05102024_0047_YDRAY-DESCARGAR-83843-NOTIFICACION-ELECTRONICA-RADICADO-41531351355335313-CONFIRMAR-RECIBIDO[.]CAB

Sharing

Copy URL Twitter E-mail

General

Target

05102024_0047_YDRAY-DESCARGAR-83843-NOTIFICACION-ELECTRONICA-RADICADO-41531351355335313-CONFIRMAR-RECIBIDO.CAB
Size

6.2MB
MD5

85ab9ad6eafaab667c138790ef2fde76
SHA1

8ee37cac26653d634d1188237736ab0d0397397d
SHA256

95c3c3bb308b515d7de1aca36f27c905f84434dbb96bf9591f97017448537450
SHA512

19c0a535ae0a1dcc5b64d967ea8a4134073adc25ff32ee60ab259478ccbe482d9f91c86d6a0286abf96331c1737c2a9318410e754fb1c3316b151a2cb692fb5d
SSDEEP

196608:mMb2AoXs6p2wAXG4J/CfkRRdN+ai1mNU6HS3:u/XTsfrqfkPX+N1mhHo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DESCARGAR 83843 NOTIFICACIÓN ELECTRÓNICA RADICADO 41531351355335313 CONFIRMAR RECIBIDO/pdfium.dll

Files

05102024_0047_YDRAY-DESCARGAR-83843-NOTIFICACION-ELECTRONICA-RADICADO-41531351355335313-CONFIRMAR-RECIBIDO.CAB
.zip

Password: 03OCT2024ESM
DESCARGAR 83843 NOTIFICACIÓN ELECTRÓNICA RADICADO 41531351355335313 CONFIRMAR RECIBIDO/0003 NotificacionElectronicaJudicial.exe
.exe windows:5 windows x86 arch:x86

Password: 03OCT2024ESM

543ff43a43ebc6d708b7bdd3d8aa2b5a

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

25/08/2022, 00:00

Not After

25/08/2023, 23:59

Subject

CN=FATİH RAMAZAN ÇIKAN,O=FATİH RAMAZAN ÇIKAN,ST=Isparta,C=TR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:7d:d3:52:28:07:05:63:65:d3:06:e8:b2:91:ae:8e:1e:75:11:6f:b2:fc:c2:e6:f4:c7:69:75:c7:83:5b:d7
Signer

Actual PE Digest

19:7d:d3:52:28:07:05:63:65:d3:06:e8:b2:91:ae:8e:1e:75:11:6f:b2:fc:c2:e6:f4:c7:69:75:c7:83:5b:d7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

sndPlaySoundW

oleacc

LresultFromObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

comctl32

ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage

shell32

DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW

user32

CopyImage
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
ScrollWindowEx
GetDlgCtrlID
FrameRect
RegisterWindowMessageW
GetMenuStringW
FillRect
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoExW
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
UnhookWindowsHookEx
SetCapture
GetCapture
ShowCaret
CreatePopupMenu
GetMenuItemID
CharLowerBuffW
PostMessageW
SetWindowLongW
IsZoomed
SetParent
DrawMenuBar
GetClientRect
IsChild
IsIconic
CallNextHookEx
ShowWindow
GetWindowTextW
SetForegroundWindow
GetAsyncKeyState
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
GetClassLongW
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
SetClassLongW
RemovePropW
GetSubMenu
DestroyIcon
IsWindowVisible
PtInRect
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
NotifyWinEvent
GetComboBoxInfo
LoadStringW
CreateMenu
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DrawTextExW
EnumClipboardFormats
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
GetClassNameW
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
IsRectEmpty
IsCharAlphaW
GetCursor
KillTimer
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
GetMenuItemRect
CreateIconIndirect
CreateWindowExW
ChildWindowFromPoint
GetDCEx
PeekMessageW
MonitorFromWindow
GetUpdateRect
AnimateWindow
SetTimer
WindowFromPoint
BeginPaint
DrawStateW
RegisterClipboardFormatW
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
InflateRect
DrawFocusRect
ReleaseCapture
LoadCursorW
ScrollWindow
GetLastActivePopup
GetSystemMetrics
CharUpperBuffW
SetClipboardData
GetClipboardData
ClientToScreen
SetWindowPlacement
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetParent
MonitorFromRect
InsertMenuItemW
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
GetDoubleClickTime
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
SetKeyboardState
GetKeyboardState
ScreenToClient
DrawFrameControl
IsCharAlphaNumericW
BringWindowToTop
SetCursor
CreateIcon
RemoveMenu
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
CountClipboardFormats
CloseClipboard
DestroyCursor
CopyIcon
PostQuitMessage
ShowScrollBar
EnableMenuItem
HideCaret
FindWindowExW
MonitorFromPoint
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowRect
GetWindowLongW
InsertMenuW
IsWindowEnabled
IsDialogMessageA
FindWindowW
GetKeyboardLayout
DeleteMenu

