General

Malware Config

Signatures

Files

• 736c373f09596e706dae01b4cb6a57647046f5047c8b67eb418d51b819a29ac9

  .exe windows x86

  674c401da516961661f00658450e8aef

  
  

  Code Sign

  75:9c:2a:a2:8c:c9:bd:a1:42:58:bf:7a:11:a9:74:68

  Certificate

  Issuer

  CN=BJFUVOTKKGVSSQLTLY

  Not Before

  17-06-2020 16:35

  Not After

  31-12-2039 23:59

  Subject

  CN=BJFUVOTKKGVSSQLTLY

  Extended Key Usages

  ExtKeyUsageCodeSigning

  47:46:7d:b5:81:40:90:ee:49:76:1d:54:1e:52:65:5f:3b:2c:a0:b8

  Signer

  Actual PE Digest

  47:46:7d:b5:81:40:90:ee:49:76:1d:54:1e:52:65:5f:3b:2c:a0:b8

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=BJFUVOTKKGVSSQLTLY

  18-05-2022 18:09

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  Sleep

  GetModuleHandleW

  LoadLibraryA

  GetProcAddress

  FlushFileBuffers

  SetFilePointer

  OutputDebugStringA

  GetLocalTime

  LocalFree

  SetErrorMode

  DeviceIoControl

  GlobalHandle

  GetFileInformationByHandle

  ExitThread

  QueryPerformanceFrequency

  GetComputerNameW

  SetEvent

  OpenEventW

  GetCommandLineW

  CreateThread

  GetSystemPowerStatus

  GetVersionExW

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetModuleHandleA

  GetStartupInfoA

  QueryPerformanceCounter

  GetCurrentProcess

  GlobalLock

  GlobalFree

  GlobalReAlloc

  GlobalUnlock

  GlobalSize

  GlobalAlloc

  HeapFree

  GetProcessHeap

  HeapAlloc

  SetLastError

  ReadFile

  WriteFile

  InterlockedIncrement

  InterlockedDecrement

  CloseHandle

  GetLastError

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  lstrcpyW

  GetFileSize

  CreateFileW

  ReleaseMutex

  lstrcatW

  FormatMessageW

  GetCurrentThreadId

  lstrlenW

  GetTimeFormatW

  GetDateFormatW

  WaitForSingleObject

  lstrcpynW

  SizeofResource

  FindResourceW

  lstrcmpiW

  CompareStringW

  ExpandEnvironmentStringsW

  GetSystemWindowsDirectoryW

  SystemTimeToFileTime

  GetVolumeInformationW

  GetVolumeNameForVolumeMountPointW

  GetDriveTypeW

  FindVolumeMountPointClose

  FindNextVolumeMountPointW

  FindFirstVolumeMountPointW

  LoadLibraryW

  lstrcmpW

  GetCPInfo

  FindNextChangeNotification

  SetEnvironmentVariableA

  GetConsoleAliasExesA

  SetCurrentDirectoryW

  MoveFileExA

  DeleteFiber

  FreeUserPhysicalPages

  CreateRemoteThread

  InitializeCriticalSectionAndSpinCount

  OpenSemaphoreA

  GlobalAddAtomA

  RemoveDirectoryA

  GetPrivateProfileSectionW

  BuildCommDCBAndTimeoutsW

  SetProcessWorkingSetSize

  GetWriteWatch

  ReadConsoleOutputCharacterA

  SetTimeZoneInformation

  FindFirstChangeNotificationA

  InterlockedExchange

  GetConsoleMode

  GetConsoleCP

  IsValidLocale

  EnumSystemLocalesA

  GetLocaleInfoA

  WriteConsoleW

  GetStringTypeW

  GetTimeZoneInformation

  IsProcessorFeaturePresent

  LCMapStringW

  IsValidCodePage

  GetOEMCP

  GetACP

  IsDebuggerPresent

  HeapCreate

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetStdHandle

  GetFileType

  SetStdHandle

  VirtualQuery

  GetSystemInfo

  VirtualAlloc

  HeapSize

  HeapQueryInformation

  RtlUnwind

  RaiseException

  ExitProcess

  HeapReAlloc

  EncodePointer

  DecodePointer

  GetStartupInfoW

  HeapSetInformation

  FindResourceExW

  VirtualProtect

  SearchPathW

  GetProfileIntW

  GetNumberFormatW

  GetWindowsDirectoryW

  GetCurrentDirectoryW

  GetTempFileNameW

  GetUserDefaultLCID

  GetFileTime

  GetFileSizeEx

  GetFileAttributesW

  GetFileAttributesExW

  GlobalFlags

  TlsFree

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GlobalGetAtomNameW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetPrivateProfileIntW

  GetUserDefaultUILanguage

  ConvertDefaultLocale

  GetSystemDefaultUILanguage

  LoadLibraryExW

  SetThreadPriority

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindNextFileW

  GetFullPathNameW

  FindClose

  DuplicateHandle

  SetEndOfFile

  UnlockFile

  LockFile

  GetThreadLocale

  ReleaseActCtx

  CreateActCtxW

  CopyFileW

  GlobalAddAtomW

  GlobalFindAtomW

  GlobalDeleteAtom

  lstrlenA

  lstrcmpA

  TerminateThread

  LocalAlloc

  GetCurrentThread

  InterlockedCompareExchange

  FreeLibrary

  GetModuleFileNameW

  GetSystemDirectoryW

  FreeResource

  ResumeThread

  MulDiv

  FindFirstFileW

  GetTempPathW

  ActivateActCtx

  DeactivateActCtx

  MultiByteToWideChar

  OutputDebugStringW

  WideCharToMultiByte

  Process32NextW

  Process32FirstW

  CreateToolhelp32Snapshot

  GetLocaleInfoW

  DeleteFileW

  CreateDirectoryW

  LoadResource

  LockResource

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingW

  CreateEventW

  CreateMutexW

  ResetEvent

  WaitForMultipleObjects

  user32

  LoadCursorFromFileA

  RegisterDeviceNotificationA

  LoadMenuA

  DlgDirListA

  UnregisterClassA

  BroadcastSystemMessage

  GetUserObjectInformationW

  DlgDirSelectComboBoxExW

  ClientToScreen

  CharLowerW

  FindWindowA

  GetDlgCtrlID

  TrackPopupMenu

  GetMenuStringW

  SetMenuItemBitmaps

  DdeInitializeA

  DefWindowProcA

  CharLowerA

  CreateIcon

  DlgDirListComboBoxW

  SetWindowsHookW

  MapVirtualKeyW

  GetKeyNameTextW

  GetDesktopWindow

  GetActiveWindow

  CreateDialogIndirectParamW

  GetNextDlgTabItem

  EndDialog

  CharUpperW

  IntersectRect

  InflateRect

  InsertMenuW

  RemoveMenu

  ShowWindow

  MoveWindow

  SetWindowTextW

  IsDialogMessageW

  CheckDlgButton

  RegisterWindowMessageW

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  IsChild

  GetCapture

  CallNextHookEx

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  SetFocus

  GetWindowTextLengthW

  GetWindowTextW

  GetLastActivePopup

  DispatchMessageW

  BeginDeferWindowPos

  EndDeferWindowPos

  GetDlgItem

  GetTopWindow

  DestroyWindow

  GetMessageTime

  GetMessagePos

  PeekMessageW

  MonitorFromWindow

  GetMonitorInfoW

  MapWindowPoints

  ScrollWindow

  SetMenu

  SetScrollRange

  GetScrollRange

  SetScrollPos

  GetScrollPos

  ShowScrollBar

  RedrawWindow

  ValidateRect

  OffsetRect

  SystemParametersInfoW

  SetWindowRgn

  GetMenuItemID

  CreateWindowExW

  GetClassInfoExW

  CreateMenu

  IsClipboardFormatAvailable

  SendMessageW

  GetWindowRect

  AdjustWindowRectEx

  DeferWindowPos

  GetScrollInfo

  SetScrollInfo

  SetWindowPlacement

  GetWindowPlacement

  DefWindowProcW

  CallWindowProcW

  GetMenu

  GetWindowLongW

  SetWindowLongW

  GetWindow

  GetMenuCheckMarkDimensions

  LoadBitmapW

  GetFocus

  ModifyMenuW

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  EndPaint

  BeginPaint

  GetWindowDC

  GrayStringW

  DrawTextExW

  TabbedTextOutW

  GetKeyState

  GetCursorPos

  WindowFromPoint

  IsWindowEnabled

  DestroyMenu

  AppendMenuW

  GetMenuItemCount

  DeleteMenu

  GetSubMenu

  SetCapture

  ReleaseCapture

  SetCursorPos

  DestroyCursor

  TranslateMessage

  GetMessageW

  PostQuitMessage

  MapDialogRect

  SetWindowContextHelpId

  ShowOwnedPopups

  DrawStateW

  TranslateAcceleratorW

  BringWindowToTop

