70db79f51e1f772b0ac7a317b60e1ad0a23d0a3c793ca351c316dcb8bdad7c0a

Sharing

Copy URL

Twitter E-mail

General

Target

70db79f51e1f772b0ac7a317b60e1ad0a23d0a3c793ca351c316dcb8bdad7c0a
Size

14.5MB
MD5

fba3f3f5401e2125f4a49c8e182816ea
SHA1

a3ce13ac870e3c3a6e1c64ac9ff796d99db640db
SHA256

70db79f51e1f772b0ac7a317b60e1ad0a23d0a3c793ca351c316dcb8bdad7c0a
SHA512

0a680bc9c69164aa4aa08dd841445209bc2b652fa73d81253852ee8186899827ac89571864bdc6a433d97ff776335b5379d478ad43e60b6055d379ecb77dd6d6
SSDEEP

393216:IkGvHke2G9OsP3F6kQXnAMzdjSLe8uciGp:IkGvHjynAMdSJupGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IDM6.42һü//IDM_6.4x_Crack_v19.7.exe

Files

70db79f51e1f772b0ac7a317b60e1ad0a23d0a3c793ca351c316dcb8bdad7c0a
.zip
IDM6.42һü/idman642build20.exe
.exe windows:5 windows x86 arch:x86

7cd322a21a166e5f354457c41d1d9fb7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:b4:f1:90:dd:df:d8:4c:e2:fd:14:62:f5:f3:36:a1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25-10-2022 00:00

Not After

25-10-2025 23:59

Subject

SERIALNUMBER=4038361,CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:f6:76:02:69:a3:ef:56:b2:29:af:84:87:d9:58:b2:c6:fb:b3:cf:f2:ff:15:a0:ae:06:90:74:c5:21:96:84
Signer

Actual PE Digest

88:f6:76:02:69:a3:ef:56:b2:29:af:84:87:d9:58:b2:c6:fb:b3:cf:f2:ff:15:a0:ae:06:90:74:c5:21:96:84

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey

user32

FindWindowA
ShowWindow
SetForegroundWindow
CreateDialogParamA
SetWindowTextA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfW
DestroyWindow
PostQuitMessage
wsprintfA
MessageBoxA
SendMessageA

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetDiskFreeSpaceW
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetCurrentProcess
LocalFree
lstrlenA
CloseHandle
WriteFile
SetFilePointer
CreateFileW
FormatMessageA
GetLastError
CreateThread
CreateProcessW
GetModuleFileNameW
GetExitCodeThread
WaitForSingleObject
CreateDirectoryW
GetFileAttributesW
GetTempPathW
GetVersionExA
ExitProcess
CreateMutexA
ExitThread
MapViewOfFile
SetFileTime
GetFileTime
CreateFileMappingA
GetFileSize
UnmapViewOfFile
RtlUnwind
HeapFree
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapAlloc
RaiseException
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
InitializeCriticalSectionAndSpinCount

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDM6.42һü/жع/geek.exe
.exe windows:6 windows x86 arch:x86

5f9dc9a8e05da850629092e4e2c5d8cf

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4f
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10-04-2023 00:00

Not After

09-07-2026 23:59

Subject

CN=CrystalBit Solutions,O=CrystalBit Solutions,ST=West-Vlaanderen,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4f
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10-04-2023 00:00

Not After

09-07-2026 23:59

Subject

CN=CrystalBit Solutions,O=CrystalBit Solutions,ST=West-Vlaanderen,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:8a:a5:af:c8:63:43:cf:af:07:df:1f:31:b5:79:77:2e:03:4e:bc:38:a5:a6:40:07:ec:03:52:03:8d:59:c9
Signer

Actual PE Digest

e2:8a:a5:af:c8:63:43:cf:af:07:df:1f:31:b5:79:77:2e:03:4e:bc:38:a5:a6:40:07:ec:03:52:03:8d:59:c9

Digest Algorithm

sha256

PE Digest Matches

true

6c:0e:da:bf:d3:94:0f:bb:cd:fb:65:da:29:98:82:67:6c:ed:4c:2f
Signer

Actual PE Digest

6c:0e:da:bf:d3:94:0f:bb:cd:fb:65:da:29:98:82:67:6c:ed:4c:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Projects\uninstall-tool\Ready\geek.pdb

