Element3D2[.]2[.]3[.]2192[.]zip

Resubmissions

21/09/2024, 19:23

240921-x3yjxayhmr 3

21/09/2024, 19:14

240921-xxyygsydmd 3

Sharing

Copy URL Twitter E-mail

General

Target

Element3D2.2.3.2192.zip
Size

291.5MB
MD5

06b5a17ff477e2526f87f71a95e483b0
SHA1

11b9d016cbb214a09aedfb3fc84a3d8ec071e376
SHA256

4c11384e25b3b477ec61ad07f68f9f4696e5374380befb812c81a8600c6276c9
SHA512

9bb5dba63dd66122fd9b5502db64370993ef375756196b635e1e9929487364b62d65011c554c9b182f261c88a5c065fac289b2bea32ef371a1c70857b4f4780b
SSDEEP

6291456:g8cNqU0cnFrsdj/awX9MBHkb6pQucGKXBsA+muwL305A30d35K5kPA/XuUDUsbp:jcsksdj/LJb+RcGKXB//L305ZYZ/XhUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Element 3D 2.2.3.2192/Element.aex

Files

Element3D2.2.3.2192.zip
.zip
Element 3D 2.2.3.2192/Element.aex
.dll windows:6 windows x64 arch:x64

47d4fc9c31949a471fd2c5af59bbd4f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\VideoCopilot\Repositories\_repo\element 2.2\element\Win\x64\Release\Element.pdb

Imports

opengl32

glGetTexLevelParameteriv
glGetIntegerv
glGetError
glTexSubImage2D
glDrawArrays
glDrawElements
glPolygonOffset
glClearDepth
glColorMask
glClear
glClearColor
glReadBuffer
glViewport
glTexParameterf
glTexParameteri
glDepthMask
glPointSize
glPolygonMode
glDisable
glFrontFace
glCullFace
glEnable
glDeleteTextures
glTexImage2D
glBindTexture
glGenTextures
wglMakeCurrent
wglGetCurrentDC
glPixelStorei
wglCreateContext
wglGetProcAddress
wglDeleteContext
glGetString
glGetFloatv
glBlendFunc
glReadPixels
glFinish
wglGetCurrentContext

glu32

gluTessCallback
gluTessBeginPolygon
gluDeleteTess
gluTessEndPolygon
gluTessEndContour
gluNewTess
gluTessProperty
gluTessBeginContour
gluTessVertex

ws2_32

gethostname
ioctlsocket
sendto
recvfrom
freeaddrinfo
getaddrinfo
WSAIoctl
ntohs
getsockopt
getsockname
getpeername
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
closesocket
WSACleanup
socket
htons
inet_addr
connect
bind
listen
setsockopt
send
recv
accept
WSAStartup

dwrite

DWriteCreateFactory

d2d1

ord1

kernel32

GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
HeapSize
GetFileAttributesW
MulDiv
HeapReAlloc
EnumSystemLocalesW
GetWindowsDirectoryW
VirtualProtect
HeapFree
VirtualFree
VirtualAlloc
LoadLibraryA
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
GetModuleHandleExW
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
GetEnvironmentVariableW
LoadLibraryW
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileW
SetFilePointerEx
SetEndOfFile
GetFileSize
CreateFileMappingW
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CloseHandle
CreateDirectoryW
GetCurrentProcess
GetTempPathW
GetCurrentThreadId
GetLocalTime
GetCurrentProcessId
GetShortPathNameW
GetLongPathNameW
GlobalMemoryStatusEx
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateSemaphoreW
ReleaseSemaphore
GetSystemTimeAsFileTime
GetFileAttributesExW
Sleep
FindFirstFileW
FindClose
FindNextFileW
GetLastError
LocalFree
ExitProcess
SetLastError
GetCurrentThread
GetTickCount64
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
FormatMessageA
WaitForSingleObjectEx
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
VerSetConditionMask
GetEnvironmentStringsW
GetModuleHandleA
VerifyVersionInfoA
IsDebuggerPresent
DebugBreak
FileTimeToLocalFileTime
FileTimeToSystemTime
InitializeCriticalSection
SetEvent
SwitchToThread
SetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleWindowInfo
FreeConsole
SetConsoleTitleA
AllocConsole
WriteConsoleA
ResetEvent
CreateEventA
CreateThread
FindFirstFileA
FindNextFileA
GetModuleFileNameA
GetCommandLineW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileSizeEx
FlushFileBuffers
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
ResumeThread
ExitThread
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
GetDriveTypeW
RaiseException
RtlPcToFileHeader
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
DecodePointer
EncodePointer
GetTickCount
CreateEventW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetNativeSystemInfo
FreeEnvironmentStringsW
WriteConsoleW
CreateSemaphoreA
TryEnterCriticalSection
DuplicateHandle
GetSystemDirectoryA
GetExitCodeThread
GetThreadTimes
RtlUnwind

