General

Malware Config

Signatures

Files

• dd1690bbc16c2b44da6f2291e14ab3635f90291a34109744a05e2c82489b3555

  .exe windows x86

  a98ad605249474add05fdbb9f0e6c881

  
  

  Code Sign

  25:f4:d6:68:11:17:cc:99:45:81:7b:76:86:d2:93:3a

  Certificate

  Issuer

  CN=NNPPQTYSRVWDCFFNYK

  Not Before

  06-06-2019 10:36

  Not After

  31-12-2039 23:59

  Subject

  CN=NNPPQTYSRVWDCFFNYK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b

  Certificate

  Issuer

  CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

  Not Before

  07-06-2005 08:09

  Not After

  30-05-2020 10:48

  Subject

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  27-04-2011 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49

  Certificate

  Issuer

  CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  02-05-2019 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  ad:32:31:4e:5c:f2:c0:6e:2a:f9:cd:cc:69:4b:1a:f0:d6:40:12:69

  Signer

  Actual PE Digest

  ad:32:31:4e:5c:f2:c0:6e:2a:f9:cd:cc:69:4b:1a:f0:d6:40:12:69

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=NNPPQTYSRVWDCFFNYK

  17-07-2019 02:11

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  QueryPerformanceCounter

  RaiseException

  ReadConsoleOutputCharacterW

  ReadConsoleW

  ReadFile

  RemoveDirectoryW

  ResetEvent

  ResumeThread

  RtlMoveMemory

  RtlUnwind

  SearchPathW

  SetConsoleCursorPosition

  SetConsoleMode

  SetConsoleTitleW

  SetCurrentDirectoryW

  SetEndOfFile

  SetEnvironmentVariableW

  SetErrorMode

  SetEvent

  SetFilePointer

  SetFilePointerEx

  SetLastError

  SetLocaleInfoW

  SetMailslotInfo

  SetNamedPipeHandleState

  SetThreadExecutionState

  SetThreadLocale

  SetThreadPriority

  SetUnhandledExceptionFilter

  SetVolumeMountPointW

  SizeofResource

  Sleep

  SwitchToThread

  SystemTimeToFileTime

  QueryDosDeviceW

  TerminateThread

  TlsAlloc

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UpdateResourceW

  VerSetConditionMask

  VerifyVersionInfoW

  VirtualFree

  VirtualProtect

  VirtualQuery

  WaitForMultipleObjects

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  WritePrivateProfileSectionW

  WritePrivateProfileStringA

  WritePrivateProfileStringW

  _hwrite

  lstrcatA

  lstrcatW

  lstrcmpA

  lstrcmpW

  lstrcmpiA

  lstrcmpiW

  lstrcpyA

  lstrcpyW

  lstrcpynA

  lstrcpynW

  lstrlenA

  lstrlenW

  PurgeComm

  OutputDebugStringW

  OutputDebugStringA

  OpenSemaphoreA

  OpenProcess

  OpenJobObjectA

  OpenEventW

  MultiByteToWideChar

  MulDiv

  MoveFileW

  LockResource

  LocalUnlock

  LocalReAlloc

  LocalFree

  LocalAlloc

  LoadResource

  LoadLibraryW

  LoadLibraryExA

  LeaveCriticalSection

  LCMapStringA

  IsValidLocale

  IsValidCodePage

  IsDBCSLeadByte

  IsBadWritePtr

  IsBadStringPtrW

  IsBadReadPtr

  IsBadCodePtr

  InterlockedIncrement

  InterlockedExchangeAdd

  InterlockedExchange

  InterlockedDecrement

  InterlockedCompareExchange

  InitializeCriticalSection

  HeapSetInformation

  HeapFree

  HeapAlloc

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalLock

  GlobalHandle

  GlobalGetAtomNameW

  GlobalFree

  GlobalFindAtomA

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GlobalAddAtomA

  GetWindowsDirectoryW

  GetWindowsDirectoryA

  GetVolumePathNamesForVolumeNameW

  GetVolumePathNameW

  GetVolumeNameForVolumeMountPointW

  GetVolumeInformationW

  GetVersionExW

  GetVersionExA

  GetVersion

  GetUserDefaultLangID

  GetUserDefaultLCID

  GetTimeFormatW

  GetTimeFormatA

  GetTickCount

  GetThreadLocale

  GetTempPathW

  GetTempPathA

  GetTempFileNameW

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDirectoryA

  GetSystemDefaultLangID

  GetStringTypeW

  GetStringTypeExA

  GetStringTypeA

  GetStdHandle

  GetStartupInfoW

  GetStartupInfoA

  GetProcessTimes

  GetProcessHeap

  GetPrivateProfileStringW

  GetPrivateProfileStringA

  GetPrivateProfileSectionW

  GetPrivateProfileIntW

  GetPriorityClass

  GetOEMCP

  GetModuleHandleA

  GetModuleFileNameW

  GetModuleFileNameA

  GetLongPathNameW

  GetLogicalDriveStringsW

  GetLogicalDriveStringsA

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetFullPathNameA

  GetFileSize

  GetFileAttributesW

  GetFileAttributesExW

  GetFileAttributesA

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableW

  GetDriveTypeW

  GetDiskFreeSpaceA

  GetDevicePowerState

  GetDateFormatA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetCurrentDirectoryW