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

SafeArrayPutElement
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SafeArrayAccessData
SysReAllocStringLen
SafeArrayCreate
SafeArrayGetElement
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
VariantCopyInd
VariantChangeType

advapi32

RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegFlushKey
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

log
_endthreadex
strcspn
isupper
_beginthreadex
toupper
memchr
memcmp
memcpy
memset
strrchr
strlen
iscntrl
rename
isxdigit
isgraph
islower
tolower
strncmp
qsort
isalpha
isalnum
isprint
localtime
memmove
isspace
ispunct

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpWriteData
WinHttpSetCredentials
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryOption

kernel32

FlushViewOfFile
GetACP
LocalFree
CloseHandle
GetCurrentProcessId
SizeofResource
VirtualProtect
UnlockFile
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
GetProcessHeap
ExitProcess
HeapAlloc
GetFileAttributesA
GetCPInfoExW
GlobalSize
GetSystemTime
GetLongPathNameW
RtlUnwind
GetCPInfo
GetTempPathA
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
GetDllDirectoryW
SetDllDirectoryW
HeapDestroy
FileTimeToDosDateTime
ReadFile
GetDiskFreeSpaceA
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
CreateThread
CompareStringW
LockFileEx
CopyFileW
GetFileSizeEx
HeapValidate
MapViewOfFile
CreateMutexW
LoadLibraryA
AreFileApisANSI
ResetEvent
MulDiv
CreateFileA
FreeResource
GetVersion
DeleteFileA
RaiseException
GlobalAddAtomW
GetSystemTimeAsFileTime
FormatMessageW
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetCurrentThread
GetFileAttributesExW
HeapReAlloc
LoadLibraryExW
LockResource
FileTimeToSystemTime
GetCurrentThreadId
UnhandledExceptionFilter
GlobalFindAtomW
VirtualQuery
GlobalFree
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
FlushFileBuffers
LoadResource
SuspendThread
GetTickCount
HeapCompact
GetFullPathNameA
GetFileSize
GlobalDeleteAtom
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
GlobalLock
SetThreadPriority
VirtualAlloc
GetTempPathW
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
UnlockFileEx
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
LockFile
UnmapViewOfFile
lstrlenW
CompareStringA
QueryPerformanceCounter
SetEndOfFile
WaitForSingleObjectEx
lstrcmpW
InitializeCriticalSectionAndSpinCount
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
SystemTimeToFileTime
EnumResourceNamesW
DeleteFileW
FormatMessageA
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
OutputDebugStringA
WriteFile
CreateFileMappingW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale

shfolder

SHGetFolderPathW

ole32

IsEqualGUID
OleInitialize
OleUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

gdi32

Pie
SetBkMode
GetRandomRgn
CreateCompatibleBitmap
GetEnhMetaFileHeader
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
GetTextColor
StretchBlt
RoundRect
SelectClipRgn
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
CreateDCW
CreateICW
PolyBezierTo
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
OffsetWindowOrgEx
GetEnhMetaFilePaletteEntries
CreatePenIndirect
SetMapMode
CreateFontIndirectW
PolyBezier
EndDoc
GetObjectW
GetCurrentObject
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
Arc
SelectPalette
SetGraphicsMode
ExcludeClipRect
MaskBlt
SetWindowOrgEx
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
GetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
SetWorldTransform
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
GetClipRgn
IntersectClipRect
Polyline
CreateBitmap
CombineRgn
SetWinMetaFileBits
CreateDIBitmap
GetStretchBltMode
CreateDIBSection
SetStretchBltMode
GetDIBits
ExtCreateRegion
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
OffsetRgn
SetBkColor
CreateCompatibleDC
GetBrushOrgEx
GetCurrentPositionEx
SetDCPenColor
GetNearestPaletteIndex
CreateRoundRectRgn
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 206KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 516B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 530KB - Virtual size: 530KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 991KB - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DESCARGAR 83843 NOTIFICACIÓN ELECTRÓNICA RADICADO 41531351355335313 CONFIRMAR RECIBIDO/alj
DESCARGAR 83843 NOTIFICACIÓN ELECTRÓNICA RADICADO 41531351355335313 CONFIRMAR RECIBIDO/pdfium.dll
.dll windows:5 windows x86 arch:x86

