General

Malware Config

Signatures

Files

• ce6acf274744f0f200528105f3beead449d07197eb1e66b43a2616168e0b4d8d

  .exe windows x86

  458d2a592c94b71c0c6ad375a805c571

  
  

  Code Sign

  0a:2f:24:ce:a2:95:72:c8:ae:5c:ea:d1:c8:1a:a8:f2

  Certificate

  Issuer

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  14-10-2019 00:00

  Not After

  16-09-2020 12:00

  Subject

  SERIALNUMBER=7613356,CN=NIRMAL 0013 LIMITED,O=NIRMAL 0013 LIMITED,L=Porirua,C=NZ,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024e5a

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  18-04-2012 12:00

  Not After

  18-04-2027 12:00

  Subject

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  5e:7e:91:6d:b5:41:4c:3d:f4:bb:ce:25:0c:ff:65:db:eb:35:a9:6a

  Signer

  Actual PE Digest

  5e:7e:91:6d:b5:41:4c:3d:f4:bb:ce:25:0c:ff:65:db:eb:35:a9:6a

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  SERIALNUMBER=7613356,CN=NIRMAL 0013 LIMITED,O=NIRMAL 0013 LIMITED,L=Porirua,C=NZ,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024e5a

  27-01-2022 16:14

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  crypt32

  CertOpenStore

  kernel32

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  Sleep

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  GetACP

  GetTimeZoneInformation

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetEnvironmentVariableA

  InterlockedExchange

  GetStdHandle

  MultiByteToWideChar

  WideCharToMultiByte

  GetLastError

  GetVersion

  lstrlenW

  CompareStringA

  CompareStringW

  lstrcmpiA

  lstrlenA

  GetStringTypeExA

  MulDiv

  GlobalFree

  GlobalUnlock

  GlobalLock

  SizeofResource

  LockResource

  LoadResource

  FindResourceA

  SetLastError

  LocalFree

  FormatMessageA

  GlobalAlloc

  GlobalSize

  CopyFileA

  GetProcAddress

  GetModuleHandleA

  FreeResource

  LoadLibraryA

  GlobalAddAtomA

  GlobalGetAtomNameA

  GetCurrentProcessId

  GetVersionExA

  lstrcmpW

  HeapCreate

  HeapDestroy

  VirtualFree

  HeapSize

  ExitProcess

  GetStartupInfoA

  GetProcessHeap

  GetCommandLineA

  VirtualAlloc

  RaiseException

  HeapReAlloc

  RtlUnwind

  HeapFree

  HeapAlloc

  SetErrorMode

  GetCurrentDirectoryA

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  GetPrivateProfileIntA

  SystemTimeToFileTime

  LocalFileTimeToFileTime

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  CreateFileA

  GetShortPathNameA

  GetVolumeInformationA

  FindFirstFileA

  FindClose

  GetCurrentProcess

  DuplicateHandle

  GetThreadLocale

  GetFileSize

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  WriteFile

  ReadFile

  DeleteFileA

  MoveFileA

  GetOEMCP

  GetCPInfo

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalAlloc

  GlobalFlags

  GlobalReAlloc

  GetCurrentThread

  ConvertDefaultLocale

  EnumResourceLanguagesA

  GetLocaleInfoA

  GetTickCount

  GetProfileIntA

  CloseHandle

  GetModuleFileNameW

  GetModuleFileNameA

  GetDiskFreeSpaceA

  GetFullPathNameA

  GetTempFileNameA

  GetFileTime

  SetFileTime

  GetFileAttributesA

  lstrcmpA

  InterlockedIncrement

  InterlockedDecrement

  GetCurrentThreadId

  GlobalFindAtomA

  GlobalDeleteAtom

  FreeLibrary

  user32

  LockWindowUpdate

  UnregisterClassA

  CreateMenu

  WaitMessage

  PostThreadMessageA

  GetTabbedTextExtentA

  DestroyIcon