user32

AppendMenuA
AppendMenuW
SetWindowPos
SetWindowTextW
GetClassInfoW
GetDesktopWindow
CreateWindowExW
GetDC
ReleaseDC
MessageBoxA
DestroyWindow
MessageBoxW
GetFocus
MonitorFromWindow
GetMonitorInfoW
PostMessageW
SendMessageW
CreateCaret
GetCapture
GetWindowLongPtrW
DefWindowProcW
LoadCursorW
RegisterClassExW
SetWindowLongPtrW
GetClientRect
MoveWindow
BeginPaint
EndPaint
GetWindowDC
CreatePopupMenu
DestroyMenu
ClientToScreen
TrackPopupMenuEx
InsertMenuItemW
SetMenuItemInfoW
RedrawWindow
UpdateWindow
DestroyCaret
ShowWindow
EnableWindow
IsWindowEnabled
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
SetFocus
GetWindowRect
ScrollWindow
ValidateRect
CallWindowProcW
SetCursor
GetWindowTextLengthW
GetWindowTextW
SetTimer
GetSystemMetrics
IsZoomed
KillTimer
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyState
GetWindow
SetActiveWindow
GetUpdateRect
InvalidateRect
TrackMouseEvent
AdjustWindowRectEx
WaitMessage
PeekMessageW
IsDialogMessageW
SetWindowLongW
GetWindowLongW
SetLayeredWindowAttributes
GetForegroundWindow
MapVirtualKeyW
GetClipboardData
MessageBeep
GetKeyboardLayout
IsWindowVisible
SendNotifyMessageW
TranslateMessage
DispatchMessageW

gdi32

CreateFontIndirectW
CreateSolidBrush
GetDeviceCaps
SetBkMode
ChoosePixelFormat
SetPixelFormat
SwapBuffers
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
SetTextColor

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

CryptDestroyKey
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
CryptHashData
CryptGetHashParam
CryptImportKey
CryptEncrypt
CryptCreateHash
CryptDestroyHash

shell32

DragFinish
SHGetFolderPathW
SHFileOperationW
DragAcceptFiles
SHCreateItemFromParsingName
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW

ole32

CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CreateStreamOnHGlobal
ReleaseStgMedium
OleUninitialize
OleInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid

oleaut32

SysStringLen
SysAllocStringByteLen
VariantClear
SysFreeString
SysAllocString

shlwapi

PathIsRelativeW
SHRegGetValueW

imm32

ImmAssociateContext
ImmSetCandidateWindow
ImmAssociateContextEx
ImmIsIME
ImmGetCompositionStringW
ImmGetVirtualKey
ImmReleaseContext
ImmGetContext
ImmNotifyIME

opencl

clGetPlatformIDs
clCreateKernel
clGetExtensionFunctionAddressForPlatform
clEnqueueWriteBuffer
clGetProgramBuildInfo
clBuildProgram
clCreateProgramWithSource
clReleaseProgram
clReleaseKernel
clEnqueueReadBuffer
clCreateCommandQueue
clCreateContext
clGetDeviceIDs
clReleaseContext
clReleaseCommandQueue
clReleaseMemObject
clGetDeviceInfo
clCreateBuffer
clSetKernelArg
clGetPlatformInfo
clFinish
clCreateFromGLTexture2D
clCreateFromGLRenderbuffer
clEnqueueAcquireGLObjects
clEnqueueNDRangeKernel
clEnqueueReleaseGLObjects
clEnqueueMapBuffer
clEnqueueUnmapMemObject
clFlush