Imports

kernel32

FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
GetFileSizeEx
GlobalFlags
GetSystemDefaultUILanguage
SetErrorMode
GetUserDefaultLCID
IsProcessorFeaturePresent
UnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetDriveTypeW
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetPrivateProfileIntW
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetCommandLineA
GetFileType
SetStdHandle
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetStringTypeW
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SuspendThread
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
GetACP
OpenEventW
OpenMutexW
CreateMutexW
GlobalFree
lstrlenA
ExitProcess
CompareStringW
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpA
ResumeThread
SetThreadPriority
CreateThread
CreateDirectoryW
GetTimeFormatW
GetDateFormatW
GetModuleHandleA
LocalUnlock
LocalLock
GetVersionExW
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
SetFilePointer
GlobalLock
GlobalUnlock
GlobalAlloc
lstrcatW
lstrcpyW
GetNativeSystemInfo
GetVersion
SetUnhandledExceptionFilter
K32GetModuleFileNameExW
GetThreadLocale
K32EnumProcessModules
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryFullProcessImageNameW
FormatMessageW
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThread
GetExitCodeProcess
GetProcessTimes
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
ReleaseSemaphore
OutputDebugStringW
DebugBreak
IsDebuggerPresent
FileTimeToLocalFileTime
CompareFileTime
GetTempFileNameW
GetFullPathNameW
FindNextFileW
FindFirstFileW
FindClose
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
WriteConsoleA
GetConsoleMode
GetStdHandle
GetDynamicTimeZoneInformation
GetFileAttributesW
WriteConsoleW
GetWindowsDirectoryW
SetFileAttributesW
RemoveDirectoryW
IsBadWritePtr
IsBadReadPtr
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
MoveFileExW
SystemTimeToFileTime
GetSystemTime
CreateProcessW
GetComputerNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetLongPathNameW
GetExitCodeThread
GetTickCount
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
lstrcmpW
SearchPathW
ReadFile
GetFileSize
GetCommandLineW
GetLocalTime
Sleep
GetCurrentDirectoryW
lstrcpynW
LoadLibraryExW
VirtualProtect
LoadLibraryA
FreeLibrary
lstrlenW
OpenProcess
TerminateProcess
GetLastError
MulDiv
GetLocaleInfoW
VerifyVersionInfoW
VerSetConditionMask
LocalFree
LocalAlloc
GetProcAddress
GetTickCount64
WideCharToMultiByte
GetCurrentThreadId
DeleteCriticalSection
CreateFileW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetUserDefaultUILanguage
GetModuleHandleW
GetCurrentProcess
GetTempPathW
WriteFile
DeleteFileW
MultiByteToWideChar
GetCurrentProcessId
FindResourceW
SizeofResource
LockResource
LoadResource
TerminateThread
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
SetLastError
CloseHandle
LCMapStringW

