2024-09-05_7cb71cf32f2ef387d861bf6c6a72851a_floxif_icedid

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-05_7cb71cf32f2ef387d861bf6c6a72851a_floxif_icedid
Size

4.0MB
MD5

7cb71cf32f2ef387d861bf6c6a72851a
SHA1

ef70580132332ca6fc3f5f401382c9f1a3007dc4
SHA256

3ca27b690a88d70ebb1746185f607efe98768f751282932592261e7ecf4ab26e
SHA512

436587b450cf59c9b3a3d6086217644fd51e8c0534654ce3b727a89091fc1cb7906cde0775dce1043f17273d44f6206eaba935c53ecfbaae5914c8c98a28f92f
SSDEEP

98304:ViNHWozwHVeggA80fLalwCpZTkTmCqC23eMHSyo93Oj:VGqES80zalwVOAyo93m

Score

1^/10

Malware Config

Signatures

Files

2024-09-05_7cb71cf32f2ef387d861bf6c6a72851a_floxif_icedid
.exe windows:6 windows x86 arch:x86

5a03fe165c324ecb61f6b4e4065df3ee

Code Sign

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

07/02/2020, 00:00

Not After

06/05/2023, 23:59

Subject

CN=CrystalBit Solutions,O=CrystalBit Solutions,POSTALCODE=8620,STREET=Schoolstraat 24,L=Nieuwpoort,ST=West Vlaanderen,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

07/02/2020, 00:00

Not After

06/05/2023, 23:59

Subject

CN=CrystalBit Solutions,O=CrystalBit Solutions,POSTALCODE=8620,STREET=Schoolstraat 24,L=Nieuwpoort,ST=West Vlaanderen,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f1:80:cf:d5:ed:a3:60:d7:b9:88:df:c6:44:54:6c:03:81:ba:e4:d8:d5:ef:9a:69:0c:3a:32:70:e6:4d:2a:b1
Signer

Actual PE Digest

f1:80:cf:d5:ed:a3:60:d7:b9:88:df:c6:44:54:6c:03:81:ba:e4:d8:d5:ef:9a:69:0c:3a:32:70:e6:4d:2a:b1

Digest Algorithm

sha256

PE Digest Matches

false

c6:77:37:d3:e7:e1:2f:c2:9f:18:d0:a7:70:c4:fc:0e:0d:ab:9c:45
Signer

Actual PE Digest

c6:77:37:d3:e7:e1:2f:c2:9f:18:d0:a7:70:c4:fc:0e:0d:ab:9c:45

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Projects\uninstall-tool\Ready\UninstallTool-x86.pdb

Imports

kernel32

GetUserDefaultLCID
FindResourceExW
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetDriveTypeW
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
LCMapStringW
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetFileType
SetStdHandle
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetCPInfo
SetErrorMode
LCMapStringEx
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
GetSystemDefaultUILanguage
GlobalFlags
GetFileSizeEx
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
FlushFileBuffers
GetThreadLocale
GetPrivateProfileIntW
SuspendThread
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
GetACP
InitializeCriticalSectionEx
OpenEventW
OpenMutexW
CreateMutexW
GlobalFree
lstrlenA
ExitProcess
CompareStringW
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpA
SetThreadPriority
CreateDirectoryW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetModuleHandleA
OutputDebugStringW
LocalUnlock
LocalLock
GetVersionExW
VirtualFree
VirtualAlloc
GetWindowsDirectoryW
ExpandEnvironmentStringsW
lstrcatW
lstrcpyW
VirtualProtect
GetNativeSystemInfo
GetVersion
SetUnhandledExceptionFilter
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LocalAlloc
GetModuleFileNameW
GetCurrentThread
GetProcessTimes
CompareFileTime
GlobalLock
GlobalUnlock
GlobalAlloc
LocalFree
GetTempPathW
QueryDosDeviceW
GetTempFileNameW
GetLogicalDriveStringsW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
SetFilePointer
FormatMessageW
SetFileAttributesW
RemoveDirectoryW
IsBadWritePtr
IsBadReadPtr
MoveFileExW
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileAttributesExW
lstrcmpiW
LoadLibraryW
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
WriteConsoleA
GetConsoleMode
GetTimeZoneInformation
CopyFileW
ResumeThread
GetStdHandle
GetLongPathNameW
GetExitCodeThread
WriteFile
GetTickCount
WinExec
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
lstrcmpW
SearchPathW
GetComputerNameW
DeleteFileW
CreateThread
GetCommandLineW
GetLocalTime
Sleep
GetCurrentDirectoryW
lstrcpynW
LoadLibraryA
FreeLibrary
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateProcessW
GetExitCodeProcess
FileTimeToDosDateTime
GetProcAddress
GetSystemTimeAsFileTime
ReadFile
GetFileSize
FileTimeToLocalFileTime
CreateFileW
lstrlenW
OpenProcess
TerminateProcess
GetLastError
MulDiv
VerifyVersionInfoW
VerSetConditionMask
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetUserDefaultUILanguage
GetCurrentProcessId
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
GetSystemTime
TerminateThread
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeviceIoControl
SetLastError
CloseHandle

