8a42b321502fe1e2fb55b08340cb7fc0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8a42b321502fe1e2fb55b08340cb7fc0N.exe
Size

3.6MB
MD5

8a42b321502fe1e2fb55b08340cb7fc0
SHA1

81286ed11e692110d6cbfd93922b0efdc2d2e2c5
SHA256

ebb70fe2e77f8c84ce3d14d36ae3c0162411388b5dec1d2ad6404d030062395b
SHA512

91da0ab7f863ebd80e0b30570f580e7abf4a9349f2bc6bb5ad16891efb7ccbe7c853c7951d3eb796be8559d800e9b2f11166a2f0ae4ccf5459369ba7a7601427
SSDEEP

49152:36dT4nTzEzumhg8j97Sc/IbZ3iNMqvnMN/WFCYrVI3g72gUpZrwuI+T8z:kzxhHgbJZw5y8

Score

1^/10

Malware Config

Signatures

Files

8a42b321502fe1e2fb55b08340cb7fc0N.exe
.dll regsvr32 windows:5 windows x64 arch:x64

41fa670c2a317ceb25d89fed50952313

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a5:04:0a:21:3a:d7:1f:5c:b8:ce:64:67:d9:47:04
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

22/01/2024, 00:00

Not After

21/01/2027, 23:59

Subject

SERIALNUMBER=199911710082,CN=FinePrint Software\, LLC,O=FinePrint Software\, LLC,L=Menlo Park,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:fb:c4:43:7c:bc:db:2c:94:72:00:7c:af:dd:66:c1:8c:19:b2:c2:10:8c:ff:b6:a4:6e:a2:df:a0:3d:f5:c8
Signer

Actual PE Digest

49:fb:c4:43:7c:bc:db:2c:94:72:00:7c:af:dd:66:c1:8c:19:b2:c2:10:8c:ff:b6:a4:6e:a2:df:a0:3d:f5:c8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

fppuiXXX.pdb

Imports

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeText
IsAppThemed
GetWindowTheme
EnableThemeDialogTexture
IsThemeDialogTextureEnabled
DrawThemeTextEx
SetWindowTheme
GetThemePartSize

gdi32

SetPolyFillMode
StretchBlt
SetRectRgn
StretchDIBits
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
GetTextMetricsW
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
CreateDIBSection
BeginPath
CloseFigure
EndPath
FillPath
PathToRegion
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
CreatePolygonRgn
Polyline
GetTextFaceW
GdiFlush
CreateDCW
OffsetRgn
PtInRegion
ResetDCW
ExtSelectClipRgn
SetLayout
GetLayout
StrokePath
CreateEllipticRgnIndirect
FrameRgn
RoundRect
SetPixel
SetDIBits
CreateHatchBrush
CreatePatternBrush
CreateRoundRectRgn
Ellipse
GetPixel
RectInRegion
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
StrokeAndFillPath
Polygon
SetGraphicsMode
DeleteDC
BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectW
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteObject
EnumFontFamiliesExW
EqualRgn
SetBkMode
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RectVisible
PtVisible
PatBlt
LineTo
SetBkColor
CreateBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetMapMode
IntersectClipRect
GetClipBox
ExcludeClipRect
CreateDIBPatternBrushPt
CopyMetaFileW
Escape
ExtEscape
ExtCreateRegion
FillRgn
GetBkMode
GetCharABCWidthsW
GetClipRgn
GetMetaRgn
GetCurrentObject
GetDeviceCaps
GetDIBits
GetGlyphOutlineW
GetGraphicsMode
GetObjectType
GetRegionData
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPointW
GetTextExtentPoint32W
TranslateCharsetInfo
SelectObject

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW

msimg32

TransparentBlt
AlphaBlend

prntvpt

ord6
ord2
ord8
ord9
ord10
ord7
ord4
ord1

rpcrt4

UuidToStringA
UuidToStringW
UuidCreate
RpcStringFreeA
RpcStringFreeW

shlwapi

PathCreateFromUrlW
AssocQueryStringByKeyW
GetMenuPosFromID
ord219
AssocQueryStringW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wtsapi32

WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSFreeMemory
WTSQueryUserToken

