General

Malware Config

Signatures

Files

• 21fead89c8744f3704268fc34135300c4e784d9c609d356841dcec5054e23cf2

  .exe windows x86

  c5f844dd8f82b6eb605d542b82a73b98

  
  

  Code Sign

  24:3f:59:9a:f4:d8:bc:8d:1b:31:14:31:ea:86:52:23

  Certificate

  Issuer

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  10-04-2020 00:00

  Not After

  10-04-2021 23:59

  Subject

  CN=Datamean Technologies LTD,O=Datamean Technologies LTD,POSTALCODE=7577,STREET=25 Tasou Konstantinou,L=Mazotos,ST=Larnaca,C=CY

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-11-2018 00:00

  Not After

  31-12-2030 23:59

  Subject

  CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  5e:d8:1d:05:d8:f3:35:0d:47:11:17:55:12:95:63:3e:10:42:ea:6e

  Signer

  Actual PE Digest

  5e:d8:1d:05:d8:f3:35:0d:47:11:17:55:12:95:63:3e:10:42:ea:6e

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Datamean Technologies LTD,O=Datamean Technologies LTD,POSTALCODE=7577,STREET=25 Tasou Konstantinou,L=Mazotos,ST=Larnaca,C=CY

  18-05-2022 18:07

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetEvent

  SetFileAttributesA

  GetTickCount

  WaitForMultipleObjects

  GetSystemTime

  GetLocalTime

  OutputDebugStringA

  FreeLibrary

  LoadLibraryA

  GetWindowsDirectoryA

  lstrcpynA

  MoveFileA

  CreateMutexA

  ReleaseMutex

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  GetProcAddress

  DeviceIoControl

  CreateThread

  GetLastError

  SetFilePointer

  CopyFileA

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  DeleteCriticalSection

  HeapCreate

  HeapDestroy

  HeapFree

  HeapAlloc

  GetComputerNameA

  GetCurrentThreadId

  GetModuleHandleA

  GetStartupInfoA

  ResetEvent

  CreateDirectoryA

  WaitForSingleObject

  DeleteFileA

  GetTempPathA

  lstrcpyA

  SetErrorMode

  GetVolumeInformationA

  GetDriveTypeA

  GetFileAttributesA

  CreateEventA

  CreateFileA

  WriteFile

  ReadFile

  CloseHandle

  GetStdHandle

  GetModuleFileNameA

  MultiByteToWideChar

  lstrlenW

  lstrlenA

  GetDiskFreeSpaceExA

  GetVersionExA

  GetVersion

  GetLogicalDriveStringsA

  ConvertDefaultLocale

  GetConsoleAliasExesW

  CreateSemaphoreW

  IsValidCodePage

  GetFileAttributesExA

  _hwrite

  lstrcmp

  GetComputerNameExA

  EnumSystemLocalesA

  SetHandleCount

  GetCommandLineW

  GetCommandLineA

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  HeapSize

  SetStdHandle

  ExitThread

  VirtualQuery

  GetSystemInfo

  VirtualAlloc

  GetDateFormatA

  GetTimeFormatA

  PeekNamedPipe

  GetFileType

  TerminateProcess

  GetSystemTimeAsFileTime

  HeapReAlloc

  RtlUnwind

  GlobalFlags

  VirtualProtect

  TlsFree

  LocalReAlloc

  VirtualFree

  LCMapStringA

  IsBadWritePtr

  GetOEMCP

  GetStringTypeA

  GetCurrentDirectoryA

  GetUserDefaultLCID

  IsValidLocale

  SetEnvironmentVariableA

  GetFileInformationByHandle

  InterlockedDecrement

  GlobalSize

  InterlockedExchange

  GetACP

  GetLocaleInfoA

  FindClose

  GetTimeZoneInformation

  MulDiv

  GetSystemDirectoryA

  CompareStringA

  LocalAlloc

  LocalLock

  LocalUnlock

  SetThreadPriority

  FreeResource

  QueryPerformanceFrequency

  QueryPerformanceCounter

  GetOverlappedResult

  GetProcessHeap

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GlobalHandle

  GlobalReAlloc

  GetCurrentThread

  lstrcmpiA

  IsBadReadPtr

  TerminateThread

  Beep

  SetLastError

  IsBadCodePtr

  LocalFree

  InterlockedIncrement

  SetUnhandledExceptionFilter

  GetCurrentProcessId

  ExitProcess

  ResumeThread

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetThreadLocale

  SetThreadLocale

  GlobalFree

  SetConsoleCtrlHandler

  GetCurrentProcess

  RaiseException

  GetFileSize

  Sleep

  LoadResource

  LockResource

  SizeofResource