gdiplus

GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipDrawRectangleI
GdipCreatePen1
GdipDeleteFont
GdipDeletePen
GdipCreateFromHWND
GdipSetWorldTransform
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSetStringFormatAlign
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDeleteGraphics
GdipFillRectangleI
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipMeasureString
GdipCreateLineBrushFromRectI
GdipSetLineWrapMode
GdipDrawLineI
GdipSetSmoothingMode
GdipDrawEllipseI
GdipDrawImageRectRectI
GdipDrawString
GdipCreateBitmapFromHBITMAP
GdipGetLogFontW
GdipFree
GdipDrawImageI
GdipSetClipRectI
GdipCreateFont
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipDisposeImage

dbghelp

MiniDumpWriteDump

winmm

timeGetTime

wldap32

ord35
ord33
ord32
ord27
ord26
ord200
ord41
ord50
ord30
ord60
ord211
ord46
ord143
ord301
ord22
ord79

Exports

Exports

PluginMain

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 333KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Element 3D 2.2.3.2192/Element.license
Element 3D 2.2.3.2192/Read Me.txt
Element 3D 2.2.3.2192/Video Copilot Element 3D v2.2.3.2192.exe
.exe windows:6 windows x64 arch:x64

38b7c8bb5a7e4d8b41d512f5437838a7

Code Sign

62:f8:12:a3:5f:52:bd:74:b7:18:d6:10:ac:4b:47:83
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:28

Not After

11/09/2023, 09:28

Subject

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26/03/2019, 17:44

Not After

22/03/2034, 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:70:f2:70:e8:f8:08:ed:79:81:11:ee:7b:50:33:1d
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

13/05/2022, 18:46

Not After

12/05/2025, 18:46

Subject

SERIALNUMBER=3347647,CN=Video Copilot\, Inc.,O=Video Copilot\, Inc.,L=Lake Elsinore,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:26

Not After

11/09/2023, 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:1c:bc:8c:5c:3e:5f:6f:24:fd:3a:4f:e4:88:d6:28
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

10/09/2021, 16:35

Not After

08/09/2031, 16:35

Subject

CN=SSL.com Timestamping Unit 2021,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:ab:a9:d0:d1:2e:5e:b7:e2:6a:cd:e2:ec:66:cf:d5:fe:a8:85:08:25:af:56:6a:d0:02:7c:f2:7c:2a:1a:b6
Signer

Actual PE Digest

ba:ab:a9:d0:d1:2e:5e:b7:e2:6a:cd:e2:ec:66:cf:d5:fe:a8:85:08:25:af:56:6a:d0:02:7c:f2:7c:2a:1a:b6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\VideoCopilot\Repositories\vcinstaller\bin\Element\win\x64\Release\vcinstaller.pdb

Imports

kernel32

SizeofResource
GetCurrentProcess
WriteFile
CreateFileW
LockResource
CloseHandle
LoadResource
FindResourceW
IsWow64Process
WriteConsoleW
HeapSize
CreateDirectoryW
GetModuleHandleW
GetModuleFileNameW
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
MulDiv
SetFileTime
FindNextFileW
FindClose
LoadLibraryW
GetProcAddress
FreeLibrary
GetFileAttributesW
SetEndOfFile
LocalFree
GetLastError
GetCurrentThreadId
WaitForSingleObjectEx
GetExitCodeThread
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetStdHandle
HeapAlloc
HeapFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
RtlUnwind

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW

shell32

ShellExecuteW
SHAppBarMessage
SHGetFolderPathW
SHCreateItemFromParsingName
ShellExecuteExW
DragQueryFileW

shlwapi

SHRegGetValueW

wtsapi32

WTSRegisterSessionNotification

d2d1

ord1

imm32

ImmGetContext
ImmReleaseContext
ImmGetVirtualKey
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmNotifyIME
ImmIsIME