Password: 03OCT2024ESM

a5fed7a887d57ee621fb994976dc00b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\pdfium-binaries\pdfium-binaries\pdfium\out\pdfium.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateMutexW
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetWindowsDirectoryA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrlenA

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
SystemFunction036

gdi32

BeginPath
BitBlt
CloseFigure
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
EndPath
EnumFontFamiliesExA
ExtCreatePen
ExtEscape
FillPath
GdiComment
GetCharWidthW
GetClipBox
GetClipRgn
GetDIBits
GetDeviceCaps
GetFontData
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetRegionData
GetTextFaceA
GetTextMetricsW
IntersectClipRect
LineTo
MoveToEx
PolyBezierTo
RestoreDC
SaveDC
SelectClipPath
SelectObject
SetDIBitsToDevice
SetMiterLimit
SetPolyFillMode
SetStretchBltMode
StretchDIBits
StrokeAndFillPath
StrokePath
WidenPath

user32

FillRect
GetDC
ReleaseDC

Exports

Exports

FORM_CanRedo
FORM_CanUndo
FORM_DoDocumentAAction
FORM_DoDocumentJSAction
FORM_DoDocumentOpenAction
FORM_DoPageAAction
FORM_ForceToKillFocus
FORM_GetFocusedAnnot
FORM_GetFocusedText
FORM_GetSelectedText
FORM_IsIndexSelected
FORM_OnAfterLoadPage
FORM_OnBeforeClosePage
FORM_OnChar
FORM_OnFocus
FORM_OnKeyDown
FORM_OnKeyUp
FORM_OnLButtonDoubleClick
FORM_OnLButtonDown
FORM_OnLButtonUp
FORM_OnMouseMove
FORM_OnMouseWheel
FORM_OnRButtonDown
FORM_OnRButtonUp
FORM_Redo
FORM_ReplaceAndKeepSelection
FORM_ReplaceSelection
FORM_SelectAllText
FORM_SetFocusedAnnot
FORM_SetIndexSelected
FORM_Undo
FPDFAction_GetDest
FPDFAction_GetFilePath
FPDFAction_GetType
FPDFAction_GetURIPath
FPDFAnnot_AddInkStroke
FPDFAnnot_AppendAttachmentPoints
FPDFAnnot_AppendObject
FPDFAnnot_CountAttachmentPoints
FPDFAnnot_GetAP
FPDFAnnot_GetAttachmentPoints
FPDFAnnot_GetBorder
FPDFAnnot_GetColor
FPDFAnnot_GetFlags
FPDFAnnot_GetFocusableSubtypes
FPDFAnnot_GetFocusableSubtypesCount
FPDFAnnot_GetFontSize
FPDFAnnot_GetFormAdditionalActionJavaScript
FPDFAnnot_GetFormControlCount
FPDFAnnot_GetFormControlIndex
FPDFAnnot_GetFormFieldAlternateName
FPDFAnnot_GetFormFieldAtPoint
FPDFAnnot_GetFormFieldExportValue
FPDFAnnot_GetFormFieldFlags
FPDFAnnot_GetFormFieldName
FPDFAnnot_GetFormFieldType
FPDFAnnot_GetFormFieldValue
FPDFAnnot_GetInkListCount
FPDFAnnot_GetInkListPath
FPDFAnnot_GetLine
FPDFAnnot_GetLink
FPDFAnnot_GetLinkedAnnot
FPDFAnnot_GetNumberValue
FPDFAnnot_GetObject
FPDFAnnot_GetObjectCount
FPDFAnnot_GetOptionCount
FPDFAnnot_GetOptionLabel
FPDFAnnot_GetRect
FPDFAnnot_GetStringValue
FPDFAnnot_GetSubtype
FPDFAnnot_GetValueType
FPDFAnnot_GetVertices
FPDFAnnot_HasAttachmentPoints
FPDFAnnot_HasKey
FPDFAnnot_IsChecked
FPDFAnnot_IsObjectSupportedSubtype
FPDFAnnot_IsOptionSelected
FPDFAnnot_IsSupportedSubtype
FPDFAnnot_RemoveInkList
