General

Malware Config

Signatures

Files

• 89146747e32e3c641c05585ff782874aeca718398f189a7dc37dd0e9b55895a5

  .exe windows x86

  51b507fbe9b18715acaee3db25dad789

  
  

  Code Sign

  30:fa:5a:4e:3e:de:79:87:aa:c8:c9:2e:65:2f:cc:db

  Certificate

  Issuer

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  03-04-2020 00:00

  Not After

  03-04-2021 23:59

  Subject

  CN=Tea Factory S.R.L.,O=Tea Factory S.R.L.,POSTALCODE=300001,STREET=ALEEA IONEL PERLEA NR 3 SCARA B ETAJ 3 APARTAMENT 14,L=Timisoara,ST=Timisoara,C=RO

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-11-2018 00:00

  Not After

  31-12-2030 23:59

  Subject

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  1d:7e:83:d5:19:65:5f:b8:fd:57:98:f9:df:27:27:ff:ab:16:93:e2

  Signer

  Actual PE Digest

  1d:7e:83:d5:19:65:5f:b8:fd:57:98:f9:df:27:27:ff:ab:16:93:e2

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Tea Factory S.R.L.,O=Tea Factory S.R.L.,POSTALCODE=300001,STREET=ALEEA IONEL PERLEA NR 3 SCARA B ETAJ 3 APARTAMENT 14,L=Timisoara,ST=Timisoara,C=RO

  03-02-2022 02:41

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetErrorMode

  GetModuleHandleA

  AreFileApisANSI

  GlobalUnlock

  FindFirstVolumeW

  GetTempPathW

  ConvertDefaultLocale

  DeleteAtom

  GetThreadContext

  IsBadCodePtr

  InterlockedExchangeAdd

  InitializeCriticalSectionAndSpinCount

  LocalLock

  TransmitCommChar

  SetEnvironmentVariableA

  LocalUnlock

  WritePrivateProfileStructA

  SetEvent

  GetCommandLineW

  GetFileAttributesW

  GetProcAddress

  FreeLibrary

  LoadLibraryW

  WaitForSingleObject

  GetModuleFileNameW

  IsDebuggerPresent

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetCurrentThreadId

  GetTickCount

  QueryPerformanceCounter

  SetUnhandledExceptionFilter

  GetStartupInfoW

  InterlockedCompareExchange

  InterlockedExchange

  VirtualFree

  VirtualAlloc

  GlobalSize

  ResetEvent

  Sleep

  LoadLibraryA

  CreateEventA

  GlobalMemoryStatusEx

  lstrlenW

  user32

  GetPriorityClipboardFormat

  wsprintfA

  OemToCharA

  DragObject

  SendNotifyMessageW

  GetWindowTextLengthW

  OffsetRect

  RegisterClipboardFormatW

  GetAltTabInfoW

  SetClassLongA

  SubtractRect

  keybd_event

  GetScrollInfo

  GrayStringW

  SwitchDesktop

  CharLowerBuffW

  RegisterWindowMessageW

  DlgDirSelectExW

  InsertMenuA

  ChangeMenuW

  GetComboBoxInfo

  CreateIconIndirect

  WaitForInputIdle

  MonitorFromRect

  IsChild

  SendNotifyMessageA

  GetMenuItemCount

  EnableMenuItem

  GetMenuItemID

  GetCursorPos

  ModifyMenuW

  GetSubMenu

  LoadMenuW

  FillRect

  LoadBitmapW

  EnumClipboardFormats

  GetClipboardData

  GetClipboardOwner

  GetWindowTextA

  ChangeClipboardChain

  InvalidateRect

  DrawIcon

  GetSystemMetrics

  IsIconic

  SetTimer

  SetClipboardViewer

  GetClientRect

  GetWindowRect

  AppendMenuW

  GetSystemMenu

  LoadIconW

  SetForegroundWindow

  ShowWindow

  FindWindowW

  CloseClipboard

  EmptyClipboard

  OpenClipboard

  SendMessageW

  EnableWindow

  CopyRect

  LoadIconA

  GetKeyState

  gdi32

  SetLayout

  AbortPath

  SetDIBits

  GetFontResourceInfoW

  EngDeleteClip

  GdiSetLastError

  SelectBrushLocal

  SetViewportExtEx

  EngDeletePalette

  SetMetaFileBitsEx

  GdiPlayPrivatePageEMF

  SetAbortProc

  GdiConvertBitmap

  SetLayoutWidth

  EndPage

  CreateMetaFileW

  QueryFontAssocStatus

  CreatePolygonRgn

  GetTextExtentExPointI

  SetWorldTransform

  EngCreatePalette

  GdiSwapBuffers

  GetCharABCWidthsW

  EngGetCurrentCodePage

  ScaleViewportExtEx

  AddFontResourceExW

  CreatePolyPolygonRgn

  CreateICA

  GetStockObject

  TranslateCharsetInfo

  AddFontResourceTracking

  RemoveFontResourceA

  AbortDoc

  CreateDIBitmap

  CreateColorSpaceA

  CreateMetaFileA

  EngMultiByteToWideChar

  StretchBlt

  GetPolyFillMode

  CreateCompatibleDC

  CreatePatternBrush

  CreateCompatibleBitmap

  CreateFontW

  BitBlt

  GetBitmapBits

  GetTextExtentPoint32W

  GetObjectW

  SelectObject

  CreatePen

  GetStretchBltMode

  advapi32

  RegSetValueExW

  RegCloseKey

  RegOpenKeyExW

  RegQueryValueExA

  RegOpenKeyExA

  RegDeleteValueW

  RegOpenKeyA

  GetUserNameA

  shell32

  SHGetFolderPathA

  SHGetFileInfoW

  SHFileOperationW

  SHGetDataFromIDListW

  SHInvokePrinterCommandW

  DragQueryFileA

  SHGetFolderPathW

  CommandLineToArgvW

  SHFileOperationA

  SHGetFileInfoA

  ShellExecuteEx

  SHGetDataFromIDListA

  DuplicateIcon

  Shell_NotifyIconW

  shlwapi

  StrStrIA

  StrCmpNIW

  comctl32

  InitCommonControlsEx

  Sections

  .text

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 666KB - Virtual size: 665KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 30KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