  GetCurrentDirectoryA

  GetConsoleScreenBufferInfo

  GetConsoleMode

  GetConsoleCursorInfo

  GetConsoleAliasA

  GetComputerNameW

  GetComputerNameExW

  GetCompressedFileSizeA

  GetCommandLineA

  GetCPInfo

  GetACP

  FreeResource

  FreeLibrary

  FormatMessageW

  GetProcAddress

  FormatMessageA

  FindVolumeClose

  FindResourceW

  FindResourceA

  FindNextVolumeW

  FindNextFileW

  FindNextChangeNotification

  FindFirstVolumeW

  FindFirstVolumeMountPointA

  FindFirstFileW

  FindFirstFileA

  FindFirstChangeNotificationW

  FindFirstChangeNotificationA

  FindCloseChangeNotification

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  ExitThread

  ExitProcess

  EnumSystemCodePagesA

  EnumCalendarInfoA

  EnterCriticalSection

  DeviceIoControl

  DeleteVolumeMountPointW

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  DefineDosDeviceW

  CreateThread

  CreateSemaphoreW

  CreateProcessW

  CreateMutexW

  CreateMutexA

  CreateFileW

  CreateFileA

  CreateEventW

  CreateEventA

  CreateDirectoryW

  CopyFileW

  CopyFileExA

  CompareStringW

  CompareStringA

  CompareFileTime

  CommConfigDialogW

  CloseHandle

  AddConsoleAliasA

  VirtualAlloc

  GetModuleHandleW

  LoadLibraryA

  TerminateProcess

  user32

  IsWindow

  IsWindowVisible

  IsZoomed

  KillTimer

  LoadBitmapA

  LoadBitmapW

  LoadCursorA

  LoadIconA

  LoadIconW

  LoadImageA

  LoadImageW

  LoadKeyboardLayoutA

  LoadMenuW

  LoadStringA

  LoadStringW

  LockWindowUpdate

  LockWorkStation

  MapVirtualKeyA

  MapWindowPoints

  MessageBeep

  MessageBoxA

  MessageBoxW

  ModifyMenuA

  ModifyMenuW

  MonitorFromWindow

  MoveWindow

  MsgWaitForMultipleObjects

  OemToCharA

  OemToCharW

  OffsetRect

  OpenClipboard

  PeekMessageA

  PostMessageA

  PostMessageW

  PostQuitMessage

  PostThreadMessageW

  PtInRect

  RealChildWindowFromPoint

  RealGetWindowClassA

  RedrawWindow

  RegisterClassA

  RegisterClassExW

  RegisterClassW

  RegisterClipboardFormatA

  RegisterClipboardFormatW

  RegisterDeviceNotificationA

  RegisterDeviceNotificationW

  RegisterWindowMessageA

  RegisterWindowMessageW

  ReleaseCapture

  ReleaseDC

  RemoveMenu

  RemovePropA

  RemovePropW

  ScreenToClient

  ScrollWindow

  ScrollWindowEx

  SendDlgItemMessageW

  SendInput

  SendMessageA

  SendMessageW

  SendNotifyMessageA

  SetActiveWindow

  SetCapture

  SetCaretPos

  SetClassLongA

  SetClipboardData

  SetClipboardViewer

  SetCursor

  SetDlgItemInt

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetKeyboardState

  SetMenu

  SetMenuItemInfoA

  SetMenuItemInfoW

  SetParent

  SetPropA

  SetPropW

  SetRect

  SetRectEmpty

  SetScrollInfo

  SetScrollPos

  SetScrollRange

  SetTimer

  SetWindowLongA

  SetWindowLongW

  SetWindowPlacement

  SetWindowPos

  SetWindowRgn

  SetWindowTextA

  SetWindowTextW

  SetWindowsHookExA

  SetWindowsHookExW

  ShowCaret

  ShowCursor

  ShowOwnedPopups

  ShowScrollBar

  ShowWindow

  SubtractRect

  SystemParametersInfoA

  SystemParametersInfoW

  TabbedTextOutA

  ToAscii

  ToAsciiEx

  TrackMouseEvent

  TrackPopupMenu

  TranslateAcceleratorA

  TranslateAcceleratorW

  TranslateMDISysAccel

  TranslateMessage

  UnhookWindowsHookEx

  UnregisterClassA

  UnregisterClassW

  UpdateWindow

  ValidateRect

  WaitMessage

  WinHelpA

  WinHelpW

  WindowFromDC

  WindowFromPoint

  mouse_event