FPDFAnnot_RemoveObject
FPDFAnnot_SetAP
FPDFAnnot_SetAttachmentPoints
FPDFAnnot_SetBorder
FPDFAnnot_SetColor
FPDFAnnot_SetFlags
FPDFAnnot_SetFocusableSubtypes
FPDFAnnot_SetRect
FPDFAnnot_SetStringValue
FPDFAnnot_SetURI
FPDFAnnot_UpdateObject
FPDFAttachment_GetFile
FPDFAttachment_GetName
FPDFAttachment_GetStringValue
FPDFAttachment_GetValueType
FPDFAttachment_HasKey
FPDFAttachment_SetFile
FPDFAttachment_SetStringValue
FPDFAvail_Create
FPDFAvail_Destroy
FPDFAvail_GetDocument
FPDFAvail_GetFirstPageNum
FPDFAvail_IsDocAvail
FPDFAvail_IsFormAvail
FPDFAvail_IsLinearized
FPDFAvail_IsPageAvail
FPDFBitmap_Create
FPDFBitmap_CreateEx
FPDFBitmap_Destroy
FPDFBitmap_FillRect
FPDFBitmap_GetBuffer
FPDFBitmap_GetFormat
FPDFBitmap_GetHeight
FPDFBitmap_GetStride
FPDFBitmap_GetWidth
FPDFBookmark_Find
FPDFBookmark_GetAction
FPDFBookmark_GetCount
FPDFBookmark_GetDest
FPDFBookmark_GetFirstChild
FPDFBookmark_GetNextSibling
FPDFBookmark_GetTitle
FPDFCatalog_IsTagged
FPDFClipPath_CountPathSegments
FPDFClipPath_CountPaths
FPDFClipPath_GetPathSegment
FPDFDOC_ExitFormFillEnvironment
FPDFDOC_InitFormFillEnvironment
FPDFDest_GetDestPageIndex
FPDFDest_GetLocationInPage
FPDFDest_GetView
FPDFDoc_AddAttachment
FPDFDoc_CloseJavaScriptAction
FPDFDoc_DeleteAttachment
FPDFDoc_GetAttachment
FPDFDoc_GetAttachmentCount
FPDFDoc_GetJavaScriptAction
FPDFDoc_GetJavaScriptActionCount
FPDFDoc_GetPageMode
FPDFFont_Close
FPDFFont_GetAscent
FPDFFont_GetDescent
FPDFFont_GetFlags
FPDFFont_GetFontData
FPDFFont_GetFontName
FPDFFont_GetGlyphPath
FPDFFont_GetGlyphWidth
FPDFFont_GetIsEmbedded
FPDFFont_GetItalicAngle
FPDFFont_GetWeight
FPDFFormObj_CountObjects
FPDFFormObj_GetObject
FPDFGlyphPath_CountGlyphSegments
FPDFGlyphPath_GetGlyphPathSegment
FPDFImageObj_GetBitmap
FPDFImageObj_GetImageDataDecoded
FPDFImageObj_GetImageDataRaw
FPDFImageObj_GetImageFilter
FPDFImageObj_GetImageFilterCount
FPDFImageObj_GetImageMetadata
FPDFImageObj_GetImagePixelSize
FPDFImageObj_GetRenderedBitmap
FPDFImageObj_LoadJpegFile
FPDFImageObj_LoadJpegFileInline
FPDFImageObj_SetBitmap
FPDFImageObj_SetMatrix
FPDFJavaScriptAction_GetName
FPDFJavaScriptAction_GetScript
FPDFLink_CloseWebLinks
FPDFLink_CountQuadPoints
FPDFLink_CountRects
FPDFLink_CountWebLinks
FPDFLink_Enumerate
FPDFLink_GetAction
FPDFLink_GetAnnot
FPDFLink_GetAnnotRect
FPDFLink_GetDest
FPDFLink_GetLinkAtPoint
FPDFLink_GetLinkZOrderAtPoint
FPDFLink_GetQuadPoints
FPDFLink_GetRect
FPDFLink_GetTextRange
FPDFLink_GetURL
FPDFLink_LoadWebLinks
FPDFPageObjMark_CountParams
FPDFPageObjMark_GetName
FPDFPageObjMark_GetParamBlobValue
FPDFPageObjMark_GetParamIntValue
FPDFPageObjMark_GetParamKey
FPDFPageObjMark_GetParamStringValue
FPDFPageObjMark_GetParamValueType
FPDFPageObjMark_RemoveParam
FPDFPageObjMark_SetBlobParam
FPDFPageObjMark_SetIntParam
FPDFPageObjMark_SetStringParam
FPDFPageObj_AddMark
FPDFPageObj_CountMarks
