00086cf4f35b6fb7f897cfa2f0d5ad9876aa9819cdc87416c798005ce901d3a1

Sharing

Copy URL

Twitter E-mail

General

Target

00086cf4f35b6fb7f897cfa2f0d5ad9876aa9819cdc87416c798005ce901d3a1
Size

98.6MB
MD5

8f72042331c0c359af694ca4db0b5f81
SHA1

c3e9aa463d3a88ea34d3edf3a29754843137c11f
SHA256

00086cf4f35b6fb7f897cfa2f0d5ad9876aa9819cdc87416c798005ce901d3a1
SHA512

d7e145a1c0d2b6f2f94d51f02a5308c3ff54266a5c6addb227c1d1e52232d0e16d870d4f31d3aa929cf79fb39ad3f07ad5ed9d3099bd41682be33accd6d6d6e5
SSDEEP

3145728:R9WmBuj5V9/97h+8ZYqk/t5YVuxflmaKameBjn9NghzrvuN:Qbmtzm8/BhqrvuN

Score

6^/10

pdf evasion

Malware Config

Signatures

Malformed or missing cross-reference table in PDF
Malformed or missing cross-reference tables are often used to evade detection
pdf evasion
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/msimg32.dll

resource
unpack001/msimg32.dll

Files

00086cf4f35b6fb7f897cfa2f0d5ad9876aa9819cdc87416c798005ce901d3a1
.zip
msimg32.dll
.dll windows:4 windows x86 arch:x86

2bd66939bc5174be370f1fba848c7329

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
ExtTextOutW
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetPixelFormat
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers

imm32

ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionStringW
ImmSetCompositionWindow

kernel32

AttachConsole
CancelIo
CloseHandle
CompareStringA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FormatMessageW
FreeLibrary
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSizeEx
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemPowerStatus
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MulDiv
OutputDebugStringW
Process32First
Process32Next
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSemaphore
ResetEvent
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetFilePointerEx
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcatW
lstrlenA
lstrlenW

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
PropVariantClear

oleaut32

SysFreeString

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
SHGetFolderPathW

user32

AdjustWindowRectEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CreateIconFromResource
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EndDialog
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardSequenceNumber
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetUpdateRect
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsRectEmpty
IsWindowVisible
KillTimer
LoadCursorW
LoadIconW
MapVirtualKeyW
OpenClipboard
PeekMessageW
PostMessageW
PostThreadMessageW
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
ReleaseDC
RemovePropW
ScreenToClient
SendMessageW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
WindowFromPoint

