autoclicker_771894[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

autoclicker_771894.exe
Size

8.5MB
MD5

6968c1ae6db147460188386f00e87b7c
SHA1

8962e617c7ef69711da26f49ac28e0e6eec93419
SHA256

3bd91cbdb42a385a2e6f523ab18cfc9bff7616a4662ce7137c62cf8f2f709387
SHA512

e84424f77b0d701b01267ba8841642a9f8f9fb01eec3aada9010c162771a106040acd2f100944ad5fec467876b1a50047385ce2407e5852108e33d343a3a2166
SSDEEP

196608:WqT+IsfsA2jrJDqpy/0IIgtRtZQkpwK5GLwp91hkH8CkgTJsv6tWKFdu9C/:fT+IsfsBjUpy/0IBnkkpmlTJsv6tWKFP

Score

N/A

Malware Config

Signatures

Files

autoclicker_771894.exe
.exe windows x86

c9c049ae656775aa11721620d25ff397

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10/02/2022, 00:00

Not After

10/02/2023, 23:59

Subject

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:70:90:72:5a:f5:f1:81:e3:2f:a9:7f:b6:2b:a8:54:4b:38:75:f7:2a:55:52:56:7c:32:6e:d3:e2:1b:b3:b8
Signer

Actual PE Digest

53:70:90:72:5a:f5:f1:81:e3:2f:a9:7f:b6:2b:a8:54:4b:38:75:f7:2a:55:52:56:7c:32:6e:d3:e2:1b:b3:b8

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

23/08/2022, 14:51
Valid: true

Chain 1

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
SetGraphicsMode
CreateBitmap
SetWorldTransform
GetGlyphOutlineW
CreateDIBSection
DeleteObject
GetStockObject
CreateFontIndirectW
GetRegionData
OffsetRgn
EnumFontFamiliesExW
SelectObject
DeleteDC
GetObjectW
RemoveFontMemResourceEx
GetOutlineTextMetricsW
GetTextExtentPoint32W
CreateRectRgn
SetTextAlign
AddFontMemResourceEx
CreateCompatibleDC
SetBkMode
GetCharABCWidthsW
CreateDCW
ExtTextOutW
GetTextFaceW
CombineRgn
SelectClipRgn
GetFontData
AddFontResourceExW
GetCharABCWidthsFloatW
GetDIBits
GdiFlush
GetTextMetricsW
SetTextColor
BitBlt
RemoveFontResourceExW
GetCharABCWidthsI
CreateCompatibleBitmap

oleaut32

SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmNotifyIME
ImmSetCandidateWindow
ImmGetCompositionStringW
ImmGetDefaultIMEWnd