  EnumResourceLanguagesW

  GlobalDeleteAtom

  GetFileTime

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  DuplicateHandle

  UnlockFile

  LockFile

  FlushFileBuffers

  SuspendThread

  lstrcmpA

  SetEndOfFile

  user32

  GetNextDlgGroupItem

  MessageBoxA

  SendNotifyMessageA

  CloseClipboard

  OpenClipboard

  SetClipboardData

  EmptyClipboard

  LoadMenuA

  PostMessageA

  SetCapture

  GetClientRect

  ReleaseCapture

  InvalidateRect

  DrawFocusRect

  EnableWindow

  GetSubMenu

  GrayStringA

  SetWindowRgn

  LoadBitmapA

  GetMenuStringA

  GetMenuItemID

  GetMenuState

  ModifyMenuA

  GetMenuItemCount

  AppendMenuA

  GetSystemMetrics

  GetDC

  DrawTextA

  ReleaseDC

  SystemParametersInfoA

  GetSysColor

  GetCursorPos

  SetScrollPos

  EqualRect

  SetScrollRange

  IsWindowVisible

  GetClassInfoA

  DefWindowProcA

  SetWindowLongA

  LoadCursorA

  ShowWindow

  wsprintfA

  KillTimer

  PeekMessageA

  TranslateMessage

  DispatchMessageA

  IsIconic

  DrawIcon

  GetSystemMenu

  SetTimer

  LoadIconA

  SetWindowTextA

  GetMessagePos

  PtInRect

  GetCapture

  DrawFrameControl

  IsWindow

  RedrawWindow

  GetParent

  InflateRect

  OffsetRect

  GetWindowRect

  ClientToScreen

  WindowFromPoint

  GetActiveWindow

  SetCursor

  GetNextDlgTabItem

  IsMenu

  SendMessageA

  TabbedTextOutA

  GetWindowLongA

  CopyRect

  FillRect

  DrawEdge

  SetRect

  GetKeyState

  FrameRect

  EndDeferWindowPos

  GetProcessDefaultLayout

  DdeClientTransaction

  WINNLSGetIMEHotkey

  UpdateWindow

  CreatePopupMenu

  CreateIconIndirect

  GetDlgItem

  DestroyWindow

  DestroyMenu

  DestroyCursor

  SetWindowPos

  MapWindowPoints

  ScreenToClient

  SetForegroundWindow

  GetWindow

  GetFocus

  LockWindowUpdate

  GetDCEx

  DeleteMenu

  SetParent

  UnpackDDElParam

  ReuseDDElParam

  SetMenu

  InvalidateRgn

  SetWindowContextHelpId

  MapDialogRect

  EndDialog

  ShowOwnedPopups

  IsWindowEnabled

  IsDlgButtonChecked

  SetDlgItemInt

  GetDlgItemInt

  GetDesktopWindow

  GetClassNameA

  GetIconInfo

  ExitWindowsEx

  IsRectEmpty

  UnhookWindowsHookEx

  CallNextHookEx

  EnumWindows

  CheckRadioButton

  SendDlgItemMessageA

  GetForegroundWindow

  GetTopWindow

  GetMessageTime

  DestroyIcon

  GetAsyncKeyState

  ScrollDC

  IsChild

  ChildWindowFromPointEx

  SubtractRect

  UnionRect

  GetLastActivePopup

  WaitMessage

  PostQuitMessage

  CheckDlgButton

  SetFocus

  MoveWindow

  BeginPaint

  EndPaint

  GetDialogBaseUnits

  GetWindowRgn

  ShowCursor

  BeginDeferWindowPos

  DeferWindowPos

  SetRectEmpty

  GetWindowTextA

  SetDlgItemTextA

  ScrollWindow

  CheckMenuRadioItem

  AdjustWindowRectEx

  CopyIcon

  ShowScrollBar

  DrawIconEx

  CopyImage

  SetMenuDefaultItem

  MessageBeep

  FlashWindow

  SetActiveWindow

  BringWindowToTop

  RemoveMenu

  EnableMenuItem

  CheckMenuItem

  CreateMenu

  IntersectRect

  GetDoubleClickTime

  GetSysColorBrush

  GetWindowDC

  GetMenu

  GetScrollInfo

  IsZoomed

  ValidateRect

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  GetWindowPlacement

  GetDlgCtrlID

  SetWindowPlacement

  SetScrollInfo

  GetScrollPos

  GetScrollRange

  TrackPopupMenu

  GetListBoxInfo

  CharNextA

  IsCharAlphaW

  InSendMessage

  GetWindowContextHelpId

  IsCharAlphaNumericA

  VkKeyScanW

  IsCharUpperA

  CloseWindowStation

  CharNextW

  gdi32

  GdiSetServerAttr

  CreateEllipticRgn

  GetFontAssocStatus

  GetEnhMetaFileBits

  GetCharWidthI

  GetTextCharsetInfo

  EngUnicodeToMultiByteN

  GetCharacterPlacementW

  PlgBlt

  BeginPath

  EngStretchBltROP

  GdiConvertBrush

  CreateRoundRectRgn

  SetSystemPaletteUse

  EngGetCurrentCodePage

  GetEnhMetaFileHeader

  RectInRegion

  STROBJ_dwGetCodePage