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

AlphaBlend
AlphaBlend
GradientFill
GradientFill
GradientFill
GradientFil
GradientFill
AlphaBlend
CreateFontPackag
SDL_AtomicGet
SDL_AtomicGetPtr
SDL_AtomicLock
SDL_AtomicSet
SDL_AtomicSetPtr
SDL_AtomicTryLock
SDL_AtomicUnlock
SDL_AudioInit
SDL_AudioQuit
CreateFontPackage
SDL_AudioStreamClear
SDL_AudioStreamFlush
SDL_AudioStreamGet
SDL_AudioStreamPut
SDL_BuildAudioCVT
SDL_CalculateGammaRamp
SDL_CaptureMouse
SDL_ClearError
SDL_ClearHints
SDL_ClearQueuedAudio
SDL_CloseAudio
SDL_CloseAudioDevice
SDL_ComposeCustomBlendMode
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertPixels
SDL_ConvertSurface
SDL_ConvertSurfaceFormat
SDL_CreateColorCursor
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateRGBSurfaceWithFormat
SDL_CreateRGBSurfaceWithFormatFrom
SDL_CreateRenderer
SDL_CreateSemaphore
SDL_CreateShapedWindow
SDL_CreateSoftwareRenderer
SDL_CreateSystemCursor
SDL_CreateTexture
SDL_CreateTextureFromSurface
SDL_CreateThread
SDL_CreateThreadWithStackSize
SDL_CreateWindow
SDL_CreateWindowAndRenderer
SDL_CreateWindowFrom
SDL_DXGIGetOutputInfo
SDL_DYNAPI_entry
SDL_DelEventWatch
SDL_DelHintCallback
SDL_Delay
SDL_DequeueAudio
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroySemaphore
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DetachThread
SDL_Direct3D9GetAdapterIndex
SDL_DisableScreenSaver
SDL_DuplicateSurface
SDL_EnableScreenSaver
SDL_EnclosePoints
SDL_Error
SDL_EventState
SDL_FillRect
SDL_FillRects
SDL_FilterEvents
SDL_FlushEvent
SDL_FlushEvents
SDL_FreeAudioStream
SDL_FreeCursor
SDL_FreeFormat
SDL_FreePalette
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_GL_BindTexture
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_ExtensionSupported
SDL_GL_GetAttribute
SDL_GL_GetCurrentContext
SDL_GL_GetCurrentWindow
SDL_GL_GetDrawableSize
SDL_GL_GetProcAddress
SDL_GL_GetSwapInterval
SDL_GL_LoadLibrary
SDL_GL_MakeCurrent
SDL_GL_ResetAttributes
SDL_GL_SetAttribute
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GL_UnbindTexture
SDL_GL_UnloadLibrary
SDL_GameControllerAddMapping
SDL_GameControllerAddMappingsFromRW
SDL_GameControllerClose
SDL_GameControllerEventState
SDL_GameControllerFromInstanceID
SDL_GameControllerGetAttached
SDL_GameControllerGetAxis
SDL_GameControllerGetAxisFromString
SDL_GameControllerGetBindForAxis
SDL_GameControllerGetBindForButton
SDL_GameControllerGetButton
SDL_GameControllerGetButtonFromString
SDL_GameControllerGetJoystick
SDL_GameControllerGetPlayerIndex
SDL_GameControllerGetProduct
SDL_GameControllerGetProductVersion
SDL_GameControllerGetStringForAxis
SDL_GameControllerGetStringForButton
SDL_GameControllerGetVendor
SDL_GameControllerMapping
SDL_GameControllerMappingForDeviceIndex
SDL_GameControllerMappingForGUID
SDL_GameControllerMappingForIndex
SDL_GameControllerName
SDL_GameControllerNameForIndex
SDL_GameControllerNumMappings
SDL_GameControllerOpen
SDL_GameControllerRumble
SDL_GameControllerUpdate
SDL_GetAssertionHandler
SDL_GetAssertionReport
SDL_GetAudioDeviceName
SDL_GetAudioDeviceStatus
SDL_GetAudioDriver
SDL_GetAudioStatus
SDL_GetBasePath
SDL_GetCPUCacheLineSize
SDL_GetCPUCount
SDL_GetClipRect
SDL_GetClipboardText
SDL_GetClosestDisplayMode
SDL_GetColorKey
SDL_GetCurrentAudioDriver
SDL_GetCurrentDisplayMode
SDL_GetCurrentVideoDriver
SDL_GetCursor
SDL_GetDefaultAssertionHandler
SDL_GetDefaultCursor