user32

GetMenuItemInfoW
GetMenuItemID
SetWindowRgn
SetParent
GetTopWindow
UpdateWindow
LoadMenuW
MapVirtualKeyW
wsprintfW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
IntersectRect
InvertRect
LockWindowUpdate
GetDCEx
GetSubMenu
GetCapture
GetNextDlgTabItem
GetSysColorBrush
AdjustWindowRectEx
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
TranslateAcceleratorW
SendDlgItemMessageA
CheckMenuItem
SetMenuItemBitmaps
SendMessageW
EnableWindow
CreateIconIndirect
CreateIconFromResourceEx
LoadBitmapW
DrawStateW
RegisterClipboardFormatW
ReleaseCapture
SetCapture
WindowFromPoint
ShowScrollBar
GetUpdateRect
WinHelpW
IsDialogMessageW
GetWindow
GetLastActivePopup
MessageBeep
RedrawWindow
EndPaint
BeginPaint
DrawIcon
EnableMenuItem
GetSystemMenu
GetAsyncKeyState
GetDialogBaseUnits
CheckDlgButton
ToUnicodeEx
MoveWindow
DestroyWindow
PostQuitMessage
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
LoadStringW
EnumDisplaySettingsW
FindWindowExW
FindWindowW
WaitForInputIdle
SetLayeredWindowAttributes
ShowWindow
CreateWindowExW
RegisterClassExW
ExitWindowsEx
GetMessageW
SetWindowLongW
GetMenuCheckMarkDimensions
SetFocus
EmptyClipboard
SetActiveWindow
UnionRect
GetMenuStringW
LookupIconIdFromDirectoryEx
DrawEdge
GetDoubleClickTime
GetMenu
SetMenu
GetMenuState
GetClassLongW
SetCursorPos
CallWindowProcW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
GetScrollInfo
GetTabbedTextExtentA
GetKeyboardLayoutList
SetClipboardData
CloseClipboard
OpenClipboard
BringWindowToTop
AttachThreadInput
CharLowerBuffW
CharLowerBuffA
FillRect
SetWindowTextW
GetDlgItem
CharLowerW
LoadIconW
GetShellWindow
DeleteMenu
GetKeyboardLayout
IsIconic
CharUpperW
IsCharLowerW
GetKeyboardState
GetKeyNameTextW
MapVirtualKeyExW
IsWindowEnabled
LoadAcceleratorsW
CopyAcceleratorTableW
IsZoomed
IsClipboardFormatAvailable
MapWindowPoints
GetCursor
IsMenu
IsChild
GetDlgCtrlID
GetWindowRgn
HideCaret
ShowCaret
CreateDialogIndirectParamW
DestroyIcon
IsWindowVisible
GetActiveWindow
GetWindowTextW
MessageBoxW
GetDesktopWindow
EnumWindows
GetDC
ReleaseDC
RegisterWindowMessageW
PostMessageW
IsWindow
GetFocus
GetKeyState
DrawTextW
InvalidateRect
GetClientRect
SetCursor
GetCursorPos
ScreenToClient
GetSysColor
SetRect
OffsetRect
PtInRect
GetParent
LoadCursorW
LoadImageW
DrawIconEx
GetIconInfo
GetSystemMetrics
GetWindowRect
SendMessageTimeoutW
GetWindowThreadProcessId
MessageBoxA
DrawFrameControl
GetMessagePos
CreatePopupMenu
AppendMenuW
DrawFocusRect
CopyRect
InflateRect
SetClassLongW
SystemParametersInfoW
SetMenuDefaultItem
GetForegroundWindow
SetRectEmpty
IsRectEmpty
EqualRect
DefWindowProcW
GetClassInfoW
DrawTextExW
GrayStringW
TabbedTextOutW
SendInput
SetForegroundWindow
SetTimer
KillTimer
InsertMenuW
ClientToScreen
UnregisterClassW
TrackPopupMenu
GetMenuDefaultItem
GetClassNameW
CopyIcon
SetWindowPos
GetMenuItemCount
SetMenuItemInfoW
GetMessageTime
RegisterClassW
GetClassInfoExW
MapDialogRect
GetWindowPlacement
SetWindowPlacement
ValidateRect
GetScrollPos
SetScrollRange
GetScrollRange
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
SetScrollInfo
MonitorFromWindow
GetMonitorInfoW
SetDlgItemTextW
EndDialog
ShowOwnedPopups
GetWindowDC
CharNextW
DestroyMenu
SetWindowContextHelpId
DrawMenuBar
DefFrameProcW
TranslateMDISysAccel
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RealChildWindowFromPoint
InvalidateRgn
GetNextDlgGroupItem
PostThreadMessageW
GetWindowLongW

