General

Malware Config

Signatures

Files

• ea7d4373da7e6566f95a2690b5334b2a0919e301b7b649e7090b06b970325c6a

  .exe windows x86

  3007824ebeec9fe536c532ed0ad980d5

  
  

  Code Sign

  8e:ab:b2:64:8e:f5:57:ab:73:5d:55:0c:42:56:95:25

  Certificate

  Issuer

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  04-04-2020 00:00

  Not After

  04-04-2021 23:59

  Subject

  CN=Interoute Cloud Denmark ApS,O=Interoute Cloud Denmark ApS,POSTALCODE=1059,STREET=5 Niels Juels Gade,L=Kobenhavn,C=DK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-11-2018 00:00

  Not After

  31-12-2030 23:59

  Subject

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  34:fb:e4:83:b4:de:61:dc:84:d5:86:05:ec:01:93:66:20:74:12:f6

  Signer

  Actual PE Digest

  34:fb:e4:83:b4:de:61:dc:84:d5:86:05:ec:01:93:66:20:74:12:f6

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Interoute Cloud Denmark ApS,O=Interoute Cloud Denmark ApS,POSTALCODE=1059,STREET=5 Niels Juels Gade,L=Kobenhavn,C=DK

  03-02-2022 03:05

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetFileAttributesExW

  MoveFileExW

  GetFileAttributesW

  RemoveDirectoryW

  DeleteFileW

  FindFirstFileW

  SetEndOfFile

  FlushFileBuffers

  GetFileTime

  SizeofResource

  LockResource

  LoadResource

  FindResourceW

  FindResourceExW

  CancelIo

  ReadDirectoryChangesW

  GetFileInformationByHandle

  GetOverlappedResult

  LoadLibraryW

  GetCurrentProcessId

  SetErrorMode

  InterlockedIncrement

  InterlockedDecrement

  CreateMutexW

  SetThreadPriority

  GetVersionExW

  lstrlenW

  GlobalFree

  SystemTimeToFileTime

  LocalFileTimeToFileTime

  SetThreadExecutionState

  ResumeThread

  GetLocaleInfoW

  GetNumberFormatW

  SleepEx

  GetCurrentThread

  DuplicateHandle

  GlobalSize

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  TlsFree

  TlsSetValue

  FindNextFileW

  TlsAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  GetModuleFileNameW

  GetStdHandle

  ExitProcess

  HeapCreate

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineW

  CreateThread

  ExitThread

  SetConsoleCtrlHandler

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  VirtualQuery

  GetSystemInfo

  VirtualProtect

  DecodePointer

  EncodePointer

  HeapQueryInformation

  HeapSize

  HeapReAlloc

  HeapDestroy

  InitializeCriticalSectionAndSpinCount

  InterlockedPopEntrySList

  VirtualAlloc

  VirtualFree

  IsProcessorFeaturePresent

  HeapAlloc

  GetProcessHeap

  HeapFree

  InterlockedPushEntrySList

  InterlockedCompareExchange

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  CreateFileW

  ReadFile

  WriteFile

  SetFilePointer

  GetFileSize

  GlobalAlloc

  GetNativeSystemInfo

  GetThreadPriority

  GetProcessAffinityMask

  GlobalUnlock

  GlobalLock

  FormatMessageW

  MultiByteToWideChar

  LoadLibraryA

  LocalAlloc

  FindClose

  GetExitCodeThread

  CopyFileW

  Sleep

  FreeLibrary

  IsDebuggerPresent

  SetDllDirectoryW

  OutputDebugStringW

  WideCharToMultiByte

  CreateEventW

  DeleteCriticalSection

  InitializeCriticalSection

  WaitForMultipleObjects

