8b6c152c9cac751ab8e43c6a1fccfeeae682221bad16264d93995a6afe1ecaf8N

Sharing

Copy URL Twitter E-mail

General

Target

8b6c152c9cac751ab8e43c6a1fccfeeae682221bad16264d93995a6afe1ecaf8N
Size

6.1MB
MD5

86525709cc9461c0f77d582013908420
SHA1

df2ebb893346697601df64c83ae00acce0137070
SHA256

8b6c152c9cac751ab8e43c6a1fccfeeae682221bad16264d93995a6afe1ecaf8
SHA512

1ccd6cac939d22a6d116837adf67d9d3b05290042adf1c185732c3d1c2efff5de661958d46f31458db4b7fa0f3916e755ceccf450a23f62a0510f16224ee2d11
SSDEEP

98304:/sYTiS7nC7TW9HN9TPzxa8madqIYTBJFu7T6R9cWxvcpFLOAkGkzdnEVomFHKnPM:xG+C7TGN5PzxGNR9cWqFLOyomFHKnPM

Score

1^/10

Malware Config

Signatures

Files

8b6c152c9cac751ab8e43c6a1fccfeeae682221bad16264d93995a6afe1ecaf8N
.exe windows:5 windows x86 arch:x86

9a4e9a3754701fa5b9403344060e24f1

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

31/12/2021, 14:10

Not After

10/02/2025, 13:32

Subject

SERIALNUMBER=02973414,CN=PARAMOUNT SOFTWARE UK LIMITED,O=PARAMOUNT SOFTWARE UK LIMITED,STREET=Unit 13 Lloyd Street North\, Manchester Science Park,L=Manchester,ST=Greater Manchester,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:36:ec:24:b8:4a:52:d9:30:b5:57:6c:9c:77:4e:0f:d6:fe:38:d1:10:7e:82:da:e8:2e:c0:a3:4c:62:49:0b
Signer

Actual PE Digest

6d:36:ec:24:b8:4a:52:d9:30:b5:57:6c:9c:77:4e:0f:d6:fe:38:d1:10:7e:82:da:e8:2e:c0:a3:4c:62:49:0b

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\release-reflect-8-1\Release\x86\Working\Consolidate.pdb

Imports

mpr

WNetGetUniversalNameW
WNetGetConnectionW
WNetAddConnection3W
WNetOpenEnumW
WNetGetUserW
WNetCloseEnum
WNetEnumResourceW
WNetCancelConnection2W