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetDisplayDPI
SDL_GetDisplayMode
SDL_GetDisplayName
SDL_GetDisplayOrientation
SDL_GetDisplayUsableBounds
SDL_GetError
SDL_GetEventFilter
SDL_GetGlobalMouseState
SDL_GetGrabbedWindow
SDL_GetHint
SDL_GetHintBoolean
SDL_GetKeyFromName
SDL_GetKeyFromScancode
SDL_GetKeyName
SDL_GetKeyboardFocus
SDL_GetKeyboardState
SDL_GetMemoryFunctions
SDL_GetModState
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetNumAllocations
SDL_GetNumAudioDevices
SDL_GetNumAudioDrivers
SDL_GetNumDisplayModes
SDL_GetNumRenderDrivers
SDL_GetNumTouchDevices
SDL_GetNumTouchFingers
SDL_GetNumVideoDisplays
SDL_GetNumVideoDrivers
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetPixelFormatName
SDL_GetPlatform
SDL_GetPowerInfo
SDL_GetPrefPath
SDL_GetQueuedAudioSize
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseMode
SDL_GetRelativeMouseState
SDL_GetRenderDrawBlendMode
SDL_GetRenderDrawColor
SDL_GetRenderDriverInfo
SDL_GetRenderTarget
SDL_GetRenderer
SDL_GetRendererInfo
SDL_GetRendererOutputSize
SDL_GetRevision
SDL_GetRevisionNumber
SDL_GetScancodeFromKey
SDL_GetScancodeFromName
SDL_GetScancodeName
SDL_GetShapedWindowMode
SDL_GetSurfaceAlphaMod
SDL_GetSurfaceBlendMode
SDL_GetSurfaceColorMod
SDL_GetSystemRAM
SDL_GetTextureAlphaMod
SDL_GetTextureBlendMode
SDL_GetTextureColorMod
SDL_GetThreadID
SDL_GetThreadName
SDL_GetTicks
SDL_GetTouchDevice
SDL_GetTouchFinger
SDL_GetVersion
SDL_GetVideoDriver
SDL_GetWindowBordersSize
SDL_GetWindowBrightness
SDL_GetWindowData
SDL_GetWindowDisplayIndex
SDL_GetWindowDisplayMode
SDL_GetWindowFlags
SDL_GetWindowFromID
SDL_GetWindowGammaRamp
SDL_GetWindowGrab
SDL_GetWindowID
SDL_GetWindowMaximumSize
SDL_GetWindowMinimumSize
SDL_GetWindowOpacity
SDL_GetWindowPixelFormat
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_GetWindowSurface
SDL_GetWindowTitle
SDL_GetWindowWMInfo
SDL_GetYUVConversionMode
SDL_GetYUVConversionModeForResolution
SDL_HapticClose
SDL_HapticDestroyEffect
SDL_HapticEffectSupported
SDL_HapticGetEffectStatus
SDL_HapticIndex
SDL_HapticName
SDL_HapticNewEffect
SDL_HapticNumAxes
SDL_HapticNumEffects
SDL_HapticNumEffectsPlaying
SDL_HapticOpen
SDL_HapticOpenFromJoystick
SDL_HapticOpenFromMouse
SDL_HapticOpened
SDL_HapticPause
SDL_HapticQuery
SDL_HapticRumbleInit
SDL_HapticRumblePlay
SDL_HapticRumbleStop
SDL_HapticRumbleSupported
SDL_HapticRunEffect
SDL_HapticSetAutocenter
SDL_HapticSetGain
SDL_HapticStopAll
SDL_HapticStopEffect
SDL_HapticUnpause
SDL_HapticUpdateEffect
SDL_Has3DNow
SDL_HasAVX
SDL_HasAVX2
SDL_HasAVX512F
SDL_HasAltiVec
SDL_HasClipboardText
SDL_HasColorKey
SDL_HasEvent
SDL_HasEvents
SDL_HasIntersection
SDL_HasMMX
SDL_HasNEON
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_HasSSE3
SDL_HasSSE41
SDL_HasSSE42
SDL_HasScreenKeyboardSupport
SDL_HideWindow
SDL_Init
SDL_InitSubSystem
SDL_IntersectRect
SDL_IntersectRectAndLine
SDL_IsGameController
SDL_IsScreenKeyboardShown
SDL_IsScreenSaverEnabled
SDL_IsShapedWindow
SDL_IsTablet
SDL_IsTextInputActive
SDL_JoystickClose
SDL_JoystickCurrentPowerLevel
SDL_JoystickEventState
SDL_JoystickFromInstanceID
SDL_JoystickGetAttached
SDL_JoystickGetAxis
SDL_JoystickGetAxisInitialState
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetDeviceGUID
SDL_JoystickGetDeviceInstanceID
SDL_JoystickGetDevicePlayerIndex
SDL_JoystickGetDeviceProduct
SDL_JoystickGetDeviceProductVersion