  CreatePopupMenu

  InsertMenuItemW

  LoadMenuW

  IsRectEmpty

  SetActiveWindow

  SetForegroundWindow

  SetWindowPos

  AttachThreadInput

  GetWindowThreadProcessId

  GetForegroundWindow

  KillTimer

  SetTimer

  IsIconic

  RegisterClassW

  LoadAcceleratorsW

  LoadImageW

  ReuseDDElParam

  UnpackDDElParam

  GetMenuItemInfoW

  RealChildWindowFromPoint

  GetSysColorBrush

  CopyImage

  EnumDisplayMonitors

  PtInRect

  ScreenToClient

  EnableWindow

  GetParent

  LoadStringW

  wsprintfW

  SetMenuItemInfoW

  GetSystemMetrics

  GetDC

  ReleaseDC

  GetClientRect

  FillRect

  SetCursor

  LoadCursorW

  IsWindowVisible

  IsWindow

  EqualRect

  SetRectEmpty

  LoadIconW

  DestroyIcon

  SetRect

  InvalidateRect

  GetSysColor

  CopyRect

  DrawIcon

  UpdateWindow

  DrawTextW

  PostMessageW

  SetDlgItemTextW

  UnhookWindowsHookEx

  SetWindowsHookExW

  MessageBoxW

  FindWindowW

  GetClassInfoW

  GetUpdateRect

  IsCharLowerW

  MapVirtualKeyExW

  SubtractRect

  EnumChildWindows

  GetWindowRgn

  TranslateMDISysAccel

  DrawMenuBar

  DefMDIChildProcW

  DefFrameProcW

  PostThreadMessageW

  CharUpperBuffW

  FrameRect

  RegisterClipboardFormatW

  GetDoubleClickTime

  CopyIcon

  EmptyClipboard

  CloseClipboard

  SetClipboardData

  OpenClipboard

  GetIconInfo

  HideCaret

  InvertRect

  LockWindowUpdate

  CreateAcceleratorTableW

  GetKeyboardState

  GetKeyboardLayout

  ToUnicodeEx

  SetClassLongW

  DestroyAcceleratorTable

  SetParent

  GetMenuDefaultItem

  SetMenuDefaultItem

  IsMenu

  MonitorFromPoint

  UpdateLayeredWindow

  EnableScrollBar

  UnionRect

  SetLayeredWindowAttributes

  UnregisterClassW

  CharNextW

  DrawEdge

  DrawFrameControl

  DrawFocusRect

  DrawIconEx

  WaitMessage

  CopyAcceleratorTableW

  InvalidateRgn

  GetNextDlgGroupItem

  MessageBeep

  GetSystemMenu

  NotifyWinEvent

  GetAsyncKeyState

  IsZoomed

  gdi32

  FillPath

  DeleteDC

  EndPage

  EndPath

  CreateHalftonePalette

  DeleteEnhMetaFile

  CreateMetaFileA

  EndDoc

  CreateSolidBrush

  CloseMetaFile

  DeleteColorSpace

  CreateMetaFileW

  CreateCompatibleDC

  CloseFigure

  FlattenPath

  CreatePatternBrush

  DeleteObject

  DeleteMetaFile

  GetStockObject

  RealizePalette

  GetColorSpace

  TextOutA

  PATHOBJ_vEnumStart

  GdiDllInitialize

  GetBitmapDimensionEx

  SaveDC

  EnableEUDC

  EngLockSurface

  CreatePalette

  CloseEnhMetaFile

  GdiConvertRegion

  SetBrushOrgEx

  GdiDeleteLocalDC

  RestoreDC

  EngGradientFill

  SelectPalette

  STROBJ_bGetAdvanceWidths

  PatBlt

  GdiIsMetaPrintDC

  EnumICMProfilesW

  Polygon

  PolyBezier

  CancelDC

  ScaleWindowExtEx

  ExtSelectClipRgn

  CreateBitmap

  GetObjectType

  CreatePen

  CreateHatchBrush

  CopyMetaFileW

  CreateDCW

  CreateRectRgnIndirect

  SetRectRgn

  CombineRgn

  GetMapMode

  DPtoLP

  CreateEllipticRgn

  LPtoDP

  Ellipse

  CreateDIBSection

  CreateDIBitmap

  GetTextMetricsW

  EnumFontFamiliesW

  GetTextCharsetInfo

  GetBkColor

  GetTextColor

  CreatePolygonRgn

  Polyline

  GetRgnBox

  SetWindowExtEx

  GetViewportExtEx

  GetPaletteEntries

  GetNearestPaletteIndex

  GetSystemPaletteEntries

  OffsetRgn

  Rectangle

  SetPixel

  SetDIBColorTable

  EnumFontFamiliesExW

  ExtFloodFill

  ScaleViewportExtEx

  GetWindowOrgEx

  GetViewportOrgEx

