General

Malware Config

Signatures

Files

• 2d7ca819ec6f390dbb728996e23b6d14eb241de2bef5220062eccbdefa0496da

  .exe windows x86

  e2a04b8d2d60f22439d8e80c57edf777

  
  

  Code Sign

  6d:c4:ba:1b:ea:24:d2:a7:45:23:6d:fa:48:cf:89:8a

  Certificate

  Issuer

  CN=JWDQGURU

  Not Before

  02-04-2019 11:14

  Not After

  31-12-2039 23:59

  Subject

  CN=JWDQGURU

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  80:90:0a:5d:b9:0b:2d:99:66:dd:2c:11:e6:59:21:63:06:2b:b5:5f:83:95:21:0f:91:34:ba:84:ea:27:c5:68

  Signer

  Actual PE Digest

  80:90:0a:5d:b9:0b:2d:99:66:dd:2c:11:e6:59:21:63:06:2b:b5:5f:83:95:21:0f:91:34:ba:84:ea:27:c5:68

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=JWDQGURU

  02-04-2019 16:41

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateFileW

  CreateMutexA

  CreateMutexW

  CreateProcessA

  CreateProcessW

  CreateThread

  CreateToolhelp32Snapshot

  DecodePointer

  DeleteAtom

  DeleteCriticalSection

  DeleteFileA

  DeleteFileW

  DeviceIoControl

  DuplicateHandle

  EncodePointer

  EnterCriticalSection

  EnumResourceLanguagesA

  EnumResourceLanguagesW

  EnumSystemLocalesA

  ExitProcess

  ExitThread

  ExpandEnvironmentStringsA

  FatalAppExitA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindAtomW

  FindClose

  FindFirstFileA

  FindFirstFileW

  FindNextFileA

  FindResourceA

  FindResourceExW

  FindResourceW

  FlushFileBuffers

  FormatMessageA

  FormatMessageW

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  FreeLibrary

  FreeResource

  GetACP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  GetComputerNameA

  GetComputerNameExW

  GetComputerNameW

  GetConsoleCP

  GetConsoleMode

  GetConsoleOutputCP

  GetCurrentDirectoryA

  GetCurrentDirectoryW

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetDateFormatA

  GetDateFormatW

  GetDriveTypeA

  GetEnvironmentStrings

  GetEnvironmentStringsW

  GetEnvironmentVariableA

  GetEnvironmentVariableW

  GetExitCodeProcess

  GetFileAttributesA

  GetFileAttributesExA

  GetFileAttributesExW

  GetFileAttributesW

  GetFileInformationByHandle

  GetFileSize

  GetFileSizeEx

  GetFileTime

  GetFileType

  GetFullPathNameA

  GetFullPathNameW

  GetLastError

  GetLocalTime

  GetLocaleInfoA

  GetLocaleInfoW

  GetLongPathNameA

  GetLongPathNameW

  GetModuleFileNameA

  GetModuleFileNameW

  GetModuleHandleExW

  GetModuleHandleW

  GetOEMCP

  GetPrivateProfileIntW

  GetPrivateProfileStringA

  GetPrivateProfileStringW

  GetProcessHeap

  GetProcessTimes

  GetProfileIntA

  GetShortPathNameW

  GetStartupInfoA

  GetStartupInfoW

  GetStdHandle

  GetStringTypeA

  GetStringTypeExA

  GetStringTypeExW

  GetStringTypeW

  GetSystemDefaultUILanguage

  GetSystemDirectoryW

  GetSystemInfo

  GetSystemTime

  GetSystemTimeAsFileTime

  GetTempPathW

  GetThreadLocale

  GetTickCount

  GetTimeFormatA

  GetTimeFormatW

  GetTimeZoneInformation

  GetUserDefaultLCID

  GetUserDefaultUILanguage

  GetVersion

  GetVersionExA

  GetVersionExW

  GetVolumeInformationA

  CreateFileMappingA

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GlobalAddAtomA

  GlobalAddAtomW

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFindAtomA

  GlobalFindAtomW

  GlobalFlags

  GlobalFree

  GlobalGetAtomNameA

  GlobalHandle

  GlobalLock

  GlobalReAlloc

  GlobalSize

  GlobalUnlock

  HeapAlloc

  HeapCreate

  HeapDestroy

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsBadCodePtr

  IsBadReadPtr

  IsBadWritePtr

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  IsValidLocale

  LCMapStringA

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryExW

  LoadLibraryW

  LoadResource

  LocalAlloc

  LocalFileTimeToFileTime

  LocalFree

  LocalReAlloc

  LockFile

  LockResource

  MapViewOfFile

  MoveFileExA

  MoveFileW

  MulDiv

  MultiByteToWideChar

  OpenMutexW

  OpenProcess

  OpenThread

  OutputDebugStringA

  OutputDebugStringW

  Process32FirstW

  Process32NextW

  ProcessIdToSessionId

  QueryPerformanceCounter

  RaiseException

  ReadConsoleW

  ReadFile

  ReleaseMutex

  RemoveDirectoryA

  ResetEvent

  ResumeThread

  RtlUnwind

  SetConsoleCtrlHandler

  SetCurrentDirectoryA

  SetEndOfFile