  wsprintfA

  wsprintfW

  IsDialogMessageW

  IsDialogMessageA

  IsChild

  IsCharAlphaA

  InvalidateRgn

  InvalidateRect

  IntersectRect

  InsertMenuW

  InsertMenuItemW

  InsertMenuItemA

  InsertMenuA

  InflateRect

  InSendMessageEx

  IMPSetIMEA

  IMPQueryIMEA

  HideCaret

  GetWindowThreadProcessId

  GetWindowTextW

  GetWindowTextLengthW

  GetWindowTextA

  GetWindowRgn

  GetWindowRect

  IsRectEmpty

  GetWindowLongW

  GetWindowLongA

  GetWindowDC

  GetWindow

  GetTopWindow

  GetTabbedTextExtentA

  GetSystemMetrics

  GetSystemMenu

  GetSysColorBrush

  GetSysColor

  GetSubMenu

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetQueueStatus

  GetPropW

  GetPropA

  GetMouseMovePointsEx

  GetMonitorInfoW

  GetMessageW

  GetMessageA

  GetMenuStringW

  GetMenuStringA

  GetMenuState

  GetMenuItemInfoA

  GetMenuItemID

  GetMenuItemCount

  GetMenuDefaultItem

  GetMenu

  GetKeyboardType

  GetKeyboardState

  GetKeyboardLayoutList

  GetKeyboardLayout

  GetKeyState

  GetKeyNameTextA

  GetIconInfo

  GetFocus

  GetDoubleClickTime

  GetDlgItemTextW

  GetDlgItemInt

  GetDlgItem

  GetDesktopWindow

  GetDCEx

  GetDC

  GetCursorPos

  GetCursor

  GetClipboardData

  GetClientRect

  GetClassNameW

  GetClassNameA

  GetClassInfoExW

  GetClassInfoA

  GetCaretPos

  GetCapture

  FrameRect

  FlashWindowEx

  FindWindowW

  FindWindowA

  FillRect

  ExitWindowsEx

  ExcludeUpdateRgn

  EqualRect

  EnumWindows

  EnumThreadWindows

  EndPaint

  EndDialog

  EndDeferWindowPos

  EnableWindow

  EnableScrollBar

  EnableMenuItem

  EmptyClipboard

  DrawTextW

  DrawTextExW

  DrawTextExA

  DrawTextA

  DrawMenuBar

  DrawIconEx

  DrawIcon

  DrawFrameControl

  DrawFocusRect

  DrawEdge

  DrawCaption

  DragDetect

  DispatchMessageW

  DispatchMessageA

  DialogBoxParamW

  DialogBoxIndirectParamW

  DestroyWindow

  DestroyMenu

  DestroyIcon

  DestroyCaret

  DestroyAcceleratorTable

  DeleteMenu

  DeferWindowPos

  DefWindowProcW

  DefWindowProcA

  DefMDIChildProcA

  DefFrameProcA

  DdeQueryNextServer

  DdeFreeDataHandle

  DdeCmpStringHandles

  CreateWindowExW

  CreateWindowExA

  CreatePopupMenu

  CreateIcon

  CreateDialogParamW

  CreateDialogIndirectParamW

  CreateCursor

  CreateCaret

  CreateAcceleratorTableW

  CopyImage

  CloseClipboard

  ClientToScreen

  CheckMenuRadioItem

  CheckMenuItem

  CheckDlgButton

  CharUpperW

  CharUpperBuffA

  CharUpperA

  CharToOemW

  CharToOemA

  CharPrevExA

  CharNextW

  CharNextA

  CharLowerW

  CharLowerBuffA

  CharLowerA

  ChangeClipboardChain

  CallWindowProcW

  CallWindowProcA

  CallNextHookEx

  BringWindowToTop

  BeginPaint

  BeginDeferWindowPos

  AppendMenuW

  AdjustWindowRectEx

  ActivateKeyboardLayout

  LoadCursorW

  GetForegroundWindow

  GetActiveWindow

  EnumClipboardFormats

  GetMessagePos

  IsClipboardFormatAvailable

  GetOpenClipboardWindow

  IsGUIThread

  GetAsyncKeyState

  GetListBoxInfo

  GetDlgCtrlID

  IsIconic

  GetWindowPlacement

  IsDlgButtonChecked

  GetParent

  IsCharAlphaNumericA

  InSendMessage

  CloseWindowStation

  IsWindowEnabled

  CreateMenu

  DestroyCursor

  GetLastActivePopup

  gdi32

  CopyEnhMetaFileA

  CopyEnhMetaFileW

  CreateBitmap

  CreateBrushIndirect

  CreateColorSpaceW

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateDCW

  CreateDIBSection

  CreateDIBitmap