winmm

PlaySoundW

kernel32

GetUserDefaultLangID
InterlockedIncrement
SleepEx
GetModuleHandleA
HeapReAlloc
TerminateThread
CompareStringW
SetFileAttributesW
IsValidLocale
VirtualQuery
InterlockedDecrement
lstrcmpW
FreeEnvironmentStringsW
GetLocaleInfoA
GetUserDefaultLCID
GetSystemInfo
CloseHandle
GlobalLock
GetSystemTimeAsFileTime
GetCurrencyFormatW
lstrlenA
GetLongPathNameW
SetFilePointer
GlobalAlloc
PeekNamedPipe
InterlockedExchange
GetTimeZoneInformation
GetCommandLineA
ExitThread
CopyFileW
GetCommandLineW
SetErrorMode
GetACP
GetCurrentThreadId
SetUnhandledExceptionFilter
CreateMutexW
UnmapViewOfFile
SetEnvironmentVariableA
ResetEvent
QueryPerformanceCounter
LoadLibraryA
RemoveDirectoryW
GetFileAttributesExW
GetThreadPriority
GetCurrentThread
SystemTimeToTzSpecificLocalTime
LCMapStringW
DeviceIoControl
GetModuleFileNameA
SetFilePointerEx
DecodePointer
GetOEMCP
MoveFileW
GetLogicalDrives
ExpandEnvironmentStringsW
VirtualFree
CheckRemoteDebuggerPresent
GetFileSizeEx
CreateEventW
GlobalSize
GetConsoleCP
GetLocalTime
LeaveCriticalSection
IsValidCodePage
GetProcAddress
IsValidLanguageGroup
GetCurrentProcess
GetFileType
DeleteFileA
GetStringTypeW
LoadLibraryW
MapViewOfFile
FindNextFileW
HeapAlloc
GetTickCount64
SetThreadPriority
TlsFree
OutputDebugStringA
FlushFileBuffers
TlsSetValue
WriteFile
GetStdHandle
EncodePointer
GetStartupInfoW
LocalFree
GetFileInformationByHandle
UnhandledExceptionFilter
ResumeThread
DuplicateHandle
RaiseException
FindFirstFileExW
OpenProcess
FreeLibrary
GetDriveTypeW
GetEnvironmentVariableA
CreateFileW
WriteConsoleW
IsProcessorFeaturePresent
WaitForMultipleObjects
GetSystemTime
GetProcessHeap
GetModuleHandleW
GetLastError
GetFullPathNameW
GetDateFormatA
MultiByteToWideChar
Sleep
EnterCriticalSection
SetLastError
FindClose
GetTickCount
DeleteFileW
GetTimeFormatW
CreateProcessW
GetCPInfo
GetCurrentProcessId
GetSystemDirectoryW
DeleteCriticalSection
GetFileAttributesW
MoveFileExW
HeapSize
FindFirstFileW
GetDateFormatW
OpenFileMappingW
VerifyVersionInfoW
OutputDebugStringW
GetVersionExW
CreateThread
GetLocaleInfoW
CreateFileMappingW
SetEvent
SetHandleCount
QueryPerformanceFrequency
GetModuleFileNameW
InitializeCriticalSection
GetFileSize
ReleaseSemaphore
GetCurrentDirectoryW
ReleaseMutex
ExitProcess
CreateSemaphoreW
CreateDirectoryW
FormatMessageW
TerminateProcess
WideCharToMultiByte
GlobalUnlock
HeapFree
RtlUnwind
GetUserDefaultUILanguage
HeapCreate
ReadFile
VerSetConditionMask
EnumSystemLocalesA
HeapSetInformation
SetStdHandle
FileTimeToLocalFileTime
GetVolumeInformationW
TlsGetValue
GetEnvironmentStringsW
GetConsoleMode
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
SetEndOfFile
CreateFileA
FileTimeToSystemTime
TlsAlloc
WaitForSingleObject

user32

GetAncestor
GetActiveWindow
UnregisterClassW
TrackPopupMenuEx
GetCapture
GetIconInfo
GetSysColor
GetUpdateRect
IsChild
DispatchMessageW
ShowWindow
DefWindowProcW
SetCursor
GetMenu
GetWindowPlacement
SetTimer
InvalidateRect
RegisterClipboardFormatW
IsZoomed
RegisterWindowMessageW
GetParent
GetWindowLongW
CreateCaret
GetSysColorBrush
ChildWindowFromPointEx
PeekMessageW
SetMenuItemInfoW
ScreenToClient
DrawIconEx
IsIconic
LoadIconW
PostMessageW
FlashWindowEx
EnableMenuItem
GetSystemMenu
GetFocus
TranslateMessage
GetKeyboardState
GetKeyState
ToUnicode
GetKeyboardLayoutList
BeginPaint
SetCaretPos
SetFocus
GetDesktopWindow
SystemParametersInfoW
MsgWaitForMultipleObjectsEx
EndPaint
LoadImageW
ClientToScreen
RegisterClassW
SetClipboardViewer
SetWindowTextW
CreateCursor
GetWindowThreadProcessId
ToAscii
MoveWindow
SetForegroundWindow
DestroyWindow
SetWindowPos
GetWindowRect
GetCursorPos
GetCaretBlinkTime
MessageBeep
GetQueueStatus
SetCapture
CreateIconIndirect
GetAsyncKeyState
GetClassInfoW
HideCaret
SendMessageW
UnhookWindowsHookEx
SetParent
GetClientRect
NotifyWinEvent
GetClipboardFormatNameW
GetMonitorInfoW
GetSystemMetrics
KillTimer
IsWindowVisible
CallNextHookEx
GetDoubleClickTime
SetWindowLongW
SetWindowRgn
GetMessageExtraInfo
SetWindowsHookExW
DestroyCaret
ReleaseDC
AdjustWindowRectEx
SetCursorPos
RegisterClassExW
EnumDisplayMonitors
TrackMouseEvent
ChangeClipboardChain
ReleaseCapture
CharNextExA
DestroyCursor
CreateWindowExW
DestroyIcon
MapVirtualKeyW
GetDC

