2024-12-11_9369bc01a1e2ea011a03c4cafe07ff43_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-11_9369bc01a1e2ea011a03c4cafe07ff43_floxif_mafia
Size

2.7MB
MD5

9369bc01a1e2ea011a03c4cafe07ff43
SHA1

5442ca6feaf0d95d578f7a44c17243fd3d68bc49
SHA256

19c2ed6ca8ebf903d833148b97bff36191c6ceaaafb4f165980a5b26590cb5d0
SHA512

b75fa13a8dc9a966d0038345fd6e593d3a90181bf215d904269629da444d70ac833081d3acdf7d19b99319c7a7d0089ac48cb571b57933def81ad2c983d4f1f7
SSDEEP

49152:Zjk1Qb8pVW6FmfwPyXqf/9DqpwkAbtKSaJ/wS8eYxjCHEcbQrftrJK7DTjvoTbJC:aQb2Fm2yUtqpwkAbtKSaJISvYvcbSft2

Score

1^/10

Malware Config

Signatures

Files

2024-12-11_9369bc01a1e2ea011a03c4cafe07ff43_floxif_mafia
.exe windows:5 windows x86 arch:x86

78aa02ec155a2e6ca588a395b5954a68

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7a:2a:56:f9:33:21:38:54:32:af:a3:2d:2c:6c:5b:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

16-12-2009 00:00

Not After

15-12-2012 23:59

Subject

CN=Dell Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=WHQL,O=Dell Inc,L=Round Rock,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:b4:ec:86:28:bb:b4:35:5e:16:79:bd:07:16:99:29:4c:bf:2a:91
Signer

Actual PE Digest

5b:b4:ec:86:28:bb:b4:35:5e:16:79:bd:07:16:99:29:4c:bf:2a:91

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathIsUNCW
PathIsDirectoryW
PathRemoveFileSpecW

imm32

ImmDisableIME
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

ws2_32

getservbyport
WSAGetLastError
inet_addr
ntohs
WSASetLastError
closesocket
select
gethostbyaddr
recv
getsockopt
__WSAFDIsSet
connect
ioctlsocket
socket
WSAStartup
listen
bind
getsockname
htons
getservbyname
htonl
inet_ntoa
send
gethostbyname

kernel32

GetFileSize
GetVolumeInformationW
GetFullPathNameW
GetTempFileNameW
GetTempPathW
GetNumberFormatW
SetErrorMode
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
GetTickCount
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatW
GetDateFormatW
EncodePointer
DecodePointer
HeapFree
HeapAlloc
HeapReAlloc
GetFileType
GetConsoleCP
GetConsoleMode
GetDriveTypeA
FindFirstFileExA
FindFirstFileExW
ExitThread
CreateThread
RaiseException
ExitProcess
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
SetEndOfFile
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetProcessHeap
WriteConsoleW
GetFullPathNameA
PeekNamedPipe
CreateFileA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
IsBadWritePtr
CloseHandle
GetLastError
MultiByteToWideChar
ReadFile
CreateFileW
GetDriveTypeW
CopyFileW
GetPrivateProfileIntW
CreateDirectoryW
LoadLibraryW
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
CompareFileTime
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
lstrcpyW
GlobalFlags
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
SetLastError
WriteFile
SetFilePointerEx
GetFileInformationByHandle
GetFileSizeEx
FormatMessageW
FileTimeToSystemTime
GetThreadLocale
lstrlenA
TlsFree
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
ResumeThread
SetThreadPriority
lstrcmpA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
FreeResource
GlobalFindAtomW
GlobalDeleteAtom
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
lstrcmpW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalGetAtomNameW
GlobalAddAtomW
ActivateActCtx
DeactivateActCtx
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MulDiv
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
TlsGetValue
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsSetValue
InterlockedIncrement
TlsAlloc
Sleep
InterlockedCompareExchange
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
SetFileAttributesW
SetCurrentDirectoryW
GetCurrentDirectoryW
TerminateProcess

user32

EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
RegisterClipboardFormatW
CreateDialogIndirectParamW
EndDialog
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetWindowRgn
IsZoomed
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableW
CharNextW
CharUpperW
WaitMessage
WindowFromPoint
SetCapture
UnregisterClassW
UnionRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
SetLayeredWindowAttributes
EnumDisplayMonitors
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
RealChildWindowFromPoint
ClientToScreen
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
PostQuitMessage
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
GetClientRect
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetWindowRect
GetParent
GetWindowThreadProcessId
SetTimer
KillTimer
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
PtInRect
UnhookWindowsHookEx
GetClassNameW
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
LoadImageW
DestroyIcon
SetFocus
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongW
GetDlgCtrlID
GetKeyState
SetCursor
PeekMessageW
GetCapture
ReleaseCapture
LoadAcceleratorsW
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
PostMessageW
SetMenu
GetDesktopWindow
SendMessageW
LoadIconW
UpdateWindow
MessageBoxW
LoadStringW
GetWindowTextLengthW
GetWindowTextW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
TranslateAcceleratorW
EnableWindow
IsWindow
GetWindowLongW
ShowWindow
GetWindow
CopyImage

gdi32

GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetTextAlign
CombineRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetMapMode
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateFontIndirectW
DeleteObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCW
CopyMetaFileW
SetRectRgn
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

IsTextUnicode
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegFlushKey
RegOpenKeyW
RegQueryValueExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
ShellExecuteExW

comctl32

ImageList_GetIconSize

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoUninitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject

oleaut32

VariantTimeToSystemTime
OleCreateFontIndirect
VarBstrFromDate
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
VariantCopy
SystemTimeToVariantTime
SafeArrayDestroy