netapi32

NetShareEnum
NetApiBufferFree
NetServerGetInfo
NetShareGetInfo

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
GetConsoleCP
EnumSystemLocalesW
GetThreadTimes
ExitProcess
VirtualQuery
HeapQueryInformation
GetCommandLineA
ReadConsoleW
GetConsoleMode
WriteConsoleW
GetStdHandle
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
GetCPInfo
SwitchToThread
TryEnterCriticalSection
GetStringTypeW
UnregisterWait
QueryDepthSList
IsValidLocale
GlobalUnlock
MulDiv
EncodePointer
FreeResource
GetModuleHandleA
GlobalDeleteAtom
GetLastError
InitializeCriticalSectionAndSpinCount
GlobalLock
GlobalSize
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateEventW
CloseHandle
SizeofResource
LockResource
LoadResource
FindResourceW
SetEvent
GetLogicalDrives
GetDriveTypeW
ResumeThread
WaitForSingleObject
TerminateThread
ResetEvent
Sleep
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GlobalAlloc
GlobalFree
MultiByteToWideChar
GetThreadPriority
GetFileAttributesW
lstrcmpW
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
GetProcessHeap
GetComputerNameW
GetTempPathW
OpenMutexW
DeleteFileW
GetVolumeNameForVolumeMountPointW
WideCharToMultiByte
CreateMutexW
ReleaseMutex
SetFilePointerEx
ReadFile
GetTickCount
GetSystemDirectoryW
GetDateFormatW
GetTimeFormatW
CreateFileW
DeviceIoControl
QueryDosDeviceW
GetDiskFreeSpaceExW
GetLocaleInfoW
CreateDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetWindowsDirectoryW
GetVolumePathNamesForVolumeNameW
LocalFree
lstrlenW
GetModuleHandleW
GetCurrentProcess
FindFirstFileW
FindNextFileW
SetFileAttributesW
CopyFileW
FindClose
GetVersionExW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadWritePtr
SetFilePointer
WriteFile
SetThreadExecutionState
GetVolumeInformationW
SetEndOfFile
GetFileSizeEx
SetLastError
GetFileTime
SetFileTime
VerifyVersionInfoW
VerSetConditionMask
HeapFree
LocalAlloc
FormatMessageW
GetFileSize
WaitForMultipleObjects
DeleteVolumeMountPointW
SetVolumeMountPointW
CreateProcessW
GetExitCodeProcess
FlushFileBuffers
SystemTimeToTzSpecificLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo
VirtualAlloc
GetSystemTime
InitializeSListHead
VirtualFree
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentThreadId
CreateThread
GetExitCodeThread
OutputDebugStringW
GetUserDefaultLCID
GetSystemDefaultLCID
GetVersion
LoadLibraryA
LCMapStringW
GetTimeZoneInformation
GetFileType
GetCurrentProcessId
GetCurrentThread
GetModuleFileNameW
GetFirmwareEnvironmentVariableA
RemoveDirectoryW
MoveFileW
SetPriorityClass
GetComputerNameExW
DnsHostnameToComputerNameW
ProcessIdToSessionId
EnumDateFormatsExW
GetThreadLocale
SetThreadLocale
GetUserDefaultUILanguage
DuplicateHandle
GetLocalTime
GetFileAttributesExW
GetProcessTimes
OpenProcess
CompareFileTime
FindFirstVolumeMountPointW
FindNextVolumeMountPointW
FindVolumeMountPointClose
GetACP
MoveFileExW
ExpandEnvironmentStringsW
GetLocaleInfoA
GlobalAddAtomW
GlobalFindAtomW
GetTempFileNameW
ReleaseSemaphore
CreateSemaphoreW
OpenThread
TlsAlloc
TlsGetValue
TlsSetValue
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
RegisterWaitForSingleObject
UnregisterWaitEx
OutputDebugStringA
LoadLibraryExW
CompareStringW
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
SetErrorMode
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetSystemDefaultUILanguage
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
lstrcmpiW
UnlockFile
LockFile
GetFullPathNameW
SuspendThread
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
FindResourceExW

user32

GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
GetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
MoveWindow
SetWindowsHookExW
CheckDlgButton
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetComboBoxInfo
GetCapture
GetKeyState
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
DrawMenuBar
GetWindowThreadProcessId
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
ClientToScreen
FillRect
IntersectRect
PostQuitMessage
DrawEdge
DrawFrameControl
DrawStateW
SetWindowRgn
GetSysColorBrush
DrawFocusRect
DrawIconEx
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetMessageW
ShowOwnedPopups
SendDlgItemMessageA
DestroyMenu
CharUpperW
CopyImage
RealChildWindowFromPoint
GetAsyncKeyState
GetDC
TranslateMDISysAccel
DefMDIChildProcW
HideCaret
InvertRect
ReleaseDC
PeekMessageW
TranslateMessage
DispatchMessageW
SetRectEmpty
GetSysColor
GetClientRect
GetSystemMetrics
SetScrollPos
IsRectEmpty
SetScrollRange
OffsetRect
InflateRect
SetRect
PtInRect
InvalidateRect
GetCursorPos
ScreenToClient
SetCursor
LoadCursorW
SetTimer
KillTimer
EqualRect
LoadIconW
GetSystemMenu
AppendMenuW
IsIconic
DrawIcon
UnregisterClassW
MessageBoxW
IsCharAlphaW
PostThreadMessageW
LoadStringW
SendMessageTimeoutW
GetActiveWindow
MsgWaitForMultipleObjectsEx
EnumDisplaySettingsW
SystemParametersInfoW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
InsertMenuW
RemoveMenu
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetCaretPos
GetClassInfoExW
CreateWindowExW
CreateMenu
IsMenu
IsChild
DestroyWindow
DefFrameProcW
MapDialogRect
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetParent
MonitorFromPoint
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
TrackMouseEvent
IsZoomed
MessageBeep
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
UpdateLayeredWindow
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
SetWindowPos
GetWindowPlacement
SetWindowPlacement
DestroyCursor
GetWindowRgn
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
ReuseDDElParam
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
CopyAcceleratorTableW
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
UnhookWindowsHookEx
IsWindow
IsWindowVisible
GetParent
GetDesktopWindow
GetWindow
GetClassNameW
GetWindowRect
PostMessageW
SendMessageW
GetMenu
EnableWindow