SDL_JoystickGetDeviceType
SDL_JoystickGetDeviceVendor
SDL_JoystickGetGUID
SDL_JoystickGetGUIDFromString
SDL_JoystickGetGUIDString
SDL_JoystickGetHat
SDL_JoystickGetPlayerIndex
SDL_JoystickGetProduct
SDL_JoystickGetProductVersion
SDL_JoystickGetType
SDL_JoystickGetVendor
SDL_JoystickInstanceID
SDL_JoystickIsHaptic
SDL_JoystickName
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickRumble
SDL_JoystickUpdate
SDL_LoadBMP_RW
SDL_LoadDollarTemplates
SDL_LoadFile_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockAudioDevice
SDL_LockJoysticks
SDL_LockMutex
SDL_LockSurface
SDL_LockTexture
SDL_Log
SDL_LogCritical
SDL_LogDebug
SDL_LogError
SDL_LogGetOutputFunction
SDL_LogGetPriority
SDL_LogInfo
SDL_LogMessage
SDL_LogMessageV
SDL_LogResetPriorities
SDL_LogSetAllPriority
SDL_LogSetOutputFunction
SDL_LogSetPriority
SDL_LogVerbose
SDL_LogWarn
SDL_LowerBlit
SDL_LowerBlitScaled
SDL_MapRGB
SDL_MapRGBA
SDL_MasksToPixelFormatEnum
SDL_MaximizeWindow
SDL_MemoryBarrierAcquireFunction
SDL_MemoryBarrierReleaseFunction
SDL_MinimizeWindow
SDL_MixAudio
SDL_MixAudioFormat
SDL_MouseIsHaptic
SDL_NewAudioStream
SDL_NumHaptics
SDL_NumJoysticks
SDL_NumSensors
SDL_OpenAudio
SDL_OpenAudioDevice
SDL_PauseAudio
SDL_PauseAudioDevice
SDL_PeepEvents
SDL_PixelFormatEnumToMasks
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_QueryTexture
SDL_QueueAudio
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_RaiseWindow
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_ReadU8
SDL_RecordGesture
SDL_RegisterApp
SDL_RegisterEvents
SDL_RemoveTimer
SDL_RenderClear
SDL_RenderCopy
SDL_RenderCopyEx
SDL_RenderDrawLine
SDL_RenderDrawLines
SDL_RenderDrawPoint
SDL_RenderDrawPoints
SDL_RenderDrawRect
SDL_RenderDrawRects
SDL_RenderFillRect
SDL_RenderFillRects
SDL_RenderGetClipRect
SDL_RenderGetD3D9Device
SDL_RenderGetIntegerScale
SDL_RenderGetLogicalSize
SDL_RenderGetMetalCommandEncoder
SDL_RenderGetMetalLayer
SDL_RenderGetScale
SDL_RenderGetViewport
SDL_RenderIsClipEnabled
SDL_RenderPresent
SDL_RenderReadPixels
SDL_RenderSetClipRect
SDL_RenderSetIntegerScale
SDL_RenderSetLogicalSize
SDL_RenderSetScale
SDL_RenderSetViewport
SDL_RenderTargetSupported
SDL_ReportAssertion
SDL_ResetAssertionReport
SDL_RestoreWindow
SDL_SaveAllDollarTemplates
SDL_SaveBMP_RW
SDL_SaveDollarTemplate
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SensorClose
SDL_SensorFromInstanceID
SDL_SensorGetData
SDL_SensorGetDeviceInstanceID
SDL_SensorGetDeviceName
SDL_SensorGetDeviceNonPortableType
SDL_SensorGetDeviceType
SDL_SensorGetInstanceID
SDL_SensorGetName
SDL_SensorGetNonPortableType
SDL_SensorGetType
SDL_SensorOpen
SDL_SensorUpdate
SDL_SetAssertionHandler
SDL_SetClipRect
SDL_SetClipboardText
SDL_SetColorKey
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetHint
SDL_SetHintWithPriority
SDL_SetMainReady
SDL_SetMemoryFunctions
SDL_SetModState
SDL_SetPaletteColors
SDL_SetPixelFormatPalette
SDL_SetRelativeMouseMode
SDL_SetRenderDrawBlendMode
SDL_SetRenderDrawColor
SDL_SetRenderTarget
SDL_SetSurfaceAlphaMod
SDL_SetSurfaceBlendMode
SDL_SetSurfaceColorMod
SDL_SetSurfacePalette
SDL_SetSurfaceRLE
SDL_SetTextInputRect
SDL_SetTextureAlphaMod
SDL_SetTextureBlendMode
SDL_SetTextureColorMod
SDL_SetThreadPriority
SDL_SetWindowBordered
SDL_SetWindowBrightness
SDL_SetWindowData
SDL_SetWindowDisplayMode
SDL_SetWindowFullscreen
SDL_SetWindowGammaRamp
SDL_SetWindowGrab

