2024-10-09_f14e531f450136f2212db9fd1b0a3b88_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-09_f14e531f450136f2212db9fd1b0a3b88_floxif_mafia
Size

3.5MB
MD5

f14e531f450136f2212db9fd1b0a3b88
SHA1

14c0302beb139ecf75ec5cb171c9483235c6eaa7
SHA256

68eb33ef097c75e0c837f4601d9f84a1a54398aca60acf29422bf9f75b1e5f37
SHA512

81e04570390d9082228dd385465dde2c0f70e99583bae13bdb0808bfb7d1c2339e1b9c975bb7ac5335ae2ee0ad6fec84a1e81b3981359bdb5b1e4f9bca270024
SSDEEP

98304:nYcehi8Z4SOi3tZWiq0UAT/4SS8XswDbW7tP+pq3rXCd9M/u:HFAfSWswmX3rXCWu

Score

1^/10

Malware Config

Signatures

Files

2024-10-09_f14e531f450136f2212db9fd1b0a3b88_floxif_mafia
.exe windows:5 windows x86 arch:x86

f53f49b14d1e7d359f091b234acf39f0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

64:33:a2:5d:b5:49:8d:25:b5:d5:37:20:ad:23:74:b6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04-09-2012 00:00

Not After

27-11-2013 23:59

Subject

CN=LENOVO(JAPAN)LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=LENOVO(JAPAN)LTD.,L=Minato-ku,ST=Tokyo,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:06:de:f3:0b:8f:fb:21:53:fa:ae:b2:08:fd:f3:0c:9a:da:20:c6
Signer

Actual PE Digest

5f:06:de:f3:0b:8f:fb:21:53:fa:ae:b2:08:fd:f3:0c:9a:da:20:c6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\build_que\pm-u4\src\RUN\US\PWMIDTSV.pdb

Imports

kernel32

GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LCMapStringW
GetConsoleCP
IsValidCodePage
GetOEMCP
GetModuleHandleA
LoadLibraryA
SetConsoleCtrlHandler
FatalAppExitA
SetEnvironmentVariableA
GetStringTypeW
GetACP
GetCPInfo
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapDestroy
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
VirtualQuery
VirtualAlloc
HeapSize
SizeofResource
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
ExitProcess
RaiseException
GetDateFormatW
GetTimeFormatW
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
RtlUnwind
HeapSetInformation
GetCommandLineW
LocalLock
LocalUnlock
FindResourceExW
GetDiskFreeSpaceW
ReplaceFileW
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameW
GlobalGetAtomNameW
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrlenA
ReleaseSemaphore
CreateSemaphoreW
FreeResource
GlobalFindAtomW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ReleaseActCtx
CreateActCtxW
GlobalAddAtomW
WritePrivateProfileStringW
SetThreadPriority
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetModuleFileNameW
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
ActivateActCtx
DeactivateActCtx
lstrcmpW
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
SetLastError
SuspendThread
SetProcessWorkingSetSize
OpenMutexW
IsSystemResumeAutomatic
GetTimeZoneInformation
ReleaseMutex
GetCurrentThreadId
OpenEventW
WriteConsoleA
GetLocalTime
GetStdHandle
SetSystemPowerState
FlushConsoleInputBuffer
SetConsoleScreenBufferSize
GetCurrentProcess
AllocConsole
CreateMutexW
GetStartupInfoW
GetSystemWow64DirectoryW
GetPrivateProfileSectionW
GetPrivateProfileStringW
LocalAlloc
LocalFree
GlobalFree
GlobalAlloc
lstrcpyW
GetUserDefaultUILanguage
GetSystemInfo
CreateEventW
GlobalMemoryStatusEx
GetPrivateProfileStringA
GetTickCount
OutputDebugStringW
GetUserDefaultLCID
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntW
MultiByteToWideChar
lstrcpynW
GetVersionExW
WideCharToMultiByte
DeleteFileW
DeviceIoControl
MoveFileW
GetLastError
CreateFileW
GetFileAttributesW
GetExitCodeProcess
Sleep
GetModuleHandleW
GetLogicalDriveStringsW
GetDriveTypeW
ResumeThread
CreateWaitableTimerW
WaitForMultipleObjects
ResetEvent
SetEvent
CancelWaitableTimer
SetWaitableTimer
OpenFileMappingW
MapViewOfFile
CreateFileMappingW
GetSystemPowerStatus
UnmapViewOfFile
SetUnhandledExceptionFilter
LoadLibraryW
GetProcAddress
FreeLibrary
lstrlenW
GetCurrentProcessId
CreateProcessW
CloseHandle
OpenProcess
WaitForSingleObject
FindResourceW
LoadResource
LockResource
WriteConsoleW

