4fbfd5e36d68ac9088f4b93b8cebd505eaa9945f26e6c5ad30e059053e1fc011

Sharing

Copy URL

Twitter E-mail

General

Target

4fbfd5e36d68ac9088f4b93b8cebd505eaa9945f26e6c5ad30e059053e1fc011
Size

1.5MB
MD5

281807e988abfa257ae2d9d19a393bf2
SHA1

e6ec78c8676eb520f7f38f70efae980c57273468
SHA256

4fbfd5e36d68ac9088f4b93b8cebd505eaa9945f26e6c5ad30e059053e1fc011
SHA512

ef584226d7249ecb20accfaef20aab55ae2f88208b4fba0cc51918c7edba647f605a770695f95b877ed4d6e44d242f34389a39d46481c79e659f2d0ca16ed30c
SSDEEP

24576:3JSlxEJLbyy1BEEmuOdScyLmYBSnMVJKg3WtDI7S5Sb:3JSlR8OdSPL4n6Isq07x

Score

N/A

Malware Config

Signatures

Files

4fbfd5e36d68ac9088f4b93b8cebd505eaa9945f26e6c5ad30e059053e1fc011
.exe windows x86

89dbba64dd91c564f92ae206b6fa0aa5

Code Sign

67:8d:b6:df:46:d9:2e:be:49:1c:ba:05:88:ca:b9:67
Certificate

Issuer

CN=WTJYUVUA

Not Before

22-01-2019 11:18

Not After

31-12-2039 23:59

Subject

CN=WTJYUVUA

Extended Key Usages

ExtKeyUsageCodeSigning

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e3:c5:c5:c4:2b:f4:b6:11:0e:e3:35:ff:b9:b8:d8:79:6a:05:97:d6
Signer

Actual PE Digest

e3:c5:c5:c4:2b:f4:b6:11:0e:e3:35:ff:b9:b8:d8:79:6a:05:97:d6

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=WTJYUVUA

28-01-2019 12:06
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
SetLastError
WideCharToMultiByte
DeleteCriticalSection
WaitForSingleObject
TerminateThread
GetVersion
GlobalAlloc
lstrcpyA
InitializeCriticalSection
CreateThread
GetProcAddress
EnterCriticalSection
Sleep
VirtualAlloc
GetModuleHandleA

user32

SetFocus
GetParent
GetClassNameW
WindowFromPoint
ScreenToClient
GetMessagePos
GetNextDlgTabItem
GetDC
ScrollWindowEx
UnregisterClassW
RedrawWindow
RegisterClassExW
CallWindowProcW
DestroyWindow
CreateWindowExW
DefDlgProcW
TrackPopupMenu
SetMenuDefaultItem
GetMenuState
CheckMenuItem
CreatePopupMenu
SetMenuItemInfoW
DeleteMenu
DestroyMenu
InsertMenuItemW
GetMenuItemCount
GetKeyboardLayout
EmptyClipboard
SetClipboardData
OpenClipboard
CloseClipboard
CreateMenu
SetMenu
GetDlgItem
DialogBoxParamW
IsDialogMessageW
CreateDialogParamW
EndDialog
DestroyIcon
SetWindowTextW
EnumChildWindows
SetParent
CreateIconIndirect
GetWindowDC
DefWindowProcW
IsIconic
IsWindowVisible
CallNextHookEx
FrameRect
SetWindowsHookExW
GetAsyncKeyState
ToAsciiEx
GetComboBoxInfo
VkKeyScanExA
VkKeyScanExW
GetKeyboardLayoutList
keybd_event
MapVirtualKeyW
IsRectEmpty
ChangeDisplaySettingsW
EnumDisplaySettingsW
MsgWaitForMultipleObjects
PeekMessageW
GetDesktopWindow
GetSystemMenu
EnableMenuItem
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowPlacement
ClientToScreen
SetCapture
SetCursor
SetForegroundWindow
ShowWindow
EnableWindow
LoadIconW
GetWindowTextLengthW
GetWindowTextW
GetKeyState
GetClipboardData
InvalidateRect
SetWindowPos
GetCursorPos
AdjustWindowRectEx
OffsetRect
SystemParametersInfoW
GetSystemMetrics
SetScrollInfo
GetScrollInfo
EndPaint
BeginPaint
ReleaseDC
FillRect
DrawTextW
InflateRect
DrawFrameControl
UnhookWindowsHookEx
DrawFocusRect
SendMessageW
GetAncestor
IsChild
GetWindowRect
GetFocus
GetSysColorBrush
GetClientRect
IsWindowEnabled
GetWindowLongW
GetDlgCtrlID
ToUnicodeEx
ReleaseCapture
GetSysColor
PostMessageW
SetWindowLongW
MapWindowPoints
OemKeyScan
GetActiveWindow
GetOpenClipboardWindow
AnyPopup
GetCaretBlinkTime
CopyIcon
IsCharAlphaNumericA
ShowCaret
GetThreadDesktop
VkKeyScanA
GetForegroundWindow
CloseWindow
GetQueueStatus
GetMenuContextHelpId
DestroyCursor
GetInputState
GetClipboardSequenceNumber

gdi32

PtVisible
ExtTextOutA
Escape
RectVisible
GetMapMode
DPtoLP
GetBkColor
LPtoDP
GetTextColor
CreateDIBitmap
CreateFontA
SetTextAlign
GetPixel
TextOutW
StrokeAndFillPath
CreateHatchBrush
SetBkMode
CreatePen
GetTextExtentPoint32A
BeginPath
EndPath
StrokePath
GetCharWidthA
GetCurrentObject
CreateFontIndirectA
TextOutA
PatBlt
GetObjectA
CreateCompatibleBitmap
SetBkColor
SetTextColor
CreateBitmap
SetStretchBltMode
StretchBlt
CreateCompatibleDC
SelectObject
SelectClipRgn
CreateSolidBrush
CreatePolygonRgn
GetTextExtentPointA
SetMapMode
ExtTextOutW
DeleteObject
GetDeviceCaps
CreateBrushIndirect
GetEnhMetaFileW
PathToRegion
GdiFlush
CloseEnhMetaFile
GetColorSpace
AddFontResourceA
CloseFigure
GetTextCharset
CreateMetaFileA
CancelDC

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExW

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
DragFinish
SHGetFileInfoA
DragQueryFileA

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89dbba64dd91c564f92ae206b6fa0aa5

Code Sign

67:8d:b6:df:46:d9:2e:be:49:1c:ba:05:88:ca:b9:67Certificate

Extended Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

e3:c5:c5:c4:2b:f4:b6:11:0e:e3:35:ff:b9:b8:d8:79:6a:05:97:d6Signer

Signature Validations

Verification

28-01-2019 12:06 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 58KB - Virtual size: 613KB

67:8d:b6:df:46:d9:2e:be:49:1c:ba:05:88:ca:b9:67
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

e3:c5:c5:c4:2b:f4:b6:11:0e:e3:35:ff:b9:b8:d8:79:6a:05:97:d6
Signer

28-01-2019 12:06
Valid: false

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 58KB - Virtual size: 613KB