kernel32

SetFileAttributesW
SetFilePointer
SetFileTime
WriteFile
GetTempPathW
IsDebuggerPresent
RaiseException
SetLastError
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
TryEnterCriticalSection
SleepEx
CreateMutexW
CreateEventW
ReadFile
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
GetCurrentThreadId
CreateProcessW
FlushInstructionCache
OpenProcess
GetSystemInfo
GetSystemTimeAsFileTime
GetLocalTime
GetVersion
GetTickCount
GetSystemDirectoryW
GetVersionExW
VirtualAllocEx
WriteProcessMemory
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
VirtualFreeEx
UnmapViewOfFile
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
LoadResource
ExitThread
SizeofResource
FindResourceW
LoadLibraryW
EnumResourceNamesW
GlobalSize
QueryDosDeviceW
LocalAlloc
LocalFree
MulDiv
lstrcmpiW
EnumResourceLanguagesW
GetProfileStringW
CopyFileW
MoveFileW
MoveFileExW
IsBadReadPtr
GetComputerNameW
VerifyVersionInfoW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
WTSGetActiveConsoleSessionId
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
IsDBCSLeadByteEx
GetUserDefaultUILanguage
EnumSystemLocalesW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetFileAttributesExW
RemoveDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TransactNamedPipe
SetEvent
ResetEvent
SetThreadPriority
GetThreadPriority
GetTickCount64
VirtualProtect
VirtualQuery
FormatMessageW
GlobalGetAtomNameW
WriteProfileStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTimeZoneInformation
GetNumberFormatW
GetEnvironmentVariableW
FlushFileBuffers
DisconnectNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
GetWindowsDirectoryW
GetPrivateProfileIntW
SearchPathW
GetACP
OutputDebugStringA
GetModuleHandleExW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
GlobalAddAtomW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LocalReAlloc
EncodePointer
GlobalFindAtomW
CompareStringW
GetProfileIntW
GetVolumeInformationW
LockFile
UnlockFile
FindResourceExW
SetErrorMode
GlobalFlags
GetSystemDefaultUILanguage
GetFileSizeEx
GetFileTime
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
GetTempFileNameW
GetShortPathNameW
GetLongPathNameW
GetLogicalDriveStringsW
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetDriveTypeW
FindNextFileW
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToLocalFileTime
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ExpandEnvironmentStringsW
GetCommandLineW
VerSetConditionMask
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalAlloc
GetProcAddress
GetModuleHandleW
VirtualQueryEx
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThread
CreateThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
DecodePointer
FreeLibraryAndExitThread
GetCommandLineA
HeapQueryInformation
ExitProcess
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetStringTypeW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwind
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
SetEndOfFile
GlobalHandle
WaitForMultipleObjects
LockResource

user32

CheckRadioButton
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
IsChild
SetWindowPlacement
GetMenu
SetMenu
TrackPopupMenu
MapWindowPoints
GetTopWindow
SetScrollInfo
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
NotifyWinEvent
WindowFromPoint
RealChildWindowFromPoint
GetLastActivePopup
SetWindowLongW
SetCursorPos
AdjustWindowRectEx
InvalidateRgn
ValidateRect
GetWindowDC
SetForegroundWindow
GetForegroundWindow
GetDlgItemInt
GetScrollPos
DestroyMenu
EndPaint
BeginPaint
GetMenuItemID
GetMenuStringW
ReleaseCapture
SetCapture
CharUpperA
SetDlgItemInt
DeferWindowPos
SetWindowPos
FlashWindowEx
CreateWindowExW
RegisterClassW
RegisterWindowMessageW
RegisterWindowMessageA
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
MapDialogRect
CopyImage
DestroyIcon
LoadCursorW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetWindowThreadProcessId
GetClassNameW
EnumThreadWindows
FindWindowW
EnumChildWindows
GetParent
GetDesktopWindow
SetProcessDefaultLayout
GetClassLongPtrW
SetWindowLongPtrW
PtInRect
IsRectEmpty
OffsetRect
UnionRect
IntersectRect
InflateRect
CopyRect
SetRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
MessageBoxW
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
GetPropW
SetPropW
RedrawWindow
InvalidateRect
GetUpdateRgn
ReleaseDC
GetDC
WindowFromDC
SetActiveWindow
UpdateWindow
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsWindowVisible
GetMessageW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetSubMenu
SetRectEmpty
SendDlgItemMessageA
GetScrollBarInfo
SetClassLongPtrW
ShowScrollBar
GetClassInfoW
DrawIconEx
CreateIcon
LoadIconW
SetParent
FrameRect
ChildWindowFromPointEx
HideCaret
SetMenuItemInfoW
GetMenuItemInfoW
DeleteMenu
AppendMenuW
GetMenuItemCount
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GetSystemMetrics
IsWindowEnabled
EnableWindow
KillTimer
SetTimer
MsgWaitForMultipleObjects
GetCapture
GetAsyncKeyState
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
CharLowerBuffW
CharLowerBuffA
CharLowerW
CharUpperBuffW
CharUpperBuffA
CharUpperW
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardFormatNameW
GetClipboardFormatNameA
RegisterClipboardFormatW
RegisterClipboardFormatA
GetClipboardData
GetComboBoxInfo
SetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
IsZoomed
IsIconic
EndDeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
ShowWindow
IsWindow
CallWindowProcW
PostQuitMessage
DefWindowProcW
PostMessageW
SendMessageTimeoutW
PeekMessageW
DispatchMessageW
TranslateMessage
LoadStringW
UnregisterClassW
CheckDlgButton
SetScrollPos
ValidateRgn
GetMenuItemRect
DestroyWindow
GetWindowLongW
DrawEdge
WinHelpW
GetScrollInfo
LoadImageW
GetWindowLongPtrW
LoadBitmapW
SendMessageW

winspool.drv

DocumentPropertiesW
GetPrinterDriverW
EnumPrinterDriversW
GetPrinterW
AddPrinterW
OpenPrinterW
EnumPrintersW
DeviceCapabilitiesW
ClosePrinter
EnumPortsW
XcvDataW
GetPrinterDriverDirectoryW