user32

LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
CreateDialogIndirectParamW
GetNextDlgTabItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
IntersectRect
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
CopyImage
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
CharUpperW
DestroyIcon
IsIconic
InvalidateRect
GetDesktopWindow
RealChildWindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColorBrush
MsgWaitForMultipleObjectsEx
ScrollWindowEx
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
TranslateMDISysAccel
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetNextDlgGroupItem
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
SetTimer
KillTimer
EnableWindow
PostMessageW
MonitorFromPoint
GetWindowTextLengthW
GetWindowTextW
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
CopyRect
PtInRect
GetWindow
UnionRect
UpdateLayeredWindow
IsMenu
InSendMessage
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
GetCapture
DrawMenuBar
GetDoubleClickTime
IsWindow
FindWindowW
SendMessageW
EnumDisplaySettingsW
IsWindowVisible
ShowWindow
GetSysColor
SystemParametersInfoW
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
GetDialogBaseUnits
MapDialogRect
DrawIcon
DestroyCursor
WindowFromDC
GetWindowRgn
EnumChildWindows
GetDCEx
GetTabbedTextExtentW
LoadIconW
SetSysColors
ChangeDisplaySettingsW
EndDialog
RegisterWindowMessageW
SendNotifyMessageW
GetWindowLongW
EnumDisplaySettingsExW
ChangeDisplaySettingsExW
EnumDisplayDevicesW
GetUserObjectInformationW
SwitchDesktop
CloseDesktop
ExitWindowsEx
OpenDesktopW
GetThreadDesktop
LockWorkStation
CreateDesktopW
GetWindowThreadProcessId
GetForegroundWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
PostQuitMessage
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
GetActiveWindow
DispatchMessageW
EmptyClipboard

gdi32

SetPixel
RoundRect
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
StartPage
EndPage
SetAbortProc
StretchBlt
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
GetWindowExtEx
GetViewportExtEx
SelectClipPath
SetDIBColorTable
GetDIBits
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
DPtoLP
GetMapMode
SetRectRgn
Polygon
Ellipse
Polyline
CreateEllipticRgn
PatBlt
GetTextColor
GetBkColor
CombineRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetCurrentObject
StretchDIBits
CreateFontW
GetCharWidthW
GetTextExtentPoint32W
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
AbortDoc
GetStockObject
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectW
CreatePatternBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
CopyMetaFileW
CreateDCW
CreateBitmap
SetTextColor
SetBkColor
GetObjectW
CreateDIBitmap
GetPixel

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

IsValidSecurityDescriptor
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
CloseServiceHandle
OpenSCManagerW
RegQueryValueW
RegEnumKeyW
RegSetValueW
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteValueW
GetUserNameW
RegNotifyChangeKeyValue
GetSecurityDescriptorDacl
GetLengthSid
RegCloseKey
AddAce
InitializeAcl
SetFileSecurityW
LookupAccountSidW
GetAce
LookupAccountNameW
GetFileSecurityW
GetAclInformation
SetSecurityDescriptorControl
ControlService
EventRegister
RegEnumValueW
QueryServiceStatusEx
QueryServiceStatus
SetSecurityDescriptorDacl
EventUnregister
InitializeSecurityDescriptor
EventWrite
OpenServiceW

shell32

ShellExecuteExW
SHAppBarMessage
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetDesktopFolder
ShellExecuteW
ExtractIconW
SHAddToRecentDocs
SHGetFolderPathW
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderLocation
SHChangeNotify
ord165
SHGetSpecialFolderPathW
SHBrowseForFolderW

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
SHCreateStreamOnFileW
PathFileExistsW
PathRemoveFileSpecW

ole32

OleSetClipboard
CreateStreamOnHGlobal
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CoInitializeEx
CoDisconnectObject
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
OleIsCurrentClipboard
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleFlushClipboard
DoDragDrop
PropVariantCopy
StgCreateDocfileOnILockBytes
OleSave
WriteClassStm
OleRegGetUserType
WriteClassStg
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromProgID
CoSetProxyBlanket
CoCreateGuid
OleRun
CoInitializeSecurity
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CreateDataAdviseHolder
OleInitialize
StringFromGUID2
CLSIDFromString
CoCreateInstance
CoInitialize
CoUninitialize
OleIsRunning
OleQueryLinkFromData
CoTreatAsClass
OleQueryCreateFromData

oleaut32

VariantInit
SysAllocStringLen
VariantChangeType
SafeArrayGetElement
SysFreeString
SafeArrayGetUBound
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
VariantClear
SafeArrayGetLBound
SysAllocString
CreateErrorInfo
GetErrorInfo
SetErrorInfo
SafeArrayDestroyData

oledlg

OleUIBusyW

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
CM_Request_Device_EjectW
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW

xmllite

CreateXmlWriter
CreateXmlReader

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

powrprof

CallNtPowerInformation

winmm

PlaySoundW
mciSendCommandW

psapi

EnumProcesses
GetModuleBaseNameW
EnumProcessModules

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipCreateBitmapFromStreamICM
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

rpcrt4

UuidFromStringW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 609KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f53f49b14d1e7d359f091b234acf39f0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

64:33:a2:5d:b5:49:8d:25:b5:d5:37:20:ad:23:74:b6Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

5f:06:de:f3:0b:8f:fb:21:53:fa:ae:b2:08:fd:f3:0c:9a:da:20:c6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

setupapi

xmllite

wtsapi32

powrprof

winmm

psapi

oleacc

gdiplus

imm32

rpcrt4

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 609KB - Virtual size: 609KB

.data Size: 43KB - Virtual size: 77KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 221KB - Virtual size: 220KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

64:33:a2:5d:b5:49:8d:25:b5:d5:37:20:ad:23:74:b6
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

5f:06:de:f3:0b:8f:fb:21:53:fa:ae:b2:08:fd:f3:0c:9a:da:20:c6
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 609KB - Virtual size: 609KB

.data
Size: 43KB - Virtual size: 77KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 221KB - Virtual size: 220KB