FPDFPageObj_CreateNewPath
FPDFPageObj_CreateNewRect
FPDFPageObj_CreateTextObj
FPDFPageObj_Destroy
FPDFPageObj_GetBounds
FPDFPageObj_GetClipPath
FPDFPageObj_GetDashArray
FPDFPageObj_GetDashCount
FPDFPageObj_GetDashPhase
FPDFPageObj_GetFillColor
FPDFPageObj_GetLineCap
FPDFPageObj_GetLineJoin
FPDFPageObj_GetMark
FPDFPageObj_GetMatrix
FPDFPageObj_GetRotatedBounds
FPDFPageObj_GetStrokeColor
FPDFPageObj_GetStrokeWidth
FPDFPageObj_GetType
FPDFPageObj_HasTransparency
FPDFPageObj_NewImageObj
FPDFPageObj_NewTextObj
FPDFPageObj_RemoveMark
FPDFPageObj_SetBlendMode
FPDFPageObj_SetDashArray
FPDFPageObj_SetDashPhase
FPDFPageObj_SetFillColor
FPDFPageObj_SetLineCap
FPDFPageObj_SetLineJoin
FPDFPageObj_SetMatrix
FPDFPageObj_SetStrokeColor
FPDFPageObj_SetStrokeWidth
FPDFPageObj_Transform
FPDFPageObj_TransformClipPath
FPDFPage_CloseAnnot
FPDFPage_CountObjects
FPDFPage_CreateAnnot
FPDFPage_Delete
FPDFPage_Flatten
FPDFPage_FormFieldZOrderAtPoint
FPDFPage_GenerateContent
FPDFPage_GetAnnot
FPDFPage_GetAnnotCount
FPDFPage_GetAnnotIndex
FPDFPage_GetArtBox
FPDFPage_GetBleedBox
FPDFPage_GetCropBox
FPDFPage_GetDecodedThumbnailData
FPDFPage_GetMediaBox
FPDFPage_GetObject
FPDFPage_GetRawThumbnailData
FPDFPage_GetRotation
FPDFPage_GetThumbnailAsBitmap
FPDFPage_GetTrimBox
FPDFPage_HasFormFieldAtPoint
FPDFPage_HasTransparency
FPDFPage_InsertClipPath
FPDFPage_InsertObject
FPDFPage_New
FPDFPage_RemoveAnnot
FPDFPage_RemoveObject
FPDFPage_SetArtBox
FPDFPage_SetBleedBox
FPDFPage_SetCropBox
FPDFPage_SetMediaBox
FPDFPage_SetRotation
FPDFPage_SetTrimBox
FPDFPage_TransFormWithClip
FPDFPage_TransformAnnots
FPDFPathSegment_GetClose
FPDFPathSegment_GetPoint
FPDFPathSegment_GetType
FPDFPath_BezierTo
FPDFPath_Close
FPDFPath_CountSegments
FPDFPath_GetDrawMode
FPDFPath_GetPathSegment
FPDFPath_LineTo
FPDFPath_MoveTo
FPDFPath_SetDrawMode
FPDFSignatureObj_GetByteRange
FPDFSignatureObj_GetContents
FPDFSignatureObj_GetDocMDPPermission
FPDFSignatureObj_GetReason
FPDFSignatureObj_GetSubFilter
FPDFSignatureObj_GetTime
FPDFTextObj_GetFont
FPDFTextObj_GetFontSize
FPDFTextObj_GetRenderedBitmap
FPDFTextObj_GetText
FPDFTextObj_GetTextRenderMode
FPDFTextObj_SetTextRenderMode
FPDFText_ClosePage
FPDFText_CountChars
FPDFText_CountRects
FPDFText_FindClose
FPDFText_FindNext
FPDFText_FindPrev
FPDFText_FindStart
FPDFText_GetBoundedText
FPDFText_GetCharAngle
FPDFText_GetCharBox
FPDFText_GetCharIndexAtPos
FPDFText_GetCharIndexFromTextIndex
FPDFText_GetCharOrigin
FPDFText_GetFillColor
FPDFText_GetFontInfo
FPDFText_GetFontSize
FPDFText_GetFontWeight
FPDFText_GetLooseCharBox
FPDFText_GetMatrix
FPDFText_GetRect
FPDFText_GetSchCount
FPDFText_GetSchResultIndex
FPDFText_GetStrokeColor
FPDFText_GetText
FPDFText_GetTextIndexFromCharIndex
FPDFText_GetTextRenderMode
FPDFText_GetUnicode
FPDFText_HasUnicodeMapError
FPDFText_IsGenerated
FPDFText_LoadFont
FPDFText_LoadPage