dwrite

DWriteCreateFactory

user32

GetDesktopWindow
KillTimer
IsZoomed
GetClientRect
SetCapture
TranslateMessage
GetUpdateRect
SetFocus
TrackMouseEvent
ValidateRect
PeekMessageW
GetMonitorInfoW
SetTimer
DispatchMessageW
GetClassInfoW
ShowWindow
RegisterClassExW
GetWindowLongPtrW
WaitMessage
SetWindowTextW
GetSystemMetrics
SendMessageW
CreateWindowExW
FillRect
GetCursorPos
MonitorFromWindow
ReleaseCapture
EqualRect
SetWindowPos
IsWindowVisible
DestroyWindow
GetFocus
GetWindowRect
GetWindow
AdjustWindowRectEx
DefWindowProcW
EndPaint
BeginPaint
AppendMenuA
TrackPopupMenuEx
DestroyMenu
SetMenuItemInfoW
CreatePopupMenu
GetMenuItemInfoW
DestroyCaret
GetKeyboardLayout
CreateCaret
MapVirtualKeyW
OpenClipboard
UpdateWindow
CloseClipboard
EmptyClipboard
InvalidateRect
EnableWindow
GetKeyState
GetDC
ScreenToClient
LoadCursorW
SetCursor
ShowCursor
SetCursorPos
MonitorFromRect
SetClipboardData
ReleaseDC
SetWindowLongPtrW

gdi32

GetObjectW
DeleteObject
CreateSolidBrush
SetMapMode
GetDeviceCaps
SetWindowExtEx
SetViewportExtEx

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoUninitialize
CoCreateInstance
OleInitialize
OleUninitialize
CoInitializeEx
ReleaseStgMedium

Sections

.text
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 296.7MB - Virtual size: 296.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

47d4fc9c31949a471fd2c5af59bbd4f1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

glu32

ws2_32

dwrite

d2d1

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

imm32

opencl

gdiplus

dbghelp

winmm

wldap32

Exports

Exports

Sections

.text Size: 5.4MB - Virtual size: 5.4MB

.rdata Size: 5.0MB - Virtual size: 5.0MB

.data Size: 333KB - Virtual size: 633KB

.pdata Size: 226KB - Virtual size: 226KB

_RDATA Size: 8KB - Virtual size: 7KB

.gxfg Size: 13KB - Virtual size: 13KB

.gehcont Size: 512B - Virtual size: 40B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 29KB - Virtual size: 28KB

38b7c8bb5a7e4d8b41d512f5437838a7

Code Sign

62:f8:12:a3:5f:52:bd:74:b7:18:d6:10:ac:4b:47:83Certificate

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

4b:70:f2:70:e8:f8:08:ed:79:81:11:ee:7b:50:33:1dCertificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

5f:1c:bc:8c:5c:3e:5f:6f:24:fd:3a:4f:e4:88:d6:28Certificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

ba:ab:a9:d0:d1:2e:5e:b7:e2:6a:cd:e2:ec:66:cf:d5:fe:a8:85:08:25:af:56:6a:d0:02:7c:f2:7c:2a:1a:b6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

shlwapi

wtsapi32

d2d1

imm32

dwrite

user32

gdi32

ole32

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

.rdata
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 333KB - Virtual size: 633KB

.pdata
Size: 226KB - Virtual size: 226KB

_RDATA
Size: 8KB - Virtual size: 7KB

.gxfg
Size: 13KB - Virtual size: 13KB

.gehcont
Size: 512B - Virtual size: 40B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 29KB - Virtual size: 28KB

62:f8:12:a3:5f:52:bd:74:b7:18:d6:10:ac:4b:47:83
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

4b:70:f2:70:e8:f8:08:ed:79:81:11:ee:7b:50:33:1d
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

5f:1c:bc:8c:5c:3e:5f:6f:24:fd:3a:4f:e4:88:d6:28
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

ba:ab:a9:d0:d1:2e:5e:b7:e2:6a:cd:e2:ec:66:cf:d5:fe:a8:85:08:25:af:56:6a:d0:02:7c:f2:7c:2a:1a:b6
Signer

.text
Size: 534KB - Virtual size: 534KB

.rdata
Size: 763KB - Virtual size: 763KB

.data
Size: 13KB - Virtual size: 20KB

.pdata
Size: 22KB - Virtual size: 21KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 296.7MB - Virtual size: 296.7MB

.reloc
Size: 3KB - Virtual size: 3KB