  SetEvent

  ResetEvent

  QueryPerformanceFrequency

  QueryPerformanceCounter

  CloseHandle

  WaitForSingleObject

  GetLastError

  GetModuleHandleW

  GetProcAddress

  GetTickCount

  InterlockedExchange

  GetVersion

  MulDiv

  RaiseException

  GetCurrentThreadId

  LeaveCriticalSection

  EnterCriticalSection

  FlushInstructionCache

  GetCurrentProcess

  SetLastError

  GetFileType

  GetSystemTimeAsFileTime

  RtlUnwind

  GetConsoleCP

  GetConsoleMode

  LCMapStringW

  GetStringTypeW

  SetStdHandle

  WriteConsoleW

  TlsGetValue

  GetEnvironmentStringsA

  FindFirstFileExW

  SetConsoleActiveScreenBuffer

  LocalUnlock

  GetNumberFormatA

  GetComputerNameW

  SetComputerNameExW

  AreFileApisANSI

  SystemTimeToTzSpecificLocalTime

  GetDriveTypeW

  CreateNamedPipeW

  GetCPInfoExA

  FindNextVolumeW

  BuildCommDCBW

  GetConsoleDisplayMode

  MoveFileWithProgressA

  CompareStringA

  GetConsoleAliasExesW

  SetNamedPipeHandleState

  ReleaseMutex

  OpenProcess

  LocalFree

  GetModuleHandleA

  ProcessIdToSessionId

  WTSGetActiveConsoleSessionId

  TerminateThread

  lstrcmpiW

  LoadLibraryExW

  DeviceIoControl

  CreateFileA

  GetPrivateProfileStringW

  GetWindowsDirectoryW

  lstrlenA

  lstrcmpiA

  lstrcmpA

  GetConsoleOutputCP

  WriteConsoleA

  IsValidLocale

  EnumSystemLocalesA

  GetLocaleInfoA

  GetUserDefaultLCID

  GetStringTypeA

  LCMapStringA

  GetStartupInfoA

  CreateEventA

  CreateWaitableTimerA

  SetWaitableTimer

  OpenEventA

  GetModuleFileNameA

  GetVolumeInformationW

  DeleteAtom

  GetSystemWindowsDirectoryW

  CreateSemaphoreA

  ReleaseSemaphore

  DisconnectNamedPipe

  ConnectNamedPipe

  PeekNamedPipe

  FindAtomW

  AddAtomW

  OpenThread

  GetAtomNameW

  GetSystemTime

  GetFileSizeEx

  SetFilePointerEx

  user32

  MsgWaitForMultipleObjects

  GetKeyState

  RegisterClipboardFormatW

  wsprintfW

  AllowSetForegroundWindow

  EnumWindows

  GetClassNameW

  SetActiveWindow

  CheckMenuRadioItem

  CopyRect

  GetWindowPlacement

  IsIconic

  OffsetRect

  MonitorFromRect

  IsWindowVisible

  GetMenuItemCount

  EnumThreadWindows

  GetSystemMetrics

  GetFocus

  SetForegroundWindow

  UnregisterClassA

  SetClipboardData

  SetMenuItemInfoW

  GetMenuItemInfoW

  IsChild

  MoveWindow

  GetDC

  UpdateWindow

  AdjustWindowRect

  UnhookWindowsHookEx

  SetWindowsHookExW

  CallNextHookEx

  GetComboBoxInfo

  EndDeferWindowPos

  IsZoomed

  DeferWindowPos

  BeginDeferWindowPos

  DrawEdge

  DrawTextW

  FillRect

  CharUpperW

  DestroyAcceleratorTable

  LoadAcceleratorsW

  TranslateAcceleratorW

  MapDialogRect

  GetDlgCtrlID

  GetClientRect

  GetActiveWindow

  MapWindowPoints

  CharLowerW

  GetDlgItem

  DialogBoxParamW

  EndDialog

  SetWindowLongW

  SetLayeredWindowAttributes

  BeginPaint

  EndPaint

  GetWindowDC

  ReleaseDC

  GetSysColor

  DefWindowProcW

  PostMessageW

  ScreenToClient

  ClientToScreen

  GetWindowLongW

  CallWindowProcW

  DestroyWindow

  CreateWindowExW

  RegisterClassExW

  GetClassInfoExW

  LoadCursorW

  TrackPopupMenu

  GetMessagePos