gdi32

BeginPath
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
MoveToEx
PolyBezierTo
OffsetViewportOrgEx
GetRgnBox
CreatePolygonRgn
SetPixelV
FillRgn
FrameRgn
RestoreDC
RealizePalette
SaveDC
SetDIBitsToDevice
ExcludeClipRect
SelectClipRgn
SetMapMode
ExtSelectClipRgn
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32A
GetTextAlign
GetCurrentPositionEx
GetClipRgn
GetClipBox
GetCharWidthW
Ellipse
StretchDIBits
CreatePatternBrush
Polyline
CreateFontW
GetViewportOrgEx
SetBkMode
PtInRegion
GetBitmapBits
ExtCreateRegion
GetTextColor
GetCurrentObject
Polygon
PatBlt
EnumFontFamiliesExW
CreateRectRgnIndirect
CreateDIBSection
StretchBlt
SetPixel
GetDIBits
CreateBitmap
GetTextMetricsW
GetPixel
CreateRoundRectRgn
CreateRectRgn
CombineRgn
SetTextColor
SetBkColor
DeleteDC
CreateDCW
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
Escape
BitBlt
RoundRect
Rectangle
GetTextExtentPoint32W
GetStockObject
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
SetStretchBltMode
SelectObject

msimg32

GradientFill
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetTokenInformation
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegQueryInfoKeyW
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueW
RegEnumKeyW
DeleteService
CreateServiceW
ChangeServiceConfig2W
ChangeServiceConfigW
GetUserNameW
RegEnumValueW
RegEnumKeyExW
ConvertSidToStringSidW
IsValidSid
RegCloseKey
RegDeleteKeyW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusExW
ControlService
CloseServiceHandle
LookupPrivilegeValueW
DuplicateTokenEx

shell32

DragFinish
Shell_NotifyIconW
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetMalloc
SHChangeNotify
ShellExecuteExW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetPathFromIDListW
SHFileOperationW
CommandLineToArgvW
SHGetFileInfoW
ExtractIconExW
DragAcceptFiles
DragQueryFileW
ord680
ShellExecuteW