  SetRect

  CreateDialogIndirectParamA

  GetNextDlgTabItem

  EndDialog

  GetMenuItemInfoA

  GetMessageA

  TranslateMessage

  ValidateRect

  GetCursorPos

  LoadCursorA

  SetCapture

  KillTimer

  SetTimer

  SetWindowRgn

  DrawIcon

  FindWindowA

  InSendMessage

  IsDialogMessageA

  SetDlgItemTextA

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  LoadBitmapA

  ModifyMenuA

  EnableMenuItem

  CheckMenuItem

  SendDlgItemMessageA

  IsChild

  SetWindowsHookExA

  CallNextHookEx

  GetClassLongA

  SetPropA

  GetPropA

  RemovePropA

  GetWindowTextLengthA

  GetWindowTextA

  GetForegroundWindow

  DispatchMessageA

  GetTopWindow

  DestroyWindow

  UnhookWindowsHookEx

  GetMessageTime

  GetMessagePos

  MapWindowPoints

  ScrollWindow

  TrackPopupMenu

  SetScrollRange

  GetScrollRange

  SetScrollPos

  GetScrollPos

  SetForegroundWindow

  ShowScrollBar

  MessageBoxA

  GetClassInfoExA

  RegisterClassA

  GetScrollInfo

  SetScrollInfo

  DefWindowProcA

  CallWindowProcA

  SystemParametersInfoA

  GetWindowPlacement

  IsZoomed

  BeginDeferWindowPos

  EndDeferWindowPos

  SetParent

  GetSystemMenu

  DeleteMenu

  RegisterWindowMessageA

  UnpackDDElParam

  ReuseDDElParam

  DestroyMenu

  GetClassNameA

  WinHelpA

  SetFocus

  GetWindowThreadProcessId

  IsWindowEnabled

  GetFocus

  GetDlgItem

  GetDlgCtrlID

  LoadIconA

  SetCursor

  PeekMessageA

  GetCapture

  ReleaseCapture

  LoadAcceleratorsA

  SetActiveWindow

  IsWindowVisible

  IsIconic

  InsertMenuItemA

  CreatePopupMenu

  GetClassInfoA

  CopyRect

  GetLastActivePopup

  PostMessageA

  SetMenu

  GetDesktopWindow

  GetWindow

  ShowWindow

  GetWindowRect

  SetRectEmpty

  PtInRect

  GetSystemMetrics

  EndPaint

  BeginPaint

  GetWindowDC

  GetDC

  ReleaseDC

  InvalidateRect

  LoadStringW

  GetKeyState

  ScreenToClient

  GrayStringA

  DrawTextExA

  DrawTextA

  TabbedTextOutA

  GetMenuState

  GetMenuStringA

  AppendMenuA

  InsertMenuA

  RemoveMenu

  AdjustWindowRectEx

  RedrawWindow

  SetWindowPos

  GetWindowLongA

  SetWindowLongA

  IsWindow

  WindowFromPoint

  GetSysColorBrush

  SetCursorPos

  ShowOwnedPopups

  PostQuitMessage

  DestroyCursor

  CopyAcceleratorTableA

  SendNotifyMessageA

  IsClipboardFormatAvailable

  DeferWindowPos

  GetDCEx

  CharUpperA

  MessageBoxW

  EqualRect

  RegisterClipboardFormatA

  IsRectEmpty

  InflateRect

  OffsetRect

  IntersectRect

  FillRect

  DrawFocusRect

  GetSubMenu

  LoadMenuA

  GetClientRect

  ClientToScreen

  UpdateWindow

  EnableWindow

  GetSysColor

  MessageBeep

  DefFrameProcA

  GetMenu

  SendMessageA

  DefMDIChildProcA

  GetMenuItemID

  GetMenuItemCount

  GetParent

  CreateWindowExA

  DrawMenuBar

  GetActiveWindow

  BringWindowToTop

  TranslateMDISysAccel

  TranslateAcceleratorA

  SetWindowTextA

  gdi32

  SetTextColor

  SetMapMode

  GetClipBox

  ExcludeClipRect

  IntersectClipRect

  LineTo

  MoveToEx

  SetTextAlign

  DeleteObject

  SelectClipRgn

  CreateRectRgn

  GetObjectA

  GetViewportExtEx

  GetWindowExtEx

  BitBlt

  GetPixel

  StartDocA

  PtVisible

  RectVisible

  TextOutA

  ExtTextOutA

  Escape

  SelectObject

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowOrgEx

  SetWindowExtEx

  ScaleWindowExtEx

  GetCurrentPositionEx

  SetStretchBltMode