FPDFText_LoadStandardFont
FPDFText_SetCharcodes
FPDFText_SetText
FPDF_AddInstalledFont
FPDF_CloseDocument
FPDF_ClosePage
FPDF_CloseXObject
FPDF_CopyViewerPreferences
FPDF_CountNamedDests
FPDF_CreateClipPath
FPDF_CreateNewDocument
FPDF_DestroyClipPath
FPDF_DestroyLibrary
FPDF_DeviceToPage
FPDF_DocumentHasValidCrossReferenceTable
FPDF_FFLDraw
FPDF_FreeDefaultSystemFontInfo
FPDF_GetDefaultSystemFontInfo
FPDF_GetDefaultTTFMap
FPDF_GetDocPermissions
FPDF_GetFileIdentifier
FPDF_GetFileVersion
FPDF_GetFormType
FPDF_GetLastError
FPDF_GetMetaText
FPDF_GetNamedDest
FPDF_GetNamedDestByName
FPDF_GetPageAAction
FPDF_GetPageBoundingBox
FPDF_GetPageCount
FPDF_GetPageHeight
FPDF_GetPageHeightF
FPDF_GetPageLabel
FPDF_GetPageSizeByIndex
FPDF_GetPageSizeByIndexF
FPDF_GetPageWidth
FPDF_GetPageWidthF
FPDF_GetSecurityHandlerRevision
FPDF_GetSignatureCount
FPDF_GetSignatureObject
FPDF_GetTrailerEnds
FPDF_GetXFAPacketContent
FPDF_GetXFAPacketCount
FPDF_GetXFAPacketName
FPDF_ImportNPagesToOne
FPDF_ImportPages
FPDF_ImportPagesByIndex
FPDF_InitLibrary
FPDF_InitLibraryWithConfig
FPDF_LoadCustomDocument
FPDF_LoadDocument
FPDF_LoadMemDocument
FPDF_LoadMemDocument64
FPDF_LoadPage
FPDF_LoadXFA
FPDF_NewFormObjectFromXObject
FPDF_NewXObjectFromPage
FPDF_PageToDevice
FPDF_RemoveFormFieldHighlight
FPDF_RenderPage
FPDF_RenderPageBitmap
FPDF_RenderPageBitmapWithColorScheme_Start
FPDF_RenderPageBitmapWithMatrix
FPDF_RenderPageBitmap_Start
FPDF_RenderPage_Close
FPDF_RenderPage_Continue
FPDF_SaveAsCopy
FPDF_SaveWithVersion
FPDF_SetFormFieldHighlightAlpha
FPDF_SetFormFieldHighlightColor
FPDF_SetPrintMode
FPDF_SetSandBoxPolicy
FPDF_SetSystemFontInfo
FPDF_StructElement_Attr_GetBlobValue
FPDF_StructElement_Attr_GetBooleanValue
FPDF_StructElement_Attr_GetCount
FPDF_StructElement_Attr_GetName
FPDF_StructElement_Attr_GetNumberValue
FPDF_StructElement_Attr_GetStringValue
FPDF_StructElement_Attr_GetType
FPDF_StructElement_CountChildren
FPDF_StructElement_GetActualText
FPDF_StructElement_GetAltText
FPDF_StructElement_GetAttributeAtIndex
FPDF_StructElement_GetAttributeCount
FPDF_StructElement_GetChildAtIndex
FPDF_StructElement_GetID
FPDF_StructElement_GetLang
FPDF_StructElement_GetMarkedContentID
FPDF_StructElement_GetMarkedContentIdAtIndex
FPDF_StructElement_GetMarkedContentIdCount
FPDF_StructElement_GetObjType
FPDF_StructElement_GetParent
FPDF_StructElement_GetStringAttribute
FPDF_StructElement_GetTitle
FPDF_StructElement_GetType
FPDF_StructTree_Close
FPDF_StructTree_CountChildren
FPDF_StructTree_GetChildAtIndex
FPDF_StructTree_GetForPage
FPDF_VIEWERREF_GetDuplex
FPDF_VIEWERREF_GetName
FPDF_VIEWERREF_GetNumCopies
FPDF_VIEWERREF_GetPrintPageRange
FPDF_VIEWERREF_GetPrintPageRangeCount
FPDF_VIEWERREF_GetPrintPageRangeElement
FPDF_VIEWERREF_GetPrintScaling
FSDK_SetLocaltimeFunction
FSDK_SetTimeFunction
FSDK_SetUnSpObjProcessHandler

