General

Malware Config

Signatures

Files

• 8cfef332906cd49918a4c872cb8a3b7cbf52edc6728d406a2f9e7e732e1acae7

  .exe windows x86

  508505b57f8811fcde95a58eb324dc45

  
  

  Code Sign

  34:05:f0:c8:97:02:ca:bd:45:95:50:d2:b2:e1:c2:28

  Certificate

  Issuer

  CN=BXGAQVJUAKQIVJTPFI

  Not Before

  30-11-2019 00:43

  Not After

  31-12-2039 23:59

  Subject

  CN=BXGAQVJUAKQIVJTPFI

  Extended Key Usages

  ExtKeyUsageCodeSigning

  42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b

  Certificate

  Issuer

  CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

  Not Before

  07-06-2005 08:09

  Not After

  30-05-2020 10:48

  Subject

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  27-04-2011 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49

  Certificate

  Issuer

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  02-05-2019 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  07:e6:0f:5e:74:83:83:fa:1b:fe:8d:56:20:d5:5f:40:ed:af:fb:7a

  Signer

  Actual PE Digest

  07:e6:0f:5e:74:83:83:fa:1b:fe:8d:56:20:d5:5f:40:ed:af:fb:7a

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=BXGAQVJUAKQIVJTPFI

  03-12-2019 14:29

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetEnvironmentVariableA

  SetErrorMode

  SetEvent

  SetFilePointer

  SetHandleCount

  SetLastError

  SetStdHandle

  SetThreadExecutionState

  SetThreadPriority

  SetUnhandledExceptionFilter

  SizeofResource

  Sleep

  SuspendThread

  TerminateProcess

  TerminateThread

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  SetEndOfFile

  VirtualAlloc

  VirtualFree

  VirtualProtect

  VirtualQuery

  WaitForSingleObject

  WideCharToMultiByte

  WinExec

  WriteConsoleA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringA

  lstrcatA

  lstrcmpA

  lstrcmpW

  lstrcmpiA

  lstrcpyA

  lstrlenA

  lstrlenW

  RtlUnwind

  ResumeThread

  RemoveDirectoryA

  ReadFile

  RaiseException

  QueryPerformanceCounter

  MultiByteToWideChar

  MulDiv

  MoveFileA

  LockResource

  LockFile

  LocalReAlloc

  LocalFree

  LocalAlloc

  LoadResource

  LoadLibraryExA

  LoadLibraryA

  LeaveCriticalSection

  LCMapStringW

  LCMapStringA

  IsValidCodePage

  IsDebuggerPresent

  InterlockedIncrement

  InterlockedExchange

  InterlockedDecrement

  InterlockedCompareExchange

  InitializeCriticalSectionAndSpinCount

  InitializeCriticalSection

  HeapSize

  HeapReAlloc

  HeapFree

  HeapCreate

  HeapAlloc

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalMemoryStatus

  GlobalLock

  GlobalHandle

  GlobalGetAtomNameA

  GlobalFree

  GlobalFlags

  GlobalFindAtomA

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomA

  GetWindowsDirectoryA

  GetVolumeInformationA

  GetVersionExA

  GetVersion

  GetUserDefaultLCID

  GetTimeZoneInformation

  GetTickCount

  GetThreadLocale

  GetTempPathA

  GetTempFileNameA

  GetSystemTimeAsFileTime

  GetSystemInfo

  GetSystemDirectoryA

  GetStringTypeW

  GetStringTypeA

  GetStdHandle

  GetStartupInfoA

  GetShortPathNameA

  GetProcessHeap

  GetProcAddress

  GetPrivateProfileStringA

  GetOEMCP

  GetModuleHandleW

  GetModuleHandleA

  GetModuleFileNameW

  GetModuleFileNameA

  GetLongPathNameA

  GetLocaleInfoA

  GetLastError

  GetFullPathNameA

  GetFileType

  GetFileTime

  GetFileSizeEx

  GetFileSize

  GetFileAttributesExA

  GetFileAttributesA

  GetEnvironmentStringsW

  GetEnvironmentStrings

  GetDriveTypeA

  GetDiskFreeSpaceExA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleOutputCP

  GetConsoleMode

  GetConsoleCP

  GetCommandLineA

  GetCalendarInfoW

  GetCPInfo

  GetACP

  FreeResource

  CloseHandle

  FreeLibrary

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  FormatMessageA

  FlushFileBuffers

  FindResourceA

  FindNextFileA

  FindFirstFileA

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  ExitThread

  ExitProcess

  EnumResourceLanguagesA

  EnterCriticalSection

  DuplicateHandle

  DnsHostnameToComputerNameA

  DeviceIoControl

  DeleteFileA

  DeleteCriticalSection

  CreateThread

  CreateProcessA

  CreateMutexA

  CreateFileA

  CreateEventA

  CreateDirectoryA

  CopyFileA

  ConvertDefaultLocale

  CompareStringW

  CompareStringA

  UnlockFile

  user32

  SetRect

  SetTimer

  SetUserObjectSecurity

  SetWindowContextHelpId

  SetWindowLongA

  SetWindowPos

  SetWindowRgn

  SetWindowTextA

  SetWindowsHookExA

  ShowWindow

  SystemParametersInfoA

  TabbedTextOutA

  TranslateMessage

  UnhookWindowsHookEx

  UnregisterClassA

  UpdateWindow

  ValidateRect

  WinHelpA

  WindowFromPoint

  wsprintfA

  wvsprintfA

  GetKeyboardLayout

  DrawMenuBar

  GetShellWindow

  GetDoubleClickTime

  EnumClipboardFormats

  CountClipboardFormats

  IsCharUpperA

  GetWindowContextHelpId

  GetCursor

  GetClipboardData

  GetCaretBlinkTime

  LoadCursorFromFileW

  GetThreadDesktop

  PostThreadMessageA

  PostQuitMessage

  PostMessageA

  PeekMessageA

  OpenDesktopA

  OffsetRect

  MsgWaitForMultipleObjectsEx

  MoveWindow

  ModifyMenuA

  MessageBoxIndirectW

  MessageBoxA

  MessageBeep

  MapWindowPoints

  MapDialogRect

  LoadImageA

  LoadIconA

  LoadCursorA

  LoadBitmapA

  KillTimer

  IsWindowVisible

  IsWindowEnabled

  IsWindow

  IsRectEmpty

  IsMenu

  IsIconic

  IsDlgButtonChecked

  IsDialogMessageA

  IsChild

  InvalidateRgn

  InvalidateRect

  IntersectRect

  GrayStringA

  GetWindowThreadProcessId

  GetWindowTextLengthW

  GetWindowTextLengthA

  GetWindowTextA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongA

  GetWindowDC

  GetWindow

  GetTopWindow

  GetSystemMetrics

  GetSysColorBrush

  GetSysColor

  GetSubMenu

  SetPropA

  GetParent

  GetNextDlgTabItem

  GetNextDlgGroupItem

  GetMessageTime

  GetMessagePos

  GetMessageA

  GetMenuStringA

  GetMenuState

  GetMenuItemInfoA

  GetMenuItemID

  GetMenuItemCount

  GetMenuCheckMarkDimensions

  GetMenu

  GetLastActivePopup

  GetKeyState

  GetKeyNameTextW

  GetIconInfo

  GetForegroundWindow

  GetFocus

  GetDlgItem

  GetDlgCtrlID

  GetDesktopWindow

  GetDC

  GetCursorPos

  GetClientRect

  GetClassNameA

  GetClassLongA

  GetClassInfoExA

  GetClassInfoA

  GetCapture

  GetActiveWindow

  FrameRect

  FindWindowExA

  FindWindowA

  FillRect

  ExitWindowsEx

  EqualRect

  EnumWindows

  EnumDisplayMonitors

  EnumChildWindows

  EndPaint

  EndDialog

  EnableWindow

  EnableMenuItem

  DrawTextExA

  DrawTextA

  DrawStateA

  DrawIconEx

  DrawIcon

  DrawFocusRect

  DrawEdge

  DispatchMessageA

  DestroyWindow

  DestroyMenu

  DestroyIcon

  DestroyCursor

  DeregisterShellHookWindow

  DefWindowProcA

  DdeInitializeW

  CreateWindowExA

  CreatePopupMenu

  CreateMenu

  CreateIconIndirect

  CreateDialogIndirectParamA

  CopyRect

  CopyIcon

  CopyAcceleratorTableA

  ClientToScreen

  CheckRadioButton

  CheckMenuItem

  CheckDlgButton

  CharUpperA

  CharNextA

  CascadeWindows

  CallWindowProcA

  CallNextHookEx

  SetMessageQueue

  SetMenuItemBitmaps

  SetMenu

  SetForegroundWindow

  SetFocus

  SetDlgItemTextA

  SetCursor

  SetCapture

  SetActiveWindow

  SendMessageTimeoutW

  SendMessageA

  SendDlgItemMessageA

  ScreenToClient