  CreatePatternBrush

  CreateBitmap

  CreateCompatibleDC

  GetStockObject

  SelectPalette

  CreatePen

  CreateSolidBrush

  GetCharWidthA

  CreateFontA

  StretchDIBits

  CreateCompatibleBitmap

  GetTextMetricsA

  GetTextExtentPoint32A

  GetWindowOrgEx

  CreateEllipticRgn

  Ellipse

  CreateFontIndirectA

  Rectangle

  PatBlt

  StartPage

  EndPage

  SetAbortProc

  AbortDoc

  EndDoc

  CreateRectRgnIndirect

  SetRectRgn

  CombineRgn

  GetMapMode

  GetViewportOrgEx

  GetBkColor

  GetNearestColor

  GetBkMode

  GetPolyFillMode

  GetROP2

  GetStretchBltMode

  GetTextColor

  GetTextAlign

  GetTextFaceA

  SetROP2

  SetPolyFillMode

  SetBkMode

  SetBkColor

  RestoreDC

  SaveDC

  CreateDCA

  CopyMetaFileA

  LPtoDP

  DPtoLP

  SetBrushOrgEx

  GetDeviceCaps

  CreateHatchBrush

  UnrealizeObject

  RealizePalette

  DeleteDC

  CreateHalftonePalette

  comdlg32

  GetFileTitleA

  winspool.drv

  DocumentPropertiesA

  ClosePrinter

  OpenPrinterA

  GetJobA

  advapi32

  RegCloseKey

  RegCreateKeyA

  RegCreateKeyExA

  RegDeleteValueA

  RegSetValueExA

  RegQueryValueA

  RegDeleteKeyA

  RegEnumKeyA

  GetFileSecurityA

  SetFileSecurityA

  RegOpenKeyExA

  RegQueryValueExA

  RegOpenKeyA

  RegSetValueA

  SetFileSecurityW

  shell32

  SHGetFileInfoA

  DragAcceptFiles

  DragFinish

  DragQueryFileA

  ExtractIconA

  CommandLineToArgvW

  shlwapi

  PathRemoveExtensionA

  PathFindFileNameA

  PathStripToRootA

  PathFindExtensionA

  PathIsUNCA

  oledlg

  ord6

  ord3

  ord4

  ord9

  ord1

  ord11

  ord12

  ord8

  ord5

  ole32

  OleCreateLinkToFile

  OleGetIconOfClass

  CreateItemMoniker

  CreateGenericComposite

  OleIsRunning

  GetRunningObjectTable

  CoLockObjectExternal

  OleRun

  CreateFileMoniker

  StgCreateDocfile

  StgOpenStorage

  StgIsStorageFile

  OleGetClipboard

  RegisterDragDrop

  RevokeDragDrop

  OleQueryCreateFromData

  OleSetMenuDescriptor

  CoRegisterClassObject

  CoRevokeClassObject

  OleUninitialize

  CoFreeUnusedLibraries

  OleInitialize

  OleSetClipboard

  OleIsCurrentClipboard

  OleFlushClipboard

  CoDisconnectObject

  DoDragDrop

  OleCreateFromFile

  IsAccelerator

  OleCreateMenuDescriptor

  OleDestroyMenuDescriptor

  CoRegisterMessageFilter

  OleCreateFromData

  OleLockRunning

  CreateStreamOnHGlobal

  OleSaveToStream

  WriteClassStm

  OleSave

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  OleDuplicateData

  CoTaskMemAlloc

  CreateBindCtx

  CoTreatAsClass

  StringFromCLSID

  ReadClassStg

  ReadFmtUserTypeStg

  OleRegGetUserType

  WriteClassStg

  WriteFmtUserTypeStg

  SetConvertStg

  CoTaskMemFree

  ReleaseStgMedium

  GetHGlobalFromILockBytes

  OleSetContainedObject

  StgOpenStorageOnILockBytes

  OleLoad

  OleCreate

  OleCreateStaticFromData

  OleTranslateAccelerator

  OleCreateLinkFromData

  oleaut32

  SysAllocStringLen

  VariantClear

  VariantChangeType

  VariantInit

  SysFreeString

  SysStringByteLen

  SysStringLen

  Exports

  Exports

  Func

  Sections

  .text

  Size: 344KB - Virtual size: 343KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 332KB - Virtual size: 331KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 16KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 76KB - Virtual size: 74KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