs_WindowsNativeDispatcher_FindFirstFile0
Java_sun_nio_fs_WindowsNativeDispatcher_FindFirstFile1
Java_sun_nio_fs_WindowsNativeDispatcher_FindFirstStream0
Java_sun_nio_fs_WindowsNativeDispatcher_FindNextFile
Java_sun_nio_fs_WindowsNativeDispatcher_FindNextStream
Java_sun_nio_fs_WindowsNativeDispatcher_FormatMessage
Java_sun_nio_fs_WindowsNativeDispatcher_GetAce
Java_sun_nio_fs_WindowsNativeDispatcher_GetAclInformation0
Java_sun_nio_fs_WindowsNativeDispatcher_GetCurrentProcess
Java_sun_nio_fs_WindowsNativeDispatcher_GetCurrentThread
Java_sun_nio_fs_WindowsNativeDispatcher_GetDiskFreeSpace0
Java_sun_nio_fs_WindowsNativeDispatcher_GetDiskFreeSpaceEx0
Java_sun_nio_fs_WindowsNativeDispatcher_GetDriveType0
Java_sun_nio_fs_WindowsNativeDispatcher_GetFileAttributes0
Java_sun_nio_fs_WindowsNativeDispatcher_GetFileAttributesEx0
Java_sun_nio_fs_WindowsNativeDispatcher_GetFileInformationByHandle
Java_sun_nio_fs_WindowsNativeDispatcher_GetFileSecurity0
Java_sun_nio_fs_WindowsNativeDispatcher_GetFileSizeEx
Java_sun_nio_fs_WindowsNativeDispatcher_GetFinalPathNameByHandle
Java_sun_nio_fs_WindowsNativeDispatcher_GetFullPathName0
Java_sun_nio_fs_WindowsNativeDispatcher_GetLengthSid
Java_sun_nio_fs_WindowsNativeDispatcher_GetLogicalDrives
Java_sun_nio_fs_WindowsNativeDispatcher_GetOverlappedResult
Java_sun_nio_fs_WindowsNativeDispatcher_GetQueuedCompletionStatus0
Java_sun_nio_fs_WindowsNativeDispatcher_GetSecurityDescriptorDacl
Java_sun_nio_fs_WindowsNativeDispatcher_GetSecurityDescriptorOwner
Java_sun_nio_fs_WindowsNativeDispatcher_GetTokenInformation
Java_sun_nio_fs_WindowsNativeDispatcher_GetVolumeInformation0
Java_sun_nio_fs_WindowsNativeDispatcher_GetVolumePathName0
Java_sun_nio_fs_WindowsNativeDispatcher_InitializeAcl
Java_sun_nio_fs_WindowsNativeDispatcher_InitializeSecurityDescriptor
Java_sun_nio_fs_WindowsNativeDispatcher_LocalFree
Java_sun_nio_fs_WindowsNativeDispatcher_LookupAccountName0
Java_sun_nio_fs_WindowsNativeDispatcher_LookupAccountSid0
Java_sun_nio_fs_WindowsNativeDispatcher_LookupPrivilegeValue0
Java_sun_nio_fs_WindowsNativeDispatcher_MoveFileEx0
Java_sun_nio_fs_WindowsNativeDispatcher_OpenProcessToken
Java_sun_nio_fs_WindowsNativeDispatcher_OpenThreadToken
Java_sun_nio_fs_WindowsNativeDispatcher_PostQueuedCompletionStatus
Java_sun_nio_fs_WindowsNativeDispatcher_ReadDirectoryChangesW
Java_sun_nio_fs_WindowsNativeDispatcher_RemoveDirectory0
Java_sun_nio_fs_WindowsNativeDispatcher_SetEndOfFile
Java_sun_nio_fs_WindowsNativeDispatcher_SetFileAttributes0
Java_sun_nio_fs_WindowsNativeDispatcher_SetFileSecurity0
Java_sun_nio_fs_WindowsNativeDispatcher_SetFileTime
Java_sun_nio_fs_WindowsNativeDispatcher_SetSecurityDescriptorDacl
Java_sun_nio_fs_WindowsNativeDispatcher_SetSecurityDescriptorOwner
Java_sun_nio_fs_WindowsNativeDispatcher_SetThreadToken
Java_sun_nio_fs_WindowsNativeDispatcher_initIDs

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01a0758fa0df1a456d629aabf5520ce8

Code Sign

0d:f7:a7:c9:09:06:30:1a:d2:f0:c2:4d:33:77:18:7bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

2d:cd:42:a9:f1:f5:67:ee:6a:75:f4:44:9a:a1:13:5b:38:cb:e6:e7:78:dd:6a:e7:ca:49:7e:c0:c9:e4:17:c4Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

java

net

advapi32

mswsock

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 60B

0d:f7:a7:c9:09:06:30:1a:d2:f0:c2:4d:33:77:18:7b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

2d:cd:42:a9:f1:f5:67:ee:6a:75:f4:44:9a:a1:13:5b:38:cb:e6:e7:78:dd:6a:e7:ca:49:7e:c0:c9:e4:17:c4
Signer

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 60B