  SetEnvironmentVariableA

  SetErrorMode

  SetEvent

  SetFileAttributesA

  SetFileAttributesW

  SetFilePointer

  SetFilePointerEx

  SetFileTime

  SetHandleCount

  SetLastError

  SetStdHandle

  SetThreadPriority

  SetUnhandledExceptionFilter

  SizeofResource

  Sleep

  SuspendThread

  SystemTimeToFileTime

  SystemTimeToTzSpecificLocalTime

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnlockFile

  UnmapViewOfFile

  VirtualAlloc

  VirtualFree

  VirtualProtect

  VirtualQuery

  WTSGetActiveConsoleSessionId

  WaitForMultipleObjects

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringA

  WritePrivateProfileStringW

  lstrcmpA

  lstrcmpW

  lstrcmpiW

  lstrcpyA

  lstrlenA

  lstrlenW

  CreateFileA

  CreateEventW

  CreateEventA

  CreateDirectoryA

  CopyFileA

  ConvertDefaultLocale

  CompareStringW

  CompareStringA

  CloseHandle

  AddAtomW

  AddAtomA

  VirtualAllocEx

  LoadLibraryA

  GetProcAddress

  GetVolumeInformationW

  GetModuleHandleA

  user32

  DeferWindowPos

  DestroyIcon

  DestroyMenu

  DestroyWindow

  DispatchMessageW

  DrawTextExW

  DrawTextW

  EnableMenuItem

  EnableWindow

  EndDeferWindowPos

  EndDialog

  EndPaint

  EqualRect

  FillRect

  GetActiveWindow

  GetCapture

  GetClassInfoExW

  GetClassInfoW

  GetClassLongW

  GetClassNameW

  GetClientRect

  GetCursorPos

  GetDC

  GetDCEx

  GetDesktopWindow

  GetDlgCtrlID

  GetDlgItem

  GetDlgItemInt

  GetDlgItemTextW

  GetFocus

  GetForegroundWindow

  GetKeyNameTextW

  GetKeyState

  GetLastActivePopup

  GetMenu

  GetMenuBarInfo

  GetMenuCheckMarkDimensions

  GetMenuItemCount

  GetMenuItemID

  GetMenuItemInfoW

  GetMenuState

  GetMenuStringW

  GetMessagePos

  GetMessageTime

  GetMessageW

  GetParent

  GetPropW

  GetScrollInfo

  GetScrollPos

  GetScrollRange

  GetSubMenu

  GetSysColor

  GetSysColorBrush

  GetSystemMenu

  GetSystemMetrics

  GetTopWindow

  GetWindow

  GetWindowDC

  GetWindowLongW

  GetWindowPlacement

  GetWindowRect

  GetWindowTextLengthW

  GetWindowTextW

  GetWindowThreadProcessId

  GrayStringW

  InflateRect

  InsertMenuItemW

  InsertMenuW

  IntersectRect

  IsChild

  IsDialogMessageW

  IsDlgButtonChecked

  IsIconic

  IsRectEmpty

  IsWindow

  IsWindowEnabled

  IsWindowVisible

  KillTimer

  LoadAcceleratorsW

  LoadBitmapW

  LoadCursorW

  LoadIconW

  LoadMenuW

  LoadStringW

  LockWindowUpdate

  MapVirtualKeyW

  MapWindowPoints

  MessageBoxW

  ModifyMenuW

  MoveWindow

  OffsetRect

  PeekMessageW

  PostMessageW

  PostQuitMessage

  PtInRect

  RegisterClassW

  RegisterWindowMessageW

  ReleaseCapture

  ReleaseDC

  RemoveMenu

  RemovePropW

  ReuseDDElParam

  ScreenToClient

  ScrollWindow

  ScrollWindowEx

  SendDlgItemMessageA

  SendDlgItemMessageW

  SendMessageW

  SetActiveWindow

  SetCapture

  SetDlgItemInt

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetMenu

  SetMenuItemBitmaps

  SetParent

  SetPropW

  SetRect

  SetScrollInfo

  SetScrollPos

  SetScrollRange

  SetTimer

  SetWindowLongW

  SetWindowPlacement

  SetWindowPos

  SetWindowTextW

  SetWindowsHookExW

  ShowScrollBar

  ShowWindow

  SystemParametersInfoA

  SystemParametersInfoW

  TabbedTextOutW

  TrackPopupMenu

  TrackPopupMenuEx

  TranslateMessage

  UnhookWindowsHookEx

  UnionRect

  UnpackDDElParam

  UnregisterClassW

  UpdateWindow

  ValidateRect

  WinHelpW

  WindowFromPoint

  wsprintfW

  CreateWindowExW

  CreatePopupMenu

  CopyRect

  ClientToScreen

  CheckRadioButton

  CheckMenuItem

  CheckDlgButton

  CharUpperW

  CallWindowProcW

  CallNextHookEx

  BringWindowToTop

  BeginPaint

  BeginDeferWindowPos

  AppendMenuW

  AdjustWindowRectEx

  DefWindowProcW

  gdi32

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateFontIndirectW

  CreateSolidBrush

  DeleteDC

  DeleteObject

  ExtTextOutW

  GetDeviceCaps

  GetObjectW

  GetStockObject

  SelectObject

  SetBkColor

  SetBkMode

  SetViewportOrgEx

  BitBlt

  Sections

  .text

  Size: 72KB - Virtual size: 71KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 792B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 50KB - Virtual size: 50KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