  DrawIconEx

  DestroyIcon

  SetFocus

  SetCapture

  LoadImageW

  SetCursor

  SetTimer

  SetWindowPos

  KillTimer

  ShowWindow

  GetScrollInfo

  CreateDialogParamW

  LoadIconW

  MessageBoxW

  GetWindowRect

  EnableWindow

  SetWindowTextW

  IsWindowEnabled

  EnumChildWindows

  GetParent

  MessageBeep

  RegisterHotKey

  UnregisterHotKey

  SetDlgItemTextW

  SendDlgItemMessageW

  MapVirtualKeyW

  CreatePopupMenu

  AppendMenuW

  DestroyMenu

  MonitorFromPoint

  GetMonitorInfoW

  GetMenu

  AdjustWindowRectEx

  InvalidateRect

  GetWindowTextW

  WindowFromPoint

  GetWindowThreadProcessId

  IsDialogMessageW

  IntersectRect

  RegisterShellHookWindow

  DeregisterShellHookWindow

  RegisterWindowMessageW

  UnregisterClassW

  RegisterClassW

  PostQuitMessage

  DispatchMessageW

  TranslateMessage

  GetMessageW

  PeekMessageW

  RedrawWindow

  CloseClipboard

  OpenClipboard

  EmptyClipboard

  IsCharAlphaW

  TrackPopupMenuEx

  IsClipboardFormatAvailable

  GetClipboardData

  SendMessageW

  GetWindowLongA

  WindowFromDC

  DdeQueryConvInfo

  GetMenuStringW

  EnumDesktopWindows

  WinHelpA

  DrawTextExA

  SetRect

  ShowScrollBar

  ValidateRgn

  ShowWindowAsync

  EnumPropsExA

  SendNotifyMessageW

  DdeGetLastError

  ExcludeUpdateRgn

  DialogBoxIndirectParamA

  CreateDialogIndirectParamW

  EnumWindowStationsA

  SetDebugErrorLevel

  LoadMenuIndirectA

  SetProcessWindowStation

  LoadStringW

  FindWindowExW

  GetClassInfoW

  CharNextW

  MonitorFromWindow

  GetWindow

  LoadIconA

  GetMenuContextHelpId

  ReleaseCapture

  GetMessageTime

  OpenIcon

  CharNextA

  GetSysColorBrush

  OemKeyScan

  EndMenu

  GetClipboardOwner

  GetTopWindow

  IsCharLowerW

  DestroyCursor

  GetKeyboardLayout

  IsCharAlphaNumericA

  IsWindowUnicode

  InSendMessage

  GetKBCodePage

  GetMessageExtraInfo

  PaintDesktop

  IsCharAlphaNumericW

  GetCaretBlinkTime

  EnumClipboardFormats

  GetQueueStatus

  CloseDesktop

  CreateMenu

  GetListBoxInfo

  CloseWindowStation

  GetProcessWindowStation

  GetClipboardSequenceNumber

  GetOpenClipboardWindow

  GetClipboardViewer

  GetDialogBaseUnits

  GetThreadDesktop

  IsCharAlphaA

  LoadCursorFromFileA

  GetCapture

  IsMenu

  GetDesktopWindow

  IsCharLowerA

  CountClipboardFormats

  VkKeyScanA

  CloseWindow

  GetWindowContextHelpId

  GetWindowTextLengthW

  IsWindow

  DrawMenuBar

  AnyPopup

  GetMenuCheckMarkDimensions

  IsGUIThread

  VkKeyScanW

  LoadCursorFromFileW

  CopyIcon

  GetLastActivePopup

  CharUpperA

  GetInputState

  CharLowerA

  GetCursor

  IsCharUpperW

  GetForegroundWindow

  ShowCaret

  GetWindowTextLengthA

  GetDoubleClickTime

  GetAsyncKeyState

  GetKeyboardType

  GetShellWindow

  IsCharUpperA

  gdi32

  CreateFontIndirectW

  GetObjectW

  DeleteObject

  DeleteDC

  SetWindowOrgEx

  GetTextExtentPoint32W

  GetDeviceCaps

  CreateCompatibleBitmap

  CreateCompatibleDC

  SelectObject

  SetBkColor

  ExtTextOutW

  SetBkMode

  SetTextColor

  SetDCBrushColor

  GetStockObject

  OffsetWindowOrgEx

  RemoveFontResourceW