  RemovePropA

  ReleaseDC

  ReleaseCapture

  AdjustWindowRectEx

  AllowSetForegroundWindow

  AppendMenuA

  BeginPaint

  BlockInput

  BringWindowToTop

  RegisterWindowMessageA

  RegisterClipboardFormatA

  RegisterClassExA

  RegisterClassA

  RedrawWindow

  RealGetWindowClassW

  RealGetWindowClassA

  GetPropA

  PtInRect

  InflateRect

  gdi32

  EngReleaseSemaphore

  EngTextOut

  EngTransparentBlt

  EnumEnhMetaFile

  Escape

  ExtEscape

  ExtSelectClipRgn

  ExtTextOutA

  FONTOBJ_pxoGetXform

  GdiConvertRegion

  GdiCreateLocalMetaFilePict

  GdiEntry13

  GdiEntry9

  GdiGetLocalFont

  GdiGetPageCount

  GdiIsMetaPrintDC

  GdiPlayEMF

  GdiPlayPageEMF

  GetBitmapDimensionEx

  GetBkColor

  GetBkMode

  GetCharWidthFloatA

  GetCharWidthFloatW

  GetClipBox

  GetDIBits

  GetDeviceCaps

  GetEnhMetaFileDescriptionA

  GetGlyphOutlineA

  GetICMProfileA

  GetKerningPairs

  GetLayout

  GetLogColorSpaceW

  GetMapMode

  GetObjectA

  GetPixel

  GetRgnBox

  GetStockObject

  GetSystemPaletteEntries

  GetTextCharset

  GetTextColor

  EngFillPath

  GetTextExtentPoint32W

  GetTextMetricsA

  GetViewportExtEx

  GetWindowExtEx

  MoveToEx

  OffsetViewportOrgEx

  PatBlt

  PathToRegion

  Pie

  PtVisible

  RealizePalette

  RectVisible

  Rectangle

  RestoreDC

  RoundRect

  SaveDC

  ScaleViewportExtEx

  ScaleWindowExtEx

  SelectFontLocal

  SelectObject

  SelectPalette

  SetBitmapBits

  SetBkColor

  SetBkMode

  SetMapMode

  SetPixel

  SetPixelV

  SetTextAlign

  SetTextColor

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  StretchBlt

  TextOutA

  bMakePathNameW

  EndPage

  GetPixelFormat

  CancelDC

  StrokePath

  DeleteMetaFile

  EnableEUDC

  Ellipse

  DeleteEnhMetaFile

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreateRoundRectRgn

  CreateRectRgnIndirect

  CreateRectRgn

  CreatePolygonRgn

  CreatePen

  CreatePatternBrush

  CreatePalette

  CreateFontIndirectA

  CreateFontA

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBitmap

  CombineRgn

  BitBlt

  BRUSHOBJ_pvGetRbrush

  GetTextExtentPoint32A

  AbortPath

  comdlg32

  GetOpenFileNameA

  GetFileTitleA

  GetSaveFileNameA

  advapi32

  RegQueryValueA

  LookupPrivilegeValueA

  OpenProcessToken

  RegCloseKey

  RegCreateKeyExA

  RegDeleteKeyA

  RegSetValueExA

  RegQueryValueExA

  AdjustTokenPrivileges

  RegOpenKeyExA

  RegOpenKeyA

  RegEnumKeyA

  shell32

  SHChangeNotify

  ShellExecuteExA

  ShellExecuteEx

  ShellExecuteA

  SHGetSpecialFolderPathW

  SHGetSpecialFolderPathA

  SHGetPathFromIDListA

  SHGetIconOverlayIndexW

  DragFinish

  DragQueryFileA

  SHBrowseForFolderA

  Shell_NotifyIconA

  SHFileOperationA

  SHFreeNameMappings

  SHGetFileInfoA

  ole32

  OleInitialize

  OleIsCurrentClipboard

  OleUninitialize

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CreateStreamOnHGlobal

  CreateILockBytesOnHGlobal

  CoUninitialize

  CoTaskMemFree

  CoTaskMemAlloc

  CoRevokeClassObject

  CoRegisterMessageFilter

  CoInitializeEx

  CoInitialize

  CoGetClassObject

  CoFreeUnusedLibraries

  CoCreateInstance

  CoCreateGuid

  CLSIDFromString

  CLSIDFromProgID

  OleFlushClipboard

  shlwapi

  StrStrIA

  StrRStrIW

  StrRChrA

  PathStripToRootA

  PathRemoveFileSpecW

  PathIsUNCA

  PathFindExtensionA

  PathFindFileNameA

  comctl32

  ImageList_Draw

  ImageList_GetIcon

  ImageList_GetImageCount

  ImageList_ReplaceIcon

  ImageList_AddMasked

  _TrackMouseEvent

  Sections

  .text

  Size: 1.7MB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 18KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 25KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