advapi32

ControlService
EnumDependentServicesW
GetServiceDisplayNameW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
StartServiceW
ConvertSidToStringSidW
RegRenameKey
RegEnumKeyW
RegQueryValueW
CloseServiceHandle
RegUnLoadKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
GetUserNameW
LookupPrivilegeValueW
LookupAccountNameW
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetLengthSid
FreeSid
EqualSid
CopySid
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken

shell32

ShellExecuteW

comctl32

InitCommonControlsEx
ord17

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
OleGetClipboard
ReleaseStgMedium
CreateStreamOnHGlobal
GetHGlobalFromStream
DoDragDrop
CoGetMalloc
OleDuplicateData
CoUninitialize
CoCreateGuid
CoInitialize
CoTaskMemFree
CoLockObjectExternal
RevokeDragDrop
RegisterDragDrop

oleaut32

SysFreeString
SysAllocString
VariantClear
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantChangeType

gdiplus

GdipSetPenMode
GdipGetPenDashStyle
GdipSetPenDashStyle
GdipDeleteCustomLineCap
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin
GdipCreateAdjustableArrowCap
GdipSetAdjustableArrowCapMiddleInset
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetDC
GdipReleaseDC
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetWorldTransform
GdipGetWorldTransform
GdipSetPageUnit
GdipGetDpiX
GdipGetDpiY
GdipDrawLineI
GdipDrawLinesI
GdipDrawRectangleI
GdipCreateRegion
GdipDrawPath
GdipFillRectangleI
GdipFillEllipseI
GdipFillPath
GdipFillRegion
GdipSetClipRectI
GdipSetClipHrgn
GdipSetPenMiterLimit
GdipCreateSolidFill
GdipGetEmHeight
GdipGetCellAscent
GdipCreateFontFromDC
GdipDeleteFont
GdipGetFamily
GdipGetFontStyle
GdipGetFontSize
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatMeasurableCharacterRanges
GdipAddPathLineI
GdipTranslateMatrix
GdipTransformMatrixPointsI
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipSetClipRegion
GdipGetClip
GdipSetTextRenderingHint
GdipResetWorldTransform
GdipRotateWorldTransform
GdipSetStringFormatFlags
GdipSetMatrixElements
GdipSetPenCustomEndCap
GdipSetPenCustomStartCap
GdipSetPenLineJoin
GdipSetPenEndCap
GdipSetPenStartCap
GdipGetPenWidth
GdipDeletePen
GdipCreatePen2
GdipCreatePen1
GdipCreateLineBrushFromRectI
GdipDeleteMatrix
GdipDeleteBrush
GdipCloneBrush
GdipGetRegionHRgn
GdipCreateMatrix
GdipGetPathWorldBoundsI
GdipTransformPath
GdipDeleteRegion
GdipCreateRegionHrgn
GdipDeleteFontFamily
GdipCreateRegionPath
GdipWidenPath
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathBeziersI
GdipAddPathLine2I
GdipClosePathFigure
GdipResetPath
GdipDeletePath
GdipClonePath
GdipCreatePath
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawEllipseI
GdipStartPathFigure

dbghelp

SymLoadModule64
SymGetSymFromAddr64
SymUnDName64
SymInitialize
SymGetModuleInfo64
SymFunctionTableAccess64
SymCleanup
SymGetOptions
SymSetOptions
StackWalk64
UnDecorateSymbolName

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

ActivateHandlerWindow
CreateHandlerW
DeleteHandler
DllCanUnloadNow
DllGetClassObject
DllInstall
DllMain
DllRegisterServer
DllUnregisterServer
EmailSettings
IsHandlerActive
MarshalDialogBox
OkToExit
OnEndDocW
OnStartDocW
PendingThreads
PreDeleteHandler
PreUnloadDll
PrintSettings
PublishSettings
SaveEmailSettings
SavePrintSettings

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 749KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41fa670c2a317ceb25d89fed50952313

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:a5:04:0a:21:3a:d7:1f:5c:b8:ce:64:67:d9:47:04Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

49:fb:c4:43:7c:bc:db:2c:94:72:00:7c:af:dd:66:c1:8c:19:b2:c2:10:8c:ff:b6:a4:6e:a2:df:a0:3d:f5:c8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

uxtheme

gdi32

mpr

msimg32

prntvpt

rpcrt4

shlwapi

version

wtsapi32

kernel32

user32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

gdiplus

dbghelp

oleacc

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 749KB - Virtual size: 748KB

.data Size: 23KB - Virtual size: 57KB

.pdata Size: 151KB - Virtual size: 151KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 50KB - Virtual size: 49KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:a5:04:0a:21:3a:d7:1f:5c:b8:ce:64:67:d9:47:04
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

49:fb:c4:43:7c:bc:db:2c:94:72:00:7c:af:dd:66:c1:8c:19:b2:c2:10:8c:ff:b6:a4:6e:a2:df:a0:3d:f5:c8
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 749KB - Virtual size: 748KB

.data
Size: 23KB - Virtual size: 57KB

.pdata
Size: 151KB - Virtual size: 151KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 50KB - Virtual size: 49KB