  GdiQueryFonts

  CreatePatternBrush

  CreateFontA

  GdiStartPageEMF

  EngTextOut

  EngFreeModule

  BRUSHOBJ_pvAllocRbrush

  GdiSetPixelFormat

  UnrealizeObject

  SetICMProfileA

  GetDCPenColor

  XLATEOBJ_hGetColorTransform

  AddFontMemResourceEx

  PATHOBJ_vEnumStartClipLines

  EngFindResource

  SetDCPenColor

  PolyBezier

  SetROP2

  SetStretchBltMode

  EndDoc

  GetKerningPairsW

  FONTOBJ_cGetAllGlyphHandles

  GetPixel

  GdiAddGlsBounds

  GetTextExtentExPointA

  DeleteColorSpace

  GetROP2

  GetMapMode

  GetDCBrushColor

  WidenPath

  AddFontResourceW

  GetBkMode

  GetTextCharacterExtra

  DeleteMetaFile

  EndPage

  GdiFlush

  CancelDC

  SwapBuffers

  GetSystemPaletteUse

  CloseFigure

  CreateHalftonePalette

  AddFontResourceA

  UpdateColors

  GetEnhMetaFileA

  DeleteEnhMetaFile

  CloseEnhMetaFile

  GdiGetBatchLimit

  EndPath

  PathToRegion

  CreateMetaFileW

  GetTextColor

  GetColorSpace

  GetEnhMetaFileW

  GetBkColor

  CreateMetaFileA

  StrokePath

  SaveDC

  CreateSolidBrush

  RealizePalette

  GetLayout

  GetGraphicsMode

  SetMetaRgn

  CloseMetaFile

  AbortPath

  GetObjectType

  GetStretchBltMode

  GetTextCharset

  GetPixelFormat

  GetPolyFillMode

  BeginPath

  GetFontLanguageInfo

  AbortDoc

  FillPath

  FlattenPath

  GetTextAlign

  advapi32

  RegQueryValueExW

  RegCloseKey

  RegOpenKeyW

  RegCreateKeyW

  RegDeleteValueW

  RegQueryInfoKeyW

  RegEnumValueW

  RegEnumKeyExW

  RegOpenKeyExW

  CryptAcquireContextW

  RegCreateKeyExW

  CryptGetHashParam

  CryptVerifySignatureW

  CryptHashData

  CryptCreateHash

  CryptDestroyKey

  CryptDestroyHash

  CryptReleaseContext

  CryptImportKey

  RegSetValueExW

  RegEnumKeyExA

  RegQueryValueExA

  RegDeleteKeyW

  RegOpenKeyExA

  InitializeSecurityDescriptor

  SetSecurityDescriptorDacl

  AllocateAndInitializeSid

  SetEntriesInAclW

  RegOpenKeyA

  RegSetValueExA

  GetUserNameA

  shell32

  ShellExecuteExW

  SHGetDesktopFolder

  SHOpenFolderAndSelectItems

  SHChangeNotify

  DragAcceptFiles

  DragFinish

  ShellExecuteW

  SHGetFolderPathW

  Shell_NotifyIconA

  SHGetSpecialFolderPathW

  CheckEscapesW

  WOWShellExecute

  DoEnvironmentSubstW

  CommandLineToArgvW

  SHGetIconOverlayIndexA

  ole32

  OleUninitialize

  CoInitialize

  CoUninitialize

  CreateStreamOnHGlobal

  OleInitialize

  CoCreateGuid

  ReleaseStgMedium

  OleGetClipboard

  OleSetClipboard

  CoTaskMemFree

  CoCreateInstance

  CoTaskMemAlloc

  CoTaskMemRealloc

  shlwapi

  SHAutoComplete

  StrCmpLogicalW

  SHDeleteKeyW

  StrStrW

  PathFileExistsW

  PathRemoveFileSpecW

  SHGetValueW

  PathCombineW

  PathAppendW

  PathStripPathW

  SHGetValueA

  SHSetValueA

  comctl32

  ImageList_ReplaceIcon

  ImageList_Add

  ImageList_LoadImageW

  ImageList_Create

  ImageList_Destroy

  InitCommonControlsEx

  Sections

  .text

  Size: 21KB - Virtual size: 20KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 199KB - Virtual size: 199KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 45KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