0dd1cfe49dc15f46f75fd17bc07308e15442bcc371e55f396c39e7c2aee707eb

Sharing

Copy URL

Twitter E-mail

General

Target

0dd1cfe49dc15f46f75fd17bc07308e15442bcc371e55f396c39e7c2aee707eb
Size

70KB
MD5

41b9e884e363004f1fe4bedee8d7a5ae
SHA1

64f86d75dc4687565845ece1cfaff194302554f3
SHA256

0dd1cfe49dc15f46f75fd17bc07308e15442bcc371e55f396c39e7c2aee707eb
SHA512

1b369e0c1abdce6b2ba44fdba21afac8dc4aa1bee4edd2359c617ec787caa4ad68422d61702b4bbd12bdd1b8a5013ad5ce0e47cbe476ed2970104737f3af95bf
SSDEEP

1536:IYIV99whiwoCBK7bYdGWi7p/xwyV9x+gF/gnzJo/hhdeISs:XIv9whiok9WOjdpF/gNger

Score

N/A

Malware Config

Signatures

Files

0dd1cfe49dc15f46f75fd17bc07308e15442bcc371e55f396c39e7c2aee707eb
.exe windows x86

f0592dcc43ba022ee12afd81d9ce1382

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14-03-2012 06:19

Not After

31-12-2039 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

56:48:4d:af:96:16:26:e6:f7:1a:a7:26:82:fb:4c:ca:df:85:ad:b8
Signer

Actual PE Digest

56:48:4d:af:96:16:26:e6:f7:1a:a7:26:82:fb:4c:ca:df:85:ad:b8

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NCrG992VieeQ

15-09-2022 14:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

SetTimer
SetWindowPos
SetWindowsHookExW
ShowWindowAsync
SystemParametersInfoA
VkKeyScanW
WaitForInputIdle
SetScrollPos
SetMenuDefaultItem
SetMenu
SetLayeredWindowAttributes
SetForegroundWindow
SetCaretBlinkTime
SendNotifyMessageW
SendNotifyMessageA
SendMessageTimeoutA
SendInput
SendIMEMessageExW
SendDlgItemMessageA
ScrollWindowEx
ScreenToClient
ReuseDDElParam
RegisterDeviceNotificationA
RegisterClassW
PostQuitMessage
PostMessageA
OemToCharA
MonitorFromRect
LookupIconIdFromDirectoryEx
LoadKeyboardLayoutW