user32

CopyAcceleratorTableW
LoadAcceleratorsW
IsWindowEnabled
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardState
IsCharLowerW
CharUpperW
IsIconic
GetKeyboardLayout
GetKeyboardLayoutList
ToUnicodeEx
GetMenuItemCount
GetMenuItemInfoW
GetMenuItemID
SetParent
GetTopWindow
UpdateWindow
LoadMenuW
MapVirtualKeyW
wsprintfW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CreateIconIndirect
CreateIconFromResourceEx
LoadBitmapW
DrawStateW
RegisterClipboardFormatW
GetNextDlgTabItem
GetSysColorBrush
AdjustWindowRectEx
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetDesktopWindow
InvertRect
LockWindowUpdate
GetDCEx
TabbedTextOutW
GrayStringW
DrawTextExW
GetSubMenu
ReleaseCapture
SetCapture
GetCapture
CheckMenuItem
SetMenuItemBitmaps
EnableWindow
GetWindowTextW
EnumWindows
WinHelpW
IsDialogMessageW
GetWindow
GetLastActivePopup
MessageBeep
RedrawWindow
IsZoomed
EnableMenuItem
GetSystemMenu
GetAsyncKeyState
GetDialogBaseUnits
CheckDlgButton
CreateDialogIndirectParamW
MoveWindow
DestroyWindow
PostQuitMessage
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
LoadStringW
EnumDisplaySettingsW
FindWindowExW
FindWindowW
MessageBoxW
WaitForInputIdle
GetMenuCheckMarkDimensions
EmptyClipboard
SetClipboardData
CloseClipboard
GetDoubleClickTime
GetMenu
SetMenu
GetMenuState
GetClassLongW
SetCursorPos
CallWindowProcW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
GetTabbedTextExtentA
MapDialogRect
GetWindowPlacement
SetWindowPlacement
TranslateAcceleratorW
DrawFocusRect
OpenClipboard
BringWindowToTop
ShowWindow
CreateWindowExW
DefWindowProcW
GetMessageW
CharLowerBuffW
CharLowerBuffA
FillRect
InsertMenuW
SetWindowTextW
GetDlgItem
CharLowerW
IsClipboardFormatAvailable
MapWindowPoints
IsMenu
IsChild
GetDlgCtrlID
GetWindowRgn
HideCaret
ShowCaret
SetActiveWindow
SetWindowRgn
UnionRect
GetMenuStringW
LookupIconIdFromDirectoryEx
GetCursor
WindowFromPoint
DrawIcon
DrawEdge
SendMessageW
GetSysColor
GetParent
EnumChildWindows
GetFocus
GetSystemMetrics
DrawTextW
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRgn
GetWindowTextLengthW
GetClientRect
GetWindowRect
GetCursorPos
FrameRect
InflateRect
IntersectRect
PtInRect
GetWindowLongW
GetClassNameW
RegisterWindowMessageW
PostMessageW
IsWindow
GetKeyState
InvalidateRect
SetCursor
ScreenToClient
SetRect
UnpackDDElParam
OffsetRect
LoadCursorW
DestroyIcon
LoadImageW
DrawIconEx
GetIconInfo
LoadIconW
SetWindowPos
SetWindowLongW
SendMessageTimeoutW
GetWindowThreadProcessId
DrawFrameControl
GetMessagePos
CreatePopupMenu
AppendMenuW
CopyRect
SetClassLongW
SystemParametersInfoW
GetForegroundWindow
SetRectEmpty
IsRectEmpty
EqualRect
GetActiveWindow
UnregisterClassW
IsWindowVisible
TrackPopupMenu
GetMenuDefaultItem
SetForegroundWindow
SetTimer
KillTimer
ClientToScreen
CopyIcon
SetMenuItemInfoW
GetMessageTime
RegisterClassW
GetClassInfoW
SendDlgItemMessageA
GetClassInfoExW
ValidateRect
GetScrollPos
SetScrollRange
SetPropW
GetPropW
RemovePropW
MonitorFromWindow
GetMonitorInfoW
EndDialog
ShowOwnedPopups
GetWindowDC
CharNextW
DestroyMenu
SetWindowContextHelpId
DrawMenuBar
DefFrameProcW
TranslateMDISysAccel
InsertMenuItemW
PostThreadMessageW
GetNextDlgGroupItem
RealChildWindowFromPoint
DeleteMenu
ReuseDDElParam
SetFocus

gdi32

GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetTextAlign
GetTextExtentPoint32A
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
ExtSelectClipRgn
BeginPath
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
MoveToEx
PolyBezierTo
OffsetViewportOrgEx
GetRgnBox
GetBkColor
RestoreDC
RealizePalette
SaveDC
SetDIBitsToDevice
ExcludeClipRect
SelectClipRgn
Ellipse
SetMapMode
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
StretchDIBits
CreatePatternBrush
CombineRgn
Polyline
CreateFontW
GetViewportOrgEx
GetBitmapBits
ExtCreateRegion
PtInRegion
CreateRectRgn
GetTextMetricsW
GetCurrentObject
CreateDIBSection
SetStretchBltMode
StretchBlt
GetDIBits
CreateBitmap
Polygon
TextOutW
SetPixel
RectVisible
PtVisible
Escape
EnumFontFamiliesExW
CreateRectRgnIndirect
BitBlt
DeleteDC
CreateDCW
GetTextColor
RoundRect
Rectangle
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
DeleteObject
CreatePen
ExtTextOutW
SetTextColor
SetBkMode
SetBkColor
SelectObject
PatBlt
GetStockObject
GetDeviceCaps
GetPixel
CreateSolidBrush