  EngDeleteSemaphore

  EngDeletePalette

  SelectBrushLocal

  GetStringBitmapA

  GetDeviceGammaRamp

  GetDCPenColor

  SetICMProfileA

  GdiGetPageHandle

  SetPixelV

  SetBoundsRect

  GetBitmapDimensionEx

  SetBitmapDimensionEx

  SetBkMode

  CombineRgn

  GetWindowOrgEx

  GetViewportOrgEx

  CreateRectRgn

  Escape

  RectVisible

  PtVisible

  GetWindowExtEx

  GetViewportExtEx

  GetMapMode

  GetBkColor

  GetBitmapBits

  SetBitmapBits

  CreateDIBSection

  SetDIBColorTable

  GdiFlush

  CreateRectRgnIndirect

  Rectangle

  RealizePalette

  CreatePalette

  Ellipse

  LPtoDP

  GetRgnBox

  SelectPalette

  CreatePatternBrush

  ScaleWindowExtEx

  SetWindowExtEx

  SetWindowOrgEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectClipRgn

  MoveToEx

  LineTo

  IntersectClipRect

  ExcludeClipRect

  SetMapMode

  SetROP2

  SetPolyFillMode

  CreatePolygonRgn

  FillRgn

  OffsetRgn

  SetRectRgn

  SaveDC

  GetClipBox

  ExtSelectClipRgn

  SetStretchBltMode

  SetDIBitsToDevice

  RestoreDC

  GetDIBits

  PatBlt

  CreatePen

  CreateSolidBrush

  Polygon

  SetTextAlign

  GetTextColor

  CreateCompatibleBitmap

  GetPixel

  SetPixel

  CreateCompatibleDC

  SelectObject

  SetBkColor

  BitBlt

  SetTextColor

  DeleteDC

  GetStockObject

  DPtoLP

  GetDeviceCaps

  CreateBitmap

  CreateBrushIndirect

  DeleteObject

  GetStretchBltMode

  DeleteMetaFile

  CreateMetaFileA

  StrokePath

  EndDoc

  CreateMetaFileW

  AbortPath

  CloseMetaFile

  GetLayout

  UpdateColors

  advapi32

  RegQueryValueExA

  RegOpenKeyExA

  RegSetValueExA

  RegCreateKeyExA

  RegCloseKey

  CryptAcquireContextA

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  OpenProcessToken

  CryptReleaseContext

  CryptGenRandom

  RegOpenKeyA

  GetUserNameA

  shell32

  SHGetPathFromIDListA

  SHBrowseForFolderA

  SHGetDesktopFolder

  SHGetMalloc

  ShellExecuteA

  ShellExecuteExA

  DragFinish

  SHAppBarMessage

  ole32

  CoCreateInstance

  CoTaskMemFree

  StgOpenStorage

  CoTaskMemAlloc

  OleSetContainedObject

  OleCreateStaticFromData

  StgCreateDocfileOnILockBytes

  CreateILockBytesOnHGlobal

  ReleaseStgMedium

  OleDuplicateData

  CoInitialize

  CLSIDFromProgID

  CLSIDFromString

  OleUninitialize

  CoFreeUnusedLibraries

  OleInitialize

  RegisterDragDrop

  CoLockObjectExternal

  RevokeDragDrop

  OleGetClipboard

  CoGetClassObject

  StgOpenStorageOnILockBytes

  CoRevokeClassObject

  OleIsCurrentClipboard

  OleFlushClipboard

  CoRegisterMessageFilter

  CoInitializeSecurity

  CoUninitialize

  CreateStreamOnHGlobal

  shlwapi

  PathFileExistsW

  PathRenameExtensionW

  PathRemoveFileSpecW

  PathIsRelativeW

  PathRemoveExtensionW

  PathFindExtensionW

  PathFindFileNameW

  PathRemoveBackslashW

  PathAddBackslashW

  PathIsURLW

  PathCanonicalizeW

  PathBuildRootW

  PathStripToRootW

  PathStripPathW

  PathGetDriveNumberW

  PathGetArgsW

  PathIsRootW

  PathCombineW

  PathIsUNCW

  UrlUnescapeW

  PathMatchSpecW

  comctl32

  ImageList_Draw

  ImageList_GetImageCount

  ImageList_AddMasked

  _TrackMouseEvent

  ImageList_GetImageInfo

  ImageList_Remove

  ImageList_Create

  ImageList_DragLeave

  ImageList_DragEnter

  ImageList_DragShowNolock

  ImageList_DragMove

  ImageList_EndDrag

  ImageList_BeginDrag

  CreatePropertySheetPageW

  DestroyPropertySheetPage

  ImageList_Destroy

  ImageList_GetIconSize

  ImageList_GetIcon

  ImageList_SetOverlayImage

  ImageList_DrawEx

  ImageList_ReplaceIcon

  ImageList_Add

  ImageList_LoadImageW

  PropertySheetW

  ImageList_SetBkColor

  Sections

  .text

  Size: 101KB - Virtual size: 101KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 776KB - Virtual size: 775KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