Winfile_v10[.]3[.]0[.]0[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Winfile_v10.3.0.0.zip
Size

2.7MB
MD5

120b1acfe4d332a2bea381f714f6cfa9
SHA1

299b5a64d226e0479df86b99f13f233ef75f568f
SHA256

f33bde933002aff27963eef3cbd1c07c8ebf4e8521ed02079ccbc6a63b953bef
SHA512

bfd0e2a58407c0e6ab830dafef7046192d460ee482814b5a034e5a2055d248b51801455b364930787e7b79d65dfad260732543ea700cd26899cace7b985c7104
SSDEEP

49152:Y7vauX5qcMshy9gn0RAO2qq6JZnqvcG1QsLGZC2wi39n/EGkKqrDayilX:YvauJq46s0RAOLqsnqkiBz439MA2dilX

Score

1^/10

Malware Config

Signatures

Files

Winfile_v10.3.0.0.zip
.zip

Password: infected
Microsoft 3rd Party Application.cer
arm64/Winfile.exe
arm64/Winfile.pdb
readme.txt
x64/Winfile.exe
.exe windows:6 windows x64 arch:x64

Password: infected

87387366b40642ad05dac8c27472f290

Code Sign

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13-07-2023 23:45

Not After

15-09-2024 23:45

Subject

CN=Microsoft 3rd Party Application Component,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

89:e7:70:90:33:e9:2e:42:75:51:5f:d6:6d:47:58:75:d7:68:98:de:99:11:2c:61:c4:2e:4b:2c:98:a8:56:c6
Signer

Actual PE Digest

89:e7:70:90:33:e9:2e:42:75:51:5f:d6:6d:47:58:75:d7:68:98:de:99:11:2c:61:c4:2e:4b:2c:98:a8:56:c6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\__w\1\s\winfile\src\x64\Release\Winfile.pdb

Imports

kernel32

GetEnvironmentVariableW
GetSystemDirectoryW
GlobalAlloc
GlobalFree
LoadLibraryW
SetCurrentDirectoryW
GetProcAddress
GlobalLock
FreeLibrary
WideCharToMultiByte
GlobalUnlock
GetShortPathNameW
SetFileAttributesW
DeleteFileW
CreateThread
IsDBCSLeadByte
GetModuleHandleW
MoveFileW
GetUserDefaultLCID
FileTimeToSystemTime
GetNumberFormatW
FileTimeToLocalFileTime
GetTimeFormatW
GetDateFormatW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateEventW
SetEvent
DeleteCriticalSection
GetVolumeInformationW
GetCompressedFileSizeW
LocalFileTimeToFileTime
ExpandEnvironmentStringsW
GetLastError
ExitThread
GetDiskFreeSpaceExW
WriteFile
CreateHardLinkW
GetFileInformationByHandle
CreateDirectoryExW
SetThreadPriority
GetCurrentThreadId
Sleep
SwitchToThread
SetErrorMode
GetCurrentThread
ResetEvent
ExitProcess
GetDriveTypeW
SizeofResource
SetThreadLocale
GetPrivateProfileIntW
GetThreadLocale
SetThreadUILanguage
GetLocaleInfoW
GetVersionExW
FreeResource
LoadResource
FindResourceW
GetCurrentDirectoryW
MulDiv
LocalUnlock
LocalSize
CompareFileTime
GetTickCount
GetCommandLineW
RtlLookupFunctionEntry
FindNextChangeNotification
FindCloseChangeNotification
FindFirstChangeNotificationW
LocalReAlloc
GetProfileStringW
WriteProfileStringW
lstrcmpW
lstrcatW
CompareStringW
lstrcmpiW
GetPrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameW
WritePrivateProfileStringW
FormatMessageW
GetProcessHeap
HeapAlloc
HeapFree
CopyFileExW
lstrcpyW
CopyFileW
LocalFree
VerLanguageNameW
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
GetFileAttributesW
CreateFileW
LocalAlloc
SystemTimeToFileTime
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
FindClose
RemoveDirectoryW
DeviceIoControl
lstrlenW
FindNextFileW
GetFullPathNameW
SetLastError
FindFirstFileExW
FindFirstFileW
GetTempPathW
CreateDirectoryW
GetStartupInfoW
RtlCaptureContext

gdi32

GetStockObject
GetLayout
SetLayout
CreateCompatibleDC
CreateDIBitmap
CreateFontW
GetDeviceCaps
DeleteDC
SetBkMode
GetObjectW
CreateFontIndirectW
TextOutW
PatBlt
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SelectObject
GetTextMetricsW
SetTextColor
SetBkColor
DeleteObject
CreateSolidBrush