shell32

SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW

ole32

DoDragDrop
CoLockObjectExternal
OleUninitialize
OleIsCurrentClipboard
CoGetMalloc
OleGetClipboard
CoCreateGuid
CoInitialize
RevokeDragDrop
OleInitialize
RegisterDragDrop
ReleaseStgMedium
OleFlushClipboard
OleSetClipboard
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

CryptGetHashParam
FreeSid
RegOpenKeyExW
CryptDestroyHash
CryptReleaseContext
RegQueryInfoKeyW
RegEnumValueW
OpenProcessToken
GetLengthSid
CryptDestroyKey
GetTokenInformation
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
CopySid
RegFlushKey
CryptGenRandom
RegCloseKey
CryptEncrypt
CryptImportKey
CryptAcquireContextW
CryptHashData
CryptCreateHash

ws2_32

htons
getsockopt
getpeername
socket
connect
WSASetLastError
WSAEnumNetworkEvents
bind
accept
listen
htonl
sendto
recvfrom
select
__WSAFDIsSet
ioctlsocket
gethostname
ntohs
getsockname
setsockopt
WSAIoctl
recv
WSACloseEvent
getaddrinfo
WSACreateEvent
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
WSAStartup
WSACleanup
WSAGetLastError
send
closesocket
WSAAsyncSelect
freeaddrinfo

crypt32

CertAddCertificateContextToStore
CertOpenStore
CertCloseStore
CertFreeCertificateChainEngine
CertEnumCertificatesInStore
CryptQueryObject
CryptDecodeObjectEx
PFXImportCertStore
CertGetCertificateChain
CertFreeCertificateContext
CertFindExtension
CertCreateCertificateChainEngine
CertFreeCertificateChain
CertFindCertificateInStore
CryptStringToBinaryW

wldap32

ord117
ord216
ord73
ord301
ord167
ord79
ord142
ord46
ord27
ord127
ord147
ord133
ord26
ord208
ord145
ord219
ord14
ord41

Exports

Exports

z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9c049ae656775aa11721620d25ff397

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

53:70:90:72:5a:f5:f1:81:e3:2f:a9:7f:b6:2b:a8:54:4b:38:75:f7:2a:55:52:56:7c:32:6e:d3:e2:1b:b3:b8Signer

Signature Validations

Verification

23/08/2022, 14:51 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

oleaut32

imm32

winmm

kernel32

user32

shell32

ole32

advapi32

ws2_32

crypt32

wldap32

Exports

Exports

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 49KB - Virtual size: 62KB

.qtmetad Size: 512B - Virtual size: 272B

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 240KB - Virtual size: 239KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

53:70:90:72:5a:f5:f1:81:e3:2f:a9:7f:b6:2b:a8:54:4b:38:75:f7:2a:55:52:56:7c:32:6e:d3:e2:1b:b3:b8
Signer

23/08/2022, 14:51
Valid: true

.text
Size: 6.0MB - Virtual size: 6.0MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 49KB - Virtual size: 62KB

.qtmetad
Size: 512B - Virtual size: 272B

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 240KB - Virtual size: 239KB