msimg32

GradientFill

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryInfoKeyW
RegDeleteKeyW
GetTokenInformation
IsValidSid
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegEnumKeyExW
ConvertSidToStringSidW

shell32

DragFinish
DragQueryFileW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetPathFromIDListW
SHFileOperationW
CommandLineToArgvW
SHGetFileInfoW
ExtractIconExW
ShellExecuteW

comctl32

ImageList_Draw
ImageList_GetIconSize
ord410
ord412
ord413
ord381
ImageList_AddMasked
_TrackMouseEvent
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIcon
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_DrawEx
ImageList_GetImageInfo

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
ord487
PathStripPathW
PathMatchSpecW
PathRemoveFileSpecW
PathAddBackslashW
StrFormatByteSizeW
PathIsDirectoryW
PathParseIconLocationW
PathFileExistsW
PathUnquoteSpacesW
PathRemoveArgsW
UrlUnescapeW

uxtheme

GetThemeColor
GetThemeInt
SetWindowTheme
BeginBufferedPaint
EndBufferedPaint
BufferedPaintSetAlpha
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect

ole32

CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoInitialize
CoCreateGuid
CoTaskMemAlloc
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SysFreeString
SysAllocStringLen
SysAllocString
OleLoadPicturePath
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeTypeEx
VarDateFromStr
VarBstrFromDate
VarUdateFromDate
VariantClear
SysStringLen
SafeArrayGetDim
SafeArrayGetElemsize
LoadTypeLi
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect

oledlg

OleUIBusyW
OleUIAddVerbMenuW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdiplusShutdown
GdipBitmapLockBits
GdipCreateBitmapFromHICON
GdipImageRotateFlip
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdiplusStartup
GdipCloneImage
GdipDrawRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipAddPathArcI
GdipClosePathFigure
GdipStartPathFigure
GdipResetPath
GdipDeletePath
GdipCreatePath
GdipFree
GdipAlloc
GdipBitmapUnlockBits
GdipDrawPath

winmm

PlaySoundW

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IDM6.42һü/װ̳.txt
IDM6.42һü//IDM_6.4x_Crack_v19.7.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.dosx
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fish
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7cd322a21a166e5f354457c41d1d9fb7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:b4:f1:90:dd:df:d8:4c:e2:fd:14:62:f5:f3:36:a1Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

88:f6:76:02:69:a3:ef:56:b2:29:af:84:87:d9:58:b2:c6:fb:b3:cf:f2:ff:15:a0:ae:06:90:74:c5:21:96:84Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

shell32

kernel32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 6KB - Virtual size: 5KB

5f9dc9a8e05da850629092e4e2c5d8cf

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4fCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4fCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

e2:8a:a5:af:c8:63:43:cf:af:07:df:1f:31:b5:79:77:2e:03:4e:bc:38:a5:a6:40:07:ec:03:52:03:8d:59:c9Signer

6c:0e:da:bf:d3:94:0f:bb:cd:fb:65:da:29:98:82:67:6c:ed:4c:2fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:b4:f1:90:dd:df:d8:4c:e2:fd:14:62:f5:f3:36:a1
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

88:f6:76:02:69:a3:ef:56:b2:29:af:84:87:d9:58:b2:c6:fb:b3:cf:f2:ff:15:a0:ae:06:90:74:c5:21:96:84
Signer

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 6KB - Virtual size: 5KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4f
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

df:0f:fa:00:a5:0c:fa:4e:38:9f:6b:7f:4d:93:2d:4f
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

e2:8a:a5:af:c8:63:43:cf:af:07:df:1f:31:b5:79:77:2e:03:4e:bc:38:a5:a6:40:07:ec:03:52:03:8d:59:c9
Signer

6c:0e:da:bf:d3:94:0f:bb:cd:fb:65:da:29:98:82:67:6c:ed:4c:2f
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 456KB - Virtual size: 456KB

.data
Size: 45KB - Virtual size: 64KB

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

.dosx
Size: - Virtual size: 180KB

.fish
Size: 54KB - Virtual size: 56KB

.rsrc
Size: 4KB - Virtual size: 4KB