oledlg

OleUIBusyW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

winmm

PlaySoundW

Exports

Exports

??0AttributeList@@QAE@ABV0@@Z
??0AttributeList@@QAE@XZ
??0CSTXmlSAXHandler@@QAE@ABV0@@Z
??0CSTXmlSAXHandler@@QAE@XZ
??0CSTXml_Origin@@QAE@AAV0@@Z
??0CSTXml_Origin@@QAE@XZ
??0ElementList@@QAE@ABV0@@Z
??0ElementList@@QAE@XZ
??1AttributeList@@UAE@XZ
??1CSTXmlSAXHandler@@UAE@XZ
??1CSTXml_Origin@@UAE@XZ
??1ElementList@@UAE@XZ
??4AttributeList@@QAEAAV0@ABV0@@Z
??4CSTXmlSAXHandler@@QAEAAV0@ABV0@@Z
??4CSTXml_Origin@@QAEAAV0@AAV0@@Z
??4ElementList@@QAEAAV0@ABV0@@Z
??AAttributeList@@QBEABUAttribute@@I@Z
??AElementList@@QBEABU_element@@I@Z
??_7AttributeList@@6B@
??_7CSTXmlSAXHandler@@6B@
??_7CSTXml_Origin@@6B@
??_7ElementList@@6B@
?Add@AttributeList@@QAEHPAUAttribute@@@Z
?Add@ElementList@@QAEHPAU_element@@@Z
?AddAttribute@CSTXml_Origin@@UAEHPB_W00H@Z
?AddAttribute@CSTXml_Origin@@UAEHPB_W00KH@Z
?AddElement@CSTXml_Origin@@UAEHPB_W0H@Z
?AddElement@CSTXml_Origin@@UAEHPB_W0KH@Z
?Close@CSTXml_Origin@@UAEXXZ
?CreateXMLFile@CSTXml_Origin@@UAEHPB_WK0@Z
?DeleteAttribute@CSTXml_Origin@@UAEHPB_W0H@Z
?DeleteAttribute@CSTXml_Origin@@UAEHPB_W0KH@Z
?DeleteElement@CSTXml_Origin@@UAEHPB_WH@Z
?DeleteElement@CSTXml_Origin@@UAEHPB_WKH@Z
?FindNode@CSTXml_Origin@@IAEHVCSTString@@AAPAU_xmlNode@@@Z
?FindNode@CSTXml_Origin@@IAEHVCSTString@@AAPAU_xmlNode@@K@Z
?FindNode@CSTXml_Origin@@IAEHVCSTString@@PAU_xmlNode@@AAPAU3@@Z
?FindNode@CSTXml_Origin@@IAEHVCSTString@@PAU_xmlNode@@AAPAU3@K@Z
?GetAt@AttributeList@@QAEPAUAttribute@@I@Z
?GetAt@ElementList@@QAEPAU_element@@I@Z
?GetElementText@CSTXml_Origin@@UAEHPB_WAAVCSTString@@@Z
?GetElementText@CSTXml_Origin@@UAEHPB_WAAVCSTString@@K@Z
?GetNode@CSTXml_Origin@@IAEHVCSTString@@KAAPAU_xmlNode@@@Z
?GetRoot@CSTXml_Origin@@IAEHAAPAU_xmlNode@@@Z
?GetRoot@CSTXml_Origin@@UAEHAAVCSTString@@@Z
?GetSTXmlInterface@@YAPAViCSTXml@@XZ
?OpenFile@CSTXml_Origin@@UAEHPB_W0H@Z
?OpenFile@CSTXml_Origin@@UAEHPB_W@Z
?OpenFile@CSTXml_Origin@@UAEHPB_WPAVCSTXmlSAXHandler@@@Z
?ParseMemory@CSTXml_Origin@@UAEHPA_WH@Z
?ParseMemory@CSTXml_Origin@@UAEHPA_WHPAVCSTXmlSAXHandler@@@Z
?ReadAttribut@CSTXml_Origin@@UAEHVCSTString@@0AAV2@@Z
?ReadAttribut@CSTXml_Origin@@UAEHVCSTString@@0AAV2@K@Z
?ReadAttributeList@CSTXml_Origin@@UAEHVCSTString@@AAVAttributeList@@@Z
?ReadAttributeList@CSTXml_Origin@@UAEHVCSTString@@AAVAttributeList@@K@Z
?ReadElementList@CSTXml_Origin@@UAEHVCSTString@@AAVElementList@@@Z
?ReadElementList@CSTXml_Origin@@UAEHVCSTString@@AAVElementList@@K@Z
?Release@CSTXml_Origin@@UAEXXZ
?ReleaseList@CSTXml_Origin@@UAEXAAVElementList@@@Z
?RemoveAll@AttributeList@@QAEXXZ
?RemoveAll@ElementList@@QAEXXZ
?RenameAttribute@CSTXml_Origin@@UAEHPB_W00H@Z
?RenameAttribute@CSTXml_Origin@@UAEHPB_W00KH@Z
?RenameElement@CSTXml_Origin@@UAEHPB_W0H@Z
?RenameElement@CSTXml_Origin@@UAEHPB_W0KH@Z
?Save@CSTXml_Origin@@UAEHXZ
?SaveAs@CSTXml_Origin@@UAEHPB_W@Z
?SetAttributeValue@CSTXml_Origin@@UAEHPB_W00H@Z
?SetAttributeValue@CSTXml_Origin@@UAEHPB_W00KH@Z
?SetElementText@CSTXml_Origin@@UAEHPB_W0H@Z
?SetElementText@CSTXml_Origin@@UAEHPB_W0KH@Z
?Size@AttributeList@@QAEIXZ
?Size@ElementList@@QAEIXZ
?ToAnsi@CSTXml_Origin@@IAEPADPA_WPAD@Z
?ValidXmlByDTD@CSTXml_Origin@@UAEHPB_W@Z
?ValidXmlByXSD@CSTXml_Origin@@UAEHPB_W@Z
?XPath@CSTXml_Origin@@UAEHPB_WAAUXpathResult@@@Z
?xmlCharToString@CSTXml_Origin@@KAXPBEAAVCSTString@@@Z

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78aa02ec155a2e6ca588a395b5954a68

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

7a:2a:56:f9:33:21:38:54:32:af:a3:2d:2c:6c:5b:b8Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

5b:b4:ec:86:28:bb:b4:35:5e:16:79:bd:07:16:99:29:4c:bf:2a:91Signer

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

imm32

ws2_32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oledlg

oleacc

gdiplus

winmm

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 476KB - Virtual size: 476KB

.data Size: 32KB - Virtual size: 66KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 215KB - Virtual size: 215KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

7a:2a:56:f9:33:21:38:54:32:af:a3:2d:2c:6c:5b:b8
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

5b:b4:ec:86:28:bb:b4:35:5e:16:79:bd:07:16:99:29:4c:bf:2a:91
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 476KB - Virtual size: 476KB

.data
Size: 32KB - Virtual size: 66KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 215KB - Virtual size: 215KB