Sections

.text
Size: 834KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 876KB - Virtual size: 875KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
rename_me2.renameextension
.pdf
저작권 침해 이미지 및 비디오 - Yulchon LLC.exe
.exe windows:5 windows x86 arch:x86

f62b90e31eca404f228fcf7068b00f31

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

67:02:a2:08:e9:20:e6:6c:51:a9:e1:54
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

10-03-2023 13:04

Not After

10-03-2026 13:04

Subject

CN=ICECREAM APPS LTD,O=ICECREAM APPS LTD,L=Limassol,ST=Limassol District,C=CY,1.2.840.113549.1.9.1=#0c1661646d696e40696365637265616d617070732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1c:c7:9a:62:a8:2e:9a:5b:7e:36:66:82:0a:c3:bb:0c:f8:ec:05:f1:87:f9:77:d0:c8:dc:a1:ef:f5:1d:37:87
Signer

Actual PE Digest

1c:c7:9a:62:a8:2e:9a:5b:7e:36:66:82:0a:c3:bb:0c:f8:ec:05:f1:87:f9:77:d0:c8:dc:a1:ef:f5:1d:37:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
RegisterTypeLib
LoadTypeLib
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
WaitForInputIdle
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageTimeoutW
SendMessageA
SendMessageW
ScrollWindowEx
ScrollWindow
ScreenToClient
ReplyMessage
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
OemToCharBuffA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
AppendMenuW
CharToOemBuffA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrcpyW
lstrcmpW
WriteProfileStringW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
TransactNamedPipe
TerminateProcess
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetNamedPipeHandleState
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
QueryPerformanceCounter
OpenProcess
OpenMutexW
MultiByteToWideChar
MulDiv
MoveFileExW
MoveFileW
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExW
LoadLibraryW
LeaveCriticalSection
IsDBCSLeadByte
IsBadWritePtr
InitializeCriticalSection
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetShortPathNameW
GetProfileStringW
GetProcAddress
GetPrivateProfileStringW
GetOverlappedResult
GetModuleHandleW
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetComputerNameW
GetCommandLineW
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
EnumCalendarInfoW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateNamedPipeW
CreateMutexW
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RoundRect
RestoreDC
RemoveFontResourceW
Rectangle
RectVisible
RealizePalette
Polyline
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
LineDDA
IntersectClipRect
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
Chord
BitBlt
Arc
AddFontResourceW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetOpenEnumW
WNetGetUniversalNameW
WNetGetConnectionW
WNetEnumResourceW
WNetCloseEnum

comctl32

InitCommonControls
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
IsEqualGUID
CoDisconnectObject

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

Sections

.text
Size: 1016KB - Virtual size: 1016KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bd66939bc5174be370f1fba848c7329

Headers

File Characteristics

Imports

advapi32

gdi32

imm32

kernel32

ole32

oleaut32

shell32

user32

version

winmm

Exports

Exports

Sections

.text Size: 834KB - Virtual size: 836KB

.data Size: 12KB - Virtual size: 16KB

.rdata Size: 153KB - Virtual size: 156KB

.bss Size: 12KB - Virtual size: 12KB

.edata Size: 19KB - Virtual size: 20KB

.idata Size: 9KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 876KB - Virtual size: 875KB

f62b90e31eca404f228fcf7068b00f31

Code Sign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

67:02:a2:08:e9:20:e6:6c:51:a9:e1:54Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

1c:c7:9a:62:a8:2e:9a:5b:7e:36:66:82:0a:c3:bb:0c:f8:ec:05:f1:87:f9:77:d0:c8:dc:a1:ef:f5:1d:37:87Signer

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

mpr

comctl32

ole32

shell32

comdlg32

Sections

.text Size: 1016KB - Virtual size: 1016KB

.itext Size: 6KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 12KB

.bss Size: - Virtual size: 24KB

.idata Size: 14KB - Virtual size: 14KB

.tls Size: - Virtual size: 60B

.rdata Size: 512B - Virtual size: 24B

.rsrc Size: 215KB - Virtual size: 215KB

.text
Size: 834KB - Virtual size: 836KB

.data
Size: 12KB - Virtual size: 16KB

.rdata
Size: 153KB - Virtual size: 156KB

.bss
Size: 12KB - Virtual size: 12KB

.edata
Size: 19KB - Virtual size: 20KB

.idata
Size: 9KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 876KB - Virtual size: 875KB

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

67:02:a2:08:e9:20:e6:6c:51:a9:e1:54
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

1c:c7:9a:62:a8:2e:9a:5b:7e:36:66:82:0a:c3:bb:0c:f8:ec:05:f1:87:f9:77:d0:c8:dc:a1:ef:f5:1d:37:87
Signer

.text
Size: 1016KB - Virtual size: 1016KB

.itext
Size: 6KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 12KB

.bss
Size: - Virtual size: 24KB

.idata
Size: 14KB - Virtual size: 14KB

.tls
Size: - Virtual size: 60B

.rdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 215KB - Virtual size: 215KB