  CreateEllipticRgn

  CreateFontA

  CreateFontIndirectA

  CreateFontIndirectW

  CreateFontW

  CreateHalftonePalette

  CreatePalette

  CreatePen

  CreatePenIndirect

  CreatePolygonRgn

  CreateRectRgn

  CreateRectRgnIndirect

  CreateRoundRectRgn

  CreateSolidBrush

  DeleteDC

  DeleteEnhMetaFile

  DeleteObject

  DescribePixelFormat

  Ellipse

  EnableEUDC

  EndDoc

  EndFormPage

  EndPath

  EngCheckAbort

  EngCreateSemaphore

  EngPaint

  EqualRgn

  ExcludeClipRect

  ExtTextOutA

  ExtTextOutW

  FillPath

  FillRgn

  FrameRgn

  GdiGetCodePage

  GdiGetSpoolFileHandle

  GdiIsPlayMetafileDC

  GetAspectRatioFilterEx

  GetBitmapBits

  GetBrushOrgEx

  GetCharWidthA

  GetClipBox

  GetClipRgn

  GetCurrentObject

  GetCurrentPositionEx

  GetDCOrgEx

  GetDIBColorTable

  GetDIBits

  GetDeviceCaps

  GetEnhMetaFileBits

  GetEnhMetaFileHeader

  GetEnhMetaFilePaletteEntries

  GetGlyphIndicesA

  GetKerningPairsW

  GetNearestColor

  GetNearestPaletteIndex

  GetObjectA

  GetObjectType

  GetObjectW

  GetPaletteEntries

  CombineRgn

  GetRgnBox

  GetStockObject

  GetSystemPaletteEntries

  GetTextAlign

  GetTextColor

  GetTextExtentExPointA

  GetTextExtentPoint32A

  GetTextExtentPoint32W

  GetTextExtentPointA

  GetTextFaceA

  GetTextFaceW

  GetTextMetricsA

  GetTextMetricsW

  GetViewportOrgEx

  GetWinMetaFileBits

  GetWindowOrgEx

  IntersectClipRect

  LineTo

  MaskBlt

  MoveToEx

  OffsetRgn

  OffsetWindowOrgEx

  PATHOBJ_vEnumStart

  PatBlt

  PathToRegion

  Pie

  PlayEnhMetaFile

  PolyPolyline

  Polygon

  Polyline

  PtInRegion

  RealizePalette

  RectVisible

  Rectangle

  ResetDCA

  ResizePalette

  RestoreDC

  RoundRect

  STROBJ_dwGetCodePage

  STROBJ_vEnumStart

  SelectClipPath

  SelectClipRgn

  SelectObject

  SelectPalette

  SetBkColor

  SetBkMode

  SetBrushOrgEx

  SetDIBColorTable

  SetDIBits

  SetEnhMetaFileBits

  SetMapMode

  SetPixel

  SetROP2

  SetRectRgn

  SetStretchBltMode

  SetTextAlign

  SetTextColor

  SetTextJustification

  SetViewportOrgEx

  SetWinMetaFileBits

  SetWindowOrgEx

  StartDocA

  StartPage

  StretchBlt

  StretchDIBits

  StrokePath

  TextOutA

  TextOutW

  CLIPOBJ_cEnumStart

  BitBlt

  BeginPath

  Arc

  GetEnhMetaFileA

  GetSystemPaletteUse

  UnrealizeObject

  CreatePatternBrush

  AbortDoc

  GetTextCharacterExtra

  GetBkColor

  SaveDC

  GdiFlush

  EndPage

  AddFontResourceW

  GetPixel

  CloseEnhMetaFile

  advapi32

  RegDeleteKeyA

  RegSetValueExA

  RegQueryValueExA

  RegQueryValueA

  RegOpenKeyExW

  RegOpenKeyExA

  RegFlushKey

  RegOpenKeyA

  RegCreateKeyExA

  RegCloseKey

  QueryServiceStatus

  OpenServiceA

  OpenSCManagerA

  CloseServiceHandle

  shell32

  Shell_NotifyIconW

  ShellExecuteA

  ole32

  StringFromCLSID

  IsEqualGUID

  CoUninitialize

  CoTaskMemFree

  CoInitializeEx

  CoInitialize

  CoCreateInstance

  StringFromGUID2

  comctl32

  ImageList_Destroy

  imm32

  ImmGetContext

  ImmGetOpenStatus

  ImmReleaseContext

  ImmSetCompositionFontW

  ImmSetCompositionWindow

  Sections

  .text

  Size: 987KB - Virtual size: 986KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 40KB - Virtual size: 39KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 468KB - Virtual size: 468KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 21KB - Virtual size: 572KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