comctl32

ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Add
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageInfo
InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
ord487
PathStripPathW
PathMatchSpecW
PathRemoveFileSpecW
PathAddBackslashW
StrFormatByteSizeW
PathCompactPathW
PathParseIconLocationW
PathGetArgsW
PathUnquoteSpacesW
PathRemoveArgsW
PathIsRelativeW
PathIsDirectoryW
PathFileExistsW
SHDeleteKeyW
UrlUnescapeW

uxtheme

IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

OleFlushClipboard
OleUninitialize
OleInitialize
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoInitialize
CoCreateGuid
CoTaskMemAlloc
PropVariantClear
CoInitializeSecurity
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

VarBstrFromDate
VarDateFromStr
VariantChangeTypeEx
VariantTimeToSystemTime
SystemTimeToVariantTime
OleLoadPicturePath
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantCopy
VariantClear
VariantInit
SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
VarUdateFromDate
SafeArrayDestroy
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayGetDim
SafeArrayGetElemsize
LoadTypeLi
VariantChangeType
OleCreateFontIndirect
SafeArrayGetUBound

oledlg

OleUIBusyW
OleUIAddVerbMenuW

gdiplus

GdipAlloc
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHICON
GdipImageRotateFlip
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

GetModuleFileNameExW

winmm

PlaySoundW

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

Exports

Exports

_EXECryptor_AntiDebug@0
_EXECryptor_DecodeSerialNumber@16
_EXECryptor_DecodeSerialNumberW@16
_EXECryptor_DecryptStr@8
_EXECryptor_DecryptStrW@8
_EXECryptor_EncryptStr@8
_EXECryptor_EncryptStrW@8
_EXECryptor_GetDate@0
_EXECryptor_GetEXECryptorVersion@0
_EXECryptor_GetHardwareID@0
_EXECryptor_GetProcAddr@8
_EXECryptor_GetReleaseDate@0
_EXECryptor_GetTrialDaysLeft@4
_EXECryptor_GetTrialRunsLeft@4
_EXECryptor_IsAppProtected@0
_EXECryptor_IsRegistered@0
_EXECryptor_MessageBoxA@16
_EXECryptor_ProtectImport@0
_EXECryptor_RegConst_0@0
_EXECryptor_RegConst_1@0
_EXECryptor_RegConst_2@0
_EXECryptor_RegConst_3@0
_EXECryptor_RegConst_4@0
_EXECryptor_RegConst_5@0
_EXECryptor_RegConst_6@0
_EXECryptor_RegConst_7@0
_EXECryptor_SecureRead@8
_EXECryptor_SecureReadW@8
_EXECryptor_SecureWrite@8
_EXECryptor_SecureWriteW@8
_EXECryptor_VerifySerialNumber@16
_EXECryptor_VerifySerialNumberW@16

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 545KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a03fe165c324ecb61f6b4e4065df3ee

Code Sign

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

f1:80:cf:d5:ed:a3:60:d7:b9:88:df:c6:44:54:6c:03:81:ba:e4:d8:d5:ef:9a:69:0c:3a:32:70:e6:4d:2a:b1Signer

c6:77:37:d3:e7:e1:2f:c2:9f:18:d0:a7:70:c4:fc:0e:0d:ab:9c:45Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

psapi

winmm

oleacc

wininet

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 545KB - Virtual size: 544KB

.data Size: 50KB - Virtual size: 70KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

c8:2f:ac:5d:4f:72:88:47:14:64:a3:99:82:a0:d3:7f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f1:80:cf:d5:ed:a3:60:d7:b9:88:df:c6:44:54:6c:03:81:ba:e4:d8:d5:ef:9a:69:0c:3a:32:70:e6:4d:2a:b1
Signer

c6:77:37:d3:e7:e1:2f:c2:9f:18:d0:a7:70:c4:fc:0e:0d:ab:9c:45
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 545KB - Virtual size: 544KB

.data
Size: 50KB - Virtual size: 70KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB