2025-02-02_1c3dfdaf27b2b912569fea3d4d3f960b_floxif_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-02_1c3dfdaf27b2b912569fea3d4d3f960b_floxif_mafia
Size

9.2MB
MD5

1c3dfdaf27b2b912569fea3d4d3f960b
SHA1

faa47d1aefd8e0455fca2e6f53e41ce54606900d
SHA256

24c99b234f09e315abf207df7ee9749214d30650e6f19ca8992817e5281cb7e0
SHA512

1b149b123a44d2a6611e5d1f2cb7ece538660a6d147700141f58cb8bf8723bbca195c9b4a1ceefb08788110e7b3081c9e45d4135b6124a68f2f4077a5b7f9b8b
SSDEEP

196608:9DQOby+crT+9r1/teOwo4cykm6NK6Is1tBU:RDbyvrTQVteOw96TIN

Score

1^/10

Malware Config

Signatures

Files

2025-02-02_1c3dfdaf27b2b912569fea3d4d3f960b_floxif_mafia
.exe windows:5 windows x86 arch:x86

eaa092a4580f78898eeb84592fe4de3f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:01
Certificate

Issuer

OU=Starfield Class 2 Certification Authority,O=Starfield Technologies\, Inc.,C=US

Not Before

16/11/2006, 01:15

Not After

16/11/2026, 01:15

Subject

SERIALNUMBER=10688435,CN=Starfield Secure Certification Authority,OU=http://certificates.starfieldtech.com/repository,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:43:0e:53:29:6b:f1
Certificate

Issuer

SERIALNUMBER=10688435,CN=Starfield Secure Certification Authority,OU=http://certificates.starfieldtech.com/repository,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2013, 07:56

Not After

03/05/2016, 20:33

Subject

CN=Foxit Corporation,O=Foxit Corporation,L=Fremont,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:16:3a:c6:75:20:34:9d:93:19:7e:6d:8a:77:d9:5b:8d:01:a8:7e
Signer

Actual PE Digest

3d:16:3a:c6:75:20:34:9d:93:19:7e:6d:8a:77:d9:5b:8d:01:a8:7e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\lwj\products\TempFiles\Updater_Release\Foxit_Updater.pdb

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateProcessA
CreateFileA
SetCurrentDirectoryW
GetDriveTypeW
GetFullPathNameA
SetEnvironmentVariableA
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GetModuleFileNameW
GetTimeZoneInformation
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcmpW
GetModuleHandleW
GetLocaleInfoA
WideCharToMultiByte
lstrlenW
GetSystemDirectoryA
GetVersionExA
GetVersion
RemoveDirectoryW
DeleteFileW
CreateSemaphoreA
InterlockedCompareExchange
TryEnterCriticalSection
WaitForMultipleObjects
GetThreadPriority
MoveFileA
CopyFileA
DeleteFileA
SetFilePointerEx
InterlockedExchangeAdd
SleepEx
GetSystemTime
FindNextFileA
FindFirstFileA
GetModuleFileNameA
SetConsoleCtrlHandler
GetFileAttributesA
GetLastError
GetConsoleMode
CopyFileW
CreateDirectoryW
GetTempPathW
ReleaseMutex
WaitForSingleObject
Sleep
SetLastError
CreateMutexW
ResumeThread
SuspendThread
CreateEventW
CloseHandle
SetEvent
GetExitCodeThread
GetTickCount
lstrcpyW
WinExec
lstrcatW
CreateThread
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
TerminateThread
GetShortPathNameW
GetCurrentThreadId
GetCurrentProcess
GetProcAddress
FindClose
SetFileAttributesW
FindFirstFileW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetTempFileNameW
GetPrivateProfileStringW
GetACP
GetExitCodeProcess
GetVersionExW
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpynW
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
CreateProcessW
LoadLibraryA
GetSystemDirectoryW
GlobalAlloc
OutputDebugStringW
LocalFree
GetFileSize
CreateFileW
ReadFile
LocalAlloc
MulDiv
FormatMessageW
GlobalUnlock
GlobalLock
GlobalSize
GlobalFree
lstrcmpA
lstrlenA
SetThreadPriority
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
InterlockedExchange
LoadLibraryExW
GetLocaleInfoW
CompareStringA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntW
WritePrivateProfileStringW
FindNextFileW
GetStringTypeExW
GetThreadLocale
lstrcmpiW
MoveFileW
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetCurrentProcessId
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GlobalGetAtomNameW
GetAtomNameW
SystemTimeToFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetFileTime
GlobalFlags
GetCurrentDirectoryW
SetErrorMode
GetNumberFormatW
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
FindResourceExW
LocalUnlock
LocalLock
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
HeapFree
EncodePointer
DecodePointer
HeapAlloc
ExitProcess
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
HeapSize
HeapQueryInformation
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapDestroy
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
FatalAppExitA
GetConsoleCP

user32

SetTimer
DeleteMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
RealChildWindowFromPoint
UnregisterClassW
GetSysColorBrush
IntersectRect
MapVirtualKeyW
GetKeyNameTextW
DestroyMenu
CharUpperW
GetSystemMetrics
WindowFromPoint
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
PostQuitMessage
IsWindowEnabled
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
KillTimer
GetMessageTime
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExW
DrawFocusRect
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CopyRect
GetWindow
LoadAcceleratorsW
CreateAcceleratorTableW
SetCursorPos
FindWindowW
MessageBoxW
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
ValidateRect
GetMenuState
AppendMenuW
GetMenuItemID
InsertMenuW
RemoveMenu
SetFocus
DestroyCursor
SetDlgItemTextW
EnumChildWindows
WaitMessage
GetDialogBaseUnits
IsIconic
DestroyIcon
CharNextW
OffsetRect
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
GetDlgCtrlID
SetWindowTextW
SetWindowPos
GetMenuItemCount
wsprintfW
GetMenuItemInfoW
SetMenuItemInfoW
ScreenToClient
LoadBitmapW
GetForegroundWindow
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongW
DrawStateW
DrawIconEx
DrawEdge
DestroyWindow
DrawFrameControl
IsWindow
GetClassInfoW
SendMessageW
SetForegroundWindow
PtInRect
InflateRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
InvalidateRect
BringWindowToTop
RedrawWindow
SetCapture
GetParent
EnableWindow
ReleaseCapture
SetCursor
GetSysColor
CopyIcon
LoadCursorW
SetWindowLongW
MessageBeep
EnableMenuItem
GetSystemMenu
UpdateWindow
SetActiveWindow
LoadIconW
GetCursorPos
PostMessageW
GetMenuStringW
GetSubMenu
LoadMenuW
SystemParametersInfoW
GetMessagePos
AttachThreadInput
GetWindowThreadProcessId
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
LoadImageW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
DefFrameProcW
GetTabbedTextExtentW
GetDCEx
GetWindowRgn
WindowFromDC
DrawIcon
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
CharUpperBuffW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
SendNotifyMessageW
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
InSendMessage
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
GetClassInfoExW
DefMDIChildProcW

gdi32

CreateFontIndirectA
EnumFontFamiliesExA
GetFontData
GetTextFaceA
GetTextMetricsA
SetDIBitsToDevice
EndPath
CloseFigure
BeginPath
FillPath
StrokePath
StrokeAndFillPath
SetMiterLimit
WidenPath
ExtEscape
CreateFontA
GetObjectA
CreateFontW
SetPixelV
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetTextFaceW
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExW
Rectangle
RoundRect
SetPixel
GetDIBits
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetCurrentObject
StretchDIBits
GetCharWidthW
GetRgnBox
GetTextColor
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateDIBitmap
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
PatBlt
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetDeviceCaps
StretchBlt
BitBlt
GetBkColor
CreateCompatibleDC
CreateRectRgnIndirect
CreateCompatibleBitmap
GetRegionData
SelectObject
DeleteObject
GetTextExtentPoint32W
GetStockObject
GetObjectW
CreateFontIndirectW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueW
SetFileSecurityW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyW
RegEnumKeyW
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetFileSecurityW

shell32

SHAppBarMessage
ShellExecuteW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHBrowseForFolderW
SHGetMalloc
ShellExecuteExW
DragQueryFileW
DragFinish
SHGetDesktopFolder

comctl32

ImageList_Remove
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DrawEx
ImageList_GetImageCount

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFileExistsW
PathIsUNCW

ole32

OleIsCurrentClipboard
OleGetIconOfClass
CreateOleAdviseHolder
GetRunningObjectTable
OleSetClipboard
CreateStreamOnHGlobal
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleFlushClipboard
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
PropVariantCopy
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
DoDragDrop
CoGetMalloc
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
CreateItemMoniker
CreateGenericComposite
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
StringFromGUID2
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleRegEnumVerbs
CreateDataAdviseHolder
OleRegGetMiscStatus
CoTreatAsClass

oleaut32

SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayGetUBound
SafeArrayDestroyData
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
SafeArrayDestroy
RegisterTypeLi
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SafeArrayDestroyDescriptor
SysAllocString
SysStringByteLen

oledlg

OleUIBusyW

wininet

FtpRemoveDirectoryW
FtpRenameFileW
FtpDeleteFileW
InternetQueryDataAvailable
InternetGetCookieW
InternetOpenUrlW
GopherOpenFileW
FtpFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpOpenFileW
GopherGetAttributeW
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
InternetErrorDlg
FtpGetFileW
FtpPutFileW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpCreateDirectoryW
InternetSetCookieW
InternetAttemptConnect
InternetConnectW
InternetOpenW
InternetCloseHandle
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW

winhttp

WinHttpCloseHandle
WinHttpOpen
WinHttpSetTimeouts
WinHttpConnect
WinHttpOpenRequest
WinHttpSetOption
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpReadData
WinHttpCrackUrl

netapi32

Netbios

dbghelp

MakeSureDirectoryPathExists

iphlpapi

GetNetworkParams
GetAdaptersInfo

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImageI
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageHeight
GdipGetImageWidth

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaa092a4580f78898eeb84592fe4de3f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

02:01Certificate

Key Usages

04:43:0e:53:29:6b:f1Certificate

Extended Key Usages

Key Usages

3d:16:3a:c6:75:20:34:9d:93:19:7e:6d:8a:77:d9:5b:8d:01:a8:7eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

wininet

winhttp

netapi32

dbghelp

iphlpapi

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 75KB - Virtual size: 177KB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.reloc Size: 247KB - Virtual size: 247KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

02:01
Certificate

04:43:0e:53:29:6b:f1
Certificate

3d:16:3a:c6:75:20:34:9d:93:19:7e:6d:8a:77:d9:5b:8d:01:a8:7e
Signer

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 75KB - Virtual size: 177KB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

.reloc
Size: 247KB - Virtual size: 247KB