  PtInRegion

  FillRgn

  FrameRgn

  GetBoundsRect

  GetTextFaceW

  SetPixelV

  OffsetWindowOrgEx

  CreateRoundRectRgn

  SetWindowOrgEx

  CreateRectRgn

  SelectClipRgn

  SetLayout

  GetLayout

  SetTextAlign

  MoveToEx

  LineTo

  IntersectClipRect

  ExcludeClipRect

  GetClipBox

  SetMapMode

  SetTextColor

  SetROP2

  SetPolyFillMode

  SetBkMode

  SetBkColor

  SelectObject

  GetObjectW

  GetTextExtentPoint32W

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  ExtTextOutW

  TextOutW

  RectVisible

  PtVisible

  GetPixel

  SetPaletteEntries

  GetWindowExtEx

  StretchBlt

  GetDeviceCaps

  BitBlt

  CreateCompatibleBitmap

  CreateFontIndirectW

  comdlg32

  GetFileTitleW

  advapi32

  GetUserNameA

  RegOpenKeyA

  RegQueryValueExA

  GetSecurityDescriptorDacl

  InitializeSecurityDescriptor

  AllocateAndInitializeSid

  SetEntriesInAclW

  LookupPrivilegeValueW

  OpenProcessToken

  SetSecurityDescriptorDacl

  FreeSid

  RegCreateKeyExW

  RegSetValueExW

  RegOpenKeyExW

  RegQueryValueExW

  RegCloseKey

  AdjustTokenPrivileges

  RegQueryValueW

  RegEnumKeyW

  RegEnumKeyExW

  RegEnumValueW

  RegDeleteKeyW

  RegDeleteValueW

  CredFree

  CredGetTargetInfoW

  shell32

  SHGetSpecialFolderLocation

  SHGetPathFromIDListW

  DragQueryFileAorW

  SHFileOperation

  SHGetFolderLocation

  SHLoadInProc

  ShellExecuteEx

  SHGetIconOverlayIndexA

  SHGetFileInfoW

  SHGetDiskFreeSpaceExW

  SHGetSpecialFolderPathA

  SHGetFileInfo

  SHGetDiskFreeSpaceA

  SHGetDataFromIDListA

  ExtractAssociatedIconExA

  ShellAboutA

  WOWShellExecute

  SHFileOperationA

  SHBindToParent

  DuplicateIcon

  Shell_NotifyIconW

  DragQueryFileW

  SHBrowseForFolderW

  SHGetMalloc

  SHGetSpecialFolderPathW

  ShellExecuteW

  SHGetDesktopFolder

  SHAppBarMessage

  DragFinish

  ole32

  CoUninitialize

  CoCreateInstanceEx

  CLSIDFromString

  ReleaseStgMedium

  CoInitializeEx

  CoRegisterClassObject

  CoRevokeClassObject

  CoRegisterMessageFilter

  OleGetClipboard

  RevokeDragDrop

  CoLockObjectExternal

  RegisterDragDrop

  OleLockRunning

  IsAccelerator

  OleTranslateAccelerator

  OleCreateMenuDescriptor

  DoDragDrop

  OleFlushClipboard

  OleIsCurrentClipboard

  OleInitialize

  CoFreeUnusedLibraries

  OleUninitialize

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  CoInitialize

  CLSIDFromProgID

  CoCreateGuid

  CoCreateInstance

  OleDuplicateData

  CoTaskMemAlloc

  CoTaskMemFree

  CreateStreamOnHGlobal

  OleDestroyMenuDescriptor

  shlwapi

  StrStrIW

  StrChrA

  StrRChrA

  StrStrA

  StrRChrIW

  StrChrIA

  StrRChrIA

  StrRStrIA

  PathStripToRootW

  PathFileExistsW

  PathIsUNCW

  PathRemoveFileSpecW

  PathFindExtensionW

  StrCmpW

  PathFindFileNameW

  comctl32

  ImageList_GetIconSize

  InitCommonControlsEx

  _TrackMouseEvent

  imm32

  ImmReleaseContext

  ImmGetContext

  ImmGetOpenStatus

  Sections

  .text

  Size: 80KB - Virtual size: 79KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  a2

  Size: 512B - Virtual size: 10B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  a3

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  a32

  Size: 1024B - Virtual size: 1010B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  a322

  Size: 126KB - Virtual size: 125KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