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

malloc_h
Size: 512B - Virtual size: 243B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DESCARGAR 83843 NOTIFICACIÓN ELECTRÓNICA RADICADO 41531351355335313 CONFIRMAR RECIBIDO/rndloc

Sharing

General

Malware Config

Signatures

Files

Password: 03OCT2024ESM

Password: 03OCT2024ESM

543ff43a43ebc6d708b7bdd3d8aa2b5a

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

19:7d:d3:52:28:07:05:63:65:d3:06:e8:b2:91:ae:8e:1e:75:11:6f:b2:fc:c2:e6:f4:c7:69:75:c7:83:5b:d7Signer

Headers

DLL Characteristics

File Characteristics

Imports

winmm

oleacc

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

ole32

gdi32

Exports

Exports

Sections

.text Size: 6.6MB - Virtual size: 6.6MB

.itext Size: 15KB - Virtual size: 14KB

.data Size: 233KB - Virtual size: 232KB

.bss Size: - Virtual size: 206KB

.idata Size: 16KB - Virtual size: 16KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 155B

.tls Size: - Virtual size: 516B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 530KB - Virtual size: 530KB

.rsrc Size: 991KB - Virtual size: 991KB

Password: 03OCT2024ESM

a5fed7a887d57ee621fb994976dc00b8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

gdi32

user32

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 21KB - Virtual size: 52KB

.00cfg Size: 512B - Virtual size: 8B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

b3:6f:f2:58:d2:ce:50:52:ee:69:c6:39:4c:aa:64:d2
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

19:7d:d3:52:28:07:05:63:65:d3:06:e8:b2:91:ae:8e:1e:75:11:6f:b2:fc:c2:e6:f4:c7:69:75:c7:83:5b:d7
Signer

.text
Size: 6.6MB - Virtual size: 6.6MB

.itext
Size: 15KB - Virtual size: 14KB

.data
Size: 233KB - Virtual size: 232KB

.bss
Size: - Virtual size: 206KB

.idata
Size: 16KB - Virtual size: 16KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 155B

.tls
Size: - Virtual size: 516B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 530KB - Virtual size: 530KB

.rsrc
Size: 991KB - Virtual size: 991KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 21KB - Virtual size: 52KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 161B

malloc_h
Size: 512B - Virtual size: 243B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 74KB - Virtual size: 73KB