gdi32

GetTextFaceW
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
GetRgnBox
Rectangle
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
CreateFontIndirectW
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
CreateDCW
CopyMetaFileW
DeleteDC
GetTextExtentPoint32W
BitBlt
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExW
RegEnumValueW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextW
RegCloseKey
RegQueryValueExW
OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
QueryServiceStatus
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueW
RegEnumKeyW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
ImpersonateAnonymousToken
SetThreadToken
RegOpenKeyW
OpenThreadToken
ImpersonateLoggedOnUser
RevertToSelf
LogonUserW
CryptReleaseContext
ConvertStringSidToSidW
FreeSid
LookupAccountSidW
AllocateAndInitializeSid
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
CryptGenRandom
GetTokenInformation
SetEntriesInAclW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegDeleteValueW
RegUnLoadKeyW
RegLoadKeyW
GetNamedSecurityInfoW
SetNamedSecurityInfoW

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetFolderPathW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetDesktopFolder
SHGetFileInfoW
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
SHGetSpecialFolderLocation
SHChangeNotify
SHFileOperationW

comctl32

InitCommonControlsEx
ord328
ord329
ord334
ord332
ord338

shlwapi

StrFormatKBSizeW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
PathFindExtensionW
PathIsNetworkPathW
PathFileExistsW
PathMatchSpecW

uxtheme

OpenThemeData
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetWindowTheme
GetThemePartSize

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoSetProxyBlanket
StringFromGUID2
CoInitializeSecurity
CoInitialize
CoCreateGuid
CLSIDFromString
CoTaskMemFree
CoUninitialize
CoInitializeEx
PropVariantClear
CoWaitForMultipleHandles
CoCreateInstance

oleaut32

SysFreeString
VariantInit
SysAllocStringLen
VarBstrFromDate
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysStringLen
LoadTypeLi
VariantCopy
VariantChangeType
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
VarDateFromStr

gdiplus

GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipBitmapLockBits
GdipGetImageHeight
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits

odbc32

ord13
ord31
ord75
ord61
ord9
ord24
ord111
ord43
ord135
ord136
ord141
ord210
ord4

wintrust

CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext

ntdll

NtCreateFile
RtlInitUnicodeString
NtClose

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
CM_Get_Parent

rpcrt4

UuidCreate

wsock32

ioctlsocket
inet_addr
WSAStartup
recvfrom
select
socket
sendto
htonl
closesocket
bind
WSACleanup
htons
setsockopt

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetConnectW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetSetOptionW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winhttp

WinHttpGetIEProxyConfigForCurrentUser

crypt32

CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptHashCertificate
CertGetNameStringW
CryptQueryObject

ws2_32

WSAAddressToStringW
getnameinfo
WSAStringToAddressW

winmm

PlaySoundW

iphlpapi

GetBestInterfaceEx
GetAdaptersAddresses
GetIpAddrTable
GetAdaptersInfo
GetTcpTable

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 779KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a4e9a3754701fa5b9403344060e24f1

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

6d:36:ec:24:b8:4a:52:d9:30:b5:57:6c:9c:77:4e:0f:d6:fe:38:d1:10:7e:82:da:e8:2e:c0:a3:4c:62:49:0bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpr

netapi32

version

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

odbc32

wintrust

ntdll

setupapi

rpcrt4

wsock32

oleacc

wininet

imm32

winhttp

crypt32

ws2_32

winmm

iphlpapi

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 779KB - Virtual size: 779KB

.data Size: 78KB - Virtual size: 118KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.reloc Size: 197KB - Virtual size: 197KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

6d:36:ec:24:b8:4a:52:d9:30:b5:57:6c:9c:77:4e:0f:d6:fe:38:d1:10:7e:82:da:e8:2e:c0:a3:4c:62:49:0b
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 779KB - Virtual size: 779KB

.data
Size: 78KB - Virtual size: 118KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.reloc
Size: 197KB - Virtual size: 197KB