user32

SetRect
CharUpperBuffW
SetCursor
SetCapture
TranslateMessage
TranslateAcceleratorW
IntersectRect
FrameRect
DragObject
PeekMessageW
ClientToScreen
TranslateMDISysAccel
DispatchMessageW
GetCapture
MessageBeep
InflateRect
PostMessageW
CharLowerW
GetKeyState
GetMessageW
GetWindowTextW
DialogBoxParamW
CharNextW
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
SetWindowTextW
MessageBoxW
CharUpperW
GetWindowTextLengthW
MsgWaitForMultipleObjects
ShowCursor
KillTimer
CheckMenuItem
SetClipboardData
InsertMenuW
LoadCursorW
WinHelpW
EmptyClipboard
CloseClipboard
SetTimer
OpenClipboard
SetActiveWindow
RegisterClipboardFormatW
CreateDialogParamW
DrawIconEx
IsWindow
GetCursorPos
GetDesktopWindow
SystemParametersInfoW
CheckDlgButton
DestroyMenu
PtInRect
TrackPopupMenu
GetWindowPlacement
LoadMenuW
EnableMenuItem
SetWindowPos
GetDoubleClickTime
DrawMenuBar
DeleteMenu
SetForegroundWindow
IsDialogMessageW
RedrawWindow
CallWindowProcW
DestroyIcon
RegisterWindowMessageW
LoadIconW
SetWindowsHookW
LoadAcceleratorsW
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetLastActivePopup
DefMDIChildProcW
GetActiveWindow
SetCursorPos
SetWindowLongW
DrawIcon
GetScrollPos
InternalGetWindowText
wvsprintfW
PostQuitMessage
DefFrameProcW
CallNextHookEx
GetSystemMenu
DefWindowProcW
GetWindow
GetWindowRect
EnumChildWindows
SetWindowLongPtrW
ScreenToClient
SendMessageW
EndDialog
GetSystemMetrics
GetClassNameA
GetWindowLongPtrW
BeginDeferWindowPos
ReleaseCapture
IsIconic
EnableWindow
RegisterClassW
MapWindowPoints
MoveWindow
RegisterClassA
GetUpdateRect
GetClassNameW
EndDeferWindowPos
GetClientRect
GetMenuState
GetMenu
GetFocus
DestroyWindow
GetDC
FillRect
CreateWindowExW
GetSubMenu
ShowWindow
DrawFocusRect
GetSysColor
SetFocus
GetMenuStringW
GetDlgItem
IsDlgButtonChecked
DrawTextW
IsWindowUnicode
GetParent
DrawFrameControl
InvalidateRect
BeginPaint
EndPaint
LoadStringW
wsprintfW
UpdateWindow
ReleaseDC
OffsetRect
DeferWindowPos
GetWindowLongW

advapi32

RegSetValueW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyExW
RegFlushKey
RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegQueryValueExW

oleaut32

VarDateFromStr
VariantTimeToSystemTime

ole32

RegisterDragDrop
OleGetClipboard
ReleaseStgMedium
OleInitialize
CoLockObjectExternal
RevokeDragDrop
OleUninitialize

shell32

ord42
ShellExecuteExW
SHFormatDrive
ord66
DragQueryFileW
ShellExecuteW
ExtractIconExW

shlwapi

StrChrW
StrRChrW
PathFileExistsW
PathAppendW
PathFindExtensionW
PathIsDirectoryW
StrCpyNW

comctl32

CreateToolbarEx
CreateStatusWindowW
ord4
ord2

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__std_exception_destroy
__std_exception_copy
wcsstr
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
wcsrchr
memset
memcpy
memmove

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
__stdio_common_vswprintf_s
__stdio_common_vswprintf

api-ms-win-crt-string-l1-1-0

tolower
_wcslwr_s
wcstok_s
wcsncat_s
wcsncpy_s
wcsncmp
_wcsicmp
wcscpy_s
strcmp

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_configure_narrow_argv
_initialize_narrow_environment
_get_narrow_winmain_command_line
_seh_filter_exe
_initterm_e
exit
_exit
terminate
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_initterm
_initialize_onexit_table
_register_onexit_function
_crt_atexit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 578KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/Winfile.pdb
x86/WINFILE.CHM
.chm
x86/Winfile.exe
.exe windows:6 windows x86 arch:x86

Password: infected

ec28f192d36a699cb59453b02a95cc7b

Code Sign

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13-07-2023 23:45

Not After

15-09-2024 23:45

Subject

CN=Microsoft 3rd Party Application Component,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fa:c9:ff:33:f4:d7:3c:12:d2:e5:7f:85:e0:30:12:72:29:3b:fa:66:36:c1:86:82:e0:e9:c4:bd:f1:f8:61:71
Signer

Actual PE Digest

fa:c9:ff:33:f4:d7:3c:12:d2:e5:7f:85:e0:30:12:72:29:3b:fa:66:36:c1:86:82:e0:e9:c4:bd:f1:f8:61:71

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\__w\1\s\winfile\src\Win32\Release\Winfile.pdb

Imports

kernel32

GetEnvironmentVariableW
GetSystemDirectoryW
GlobalAlloc
GlobalFree
LoadLibraryW
SetCurrentDirectoryW
GetProcAddress
GlobalLock
FreeLibrary
WideCharToMultiByte
GlobalUnlock
GetShortPathNameW
SetFileAttributesW
DeleteFileW
CreateThread
IsDBCSLeadByte
GetModuleHandleW
MoveFileW
GetUserDefaultLCID
FileTimeToSystemTime
GetNumberFormatW
FileTimeToLocalFileTime
GetTimeFormatW
GetDateFormatW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateEventW
SetEvent
DeleteCriticalSection
GetVolumeInformationW
GetCompressedFileSizeW
LocalFileTimeToFileTime
ExpandEnvironmentStringsW
GetLastError
ExitThread
GetDiskFreeSpaceExW
CreateHardLinkW
GetTempPathW
GetFileInformationByHandle
CreateDirectoryExW
SetThreadPriority
GetCurrentThreadId
Sleep
SwitchToThread
SetErrorMode
GetCurrentThread
ResetEvent
ExitProcess
GetDriveTypeW
SizeofResource
SetThreadLocale
GetPrivateProfileIntW
GetThreadLocale
SetThreadUILanguage
GetLocaleInfoW
GetVersionExW
FreeResource
LoadResource
FindResourceW
GetCurrentDirectoryW
MulDiv
LocalUnlock
LocalSize
CompareFileTime
GetTickCount
GetCommandLineW
RemoveDirectoryW
FindNextChangeNotification
FindCloseChangeNotification
FindFirstChangeNotificationW
LocalReAlloc
GetProfileStringW
WriteProfileStringW
lstrcmpW
lstrcatW
CompareStringW
lstrcmpiW
GetPrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameW
WritePrivateProfileStringW
FormatMessageW
GetProcessHeap
HeapAlloc
HeapFree
CopyFileExW
lstrcpyW
CopyFileW
LocalFree
VerLanguageNameW
DeviceIoControl
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
GetFileAttributesW
CreateFileW
LocalAlloc
SystemTimeToFileTime
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
FindClose
lstrlenW
FindNextFileW
GetFullPathNameW
SetLastError
FindFirstFileExW
FindFirstFileW
WriteFile
CreateDirectoryW
GetStartupInfoW

gdi32

GetStockObject
GetLayout
SetLayout
CreateCompatibleDC
CreateDIBitmap
CreateFontW
GetDeviceCaps
DeleteDC
SetBkMode
GetObjectW
CreateFontIndirectW
TextOutW
PatBlt
GetTextExtentPoint32W
ExtTextOutW
BitBlt
SelectObject
GetTextMetricsW
SetTextColor
SetBkColor
DeleteObject
CreateSolidBrush

user32

ReleaseCapture
PtInRect
SetRect
CharUpperBuffW
SetCursor
SetCapture
TranslateMessage
TranslateAcceleratorW
IntersectRect
FrameRect
DragObject
PeekMessageW
ClientToScreen
TranslateMDISysAccel
DispatchMessageW
GetCapture
MessageBeep
InflateRect
PostMessageW
CharLowerW
GetKeyState
GetMessageW
GetWindowTextW
DialogBoxParamW
CharNextW
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
SetWindowTextW
MessageBoxW
CharUpperW
GetWindowTextLengthW
MsgWaitForMultipleObjects
ShowCursor
KillTimer
CheckMenuItem
SetClipboardData
InsertMenuW
LoadCursorW
WinHelpW
EmptyClipboard
CloseClipboard
SetTimer
OpenClipboard
SetActiveWindow
RegisterClipboardFormatW
CreateDialogParamW
DrawIconEx
IsWindow
GetCursorPos
GetDesktopWindow
SystemParametersInfoW
CheckDlgButton
IsIconic
IsDlgButtonChecked
TrackPopupMenu
GetWindowPlacement
LoadMenuW
OffsetRect
SetWindowPos
GetDoubleClickTime
DrawMenuBar
DeleteMenu
SetForegroundWindow
IsDialogMessageW
RedrawWindow
CallWindowProcW
DestroyIcon
RegisterWindowMessageW
LoadIconW
SetWindowsHookW
LoadAcceleratorsW
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetLastActivePopup
DefMDIChildProcW
GetActiveWindow
SetCursorPos
DrawIcon
GetScrollPos
InternalGetWindowText
wvsprintfW
PostQuitMessage
DefFrameProcW
CallNextHookEx
GetSystemMenu
GetWindowLongW
DefWindowProcW
GetWindow
GetWindowRect
EnumChildWindows
ScreenToClient
SendMessageW
EndDialog
GetSystemMetrics
GetClassNameA
BeginDeferWindowPos
RegisterClassW
EnableWindow
GetMenuState
GetMenu
MapWindowPoints
MoveWindow
RegisterClassA
GetUpdateRect
GetClassNameW
EndDeferWindowPos
SetWindowLongW
GetClientRect
GetFocus
DestroyWindow
GetDC
FillRect
CreateWindowExW
GetSubMenu
ShowWindow
DrawFocusRect
GetSysColor
SetFocus
GetMenuStringW
GetDlgItem
DrawTextW
EnableMenuItem
UpdateWindow
DestroyMenu
IsWindowUnicode
GetParent
DrawFrameControl
InvalidateRect
BeginPaint
EndPaint
LoadStringW
ReleaseDC
wsprintfW
DeferWindowPos

advapi32

RegOpenKeyW
RegEnumKeyExW
RegFlushKey
RegQueryValueW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegQueryValueExW
RegSetValueW
RegOpenKeyExW

oleaut32

VarDateFromStr
VariantTimeToSystemTime

ole32

CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
ReleaseStgMedium
RevokeDragDrop
OleUninitialize
OleInitialize

shell32

DragQueryFileW
ord42
ShellExecuteExW
SHFormatDrive
ord66
ShellExecuteW
ExtractIconExW

shlwapi

StrCpyNW
StrChrW
StrRChrW
PathFileExistsW
PathIsDirectoryW
PathAppendW
PathFindExtensionW

comctl32

CreateToolbarEx
CreateStatusWindowW
ord4
ord2

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

vcruntime140

memmove
wcsrchr
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
wcsstr
_CxxThrowException
__current_exception
__current_exception_context
memset
_except_handler4_common
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vswprintf_s
_set_fmode
__p__commode

api-ms-win-crt-string-l1-1-0

wcsncat_s
wcsncpy_s
_wcslwr_s
wcstok_s
tolower
wcsncmp
wcscpy_s
_wcsicmp

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
free
calloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_set_app_type
_crt_atexit
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initialize_narrow_environment
_get_narrow_winmain_command_line
_initterm_e
exit
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_controlfp_s
_initterm
_register_onexit_function
_initialize_onexit_table
terminate

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 578KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x86/Winfile.pdb

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

87387366b40642ad05dac8c27472f290

Code Sign

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

89:e7:70:90:33:e9:2e:42:75:51:5f:d6:6d:47:58:75:d7:68:98:de:99:11:2c:61:c4:2e:4b:2c:98:a8:56:c6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

advapi32

oleaut32

ole32

shell32

shlwapi

comctl32

version

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 257KB - Virtual size: 257KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 206KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 578KB - Virtual size: 578KB

.reloc Size: 512B - Virtual size: 172B

Password: infected

ec28f192d36a699cb59453b02a95cc7b

Code Sign

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

fa:c9:ff:33:f4:d7:3c:12:d2:e5:7f:85:e0:30:12:72:29:3b:fa:66:36:c1:86:82:e0:e9:c4:bd:f1:f8:61:71Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

advapi32

oleaut32

ole32

shell32

shlwapi

comctl32

version

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 3KB - Virtual size: 203KB

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

89:e7:70:90:33:e9:2e:42:75:51:5f:d6:6d:47:58:75:d7:68:98:de:99:11:2c:61:c4:2e:4b:2c:98:a8:56:c6
Signer

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 206KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 578KB - Virtual size: 578KB

.reloc
Size: 512B - Virtual size: 172B

33:00:00:03:84:d9:68:7d:66:cc:75:4b:a1:00:00:00:00:03:84
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

fa:c9:ff:33:f4:d7:3c:12:d2:e5:7f:85:e0:30:12:72:29:3b:fa:66:36:c1:86:82:e0:e9:c4:bd:f1:f8:61:71
Signer

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 3KB - Virtual size: 203KB

.rsrc
Size: 578KB - Virtual size: 578KB

.reloc
Size: 21KB - Virtual size: 21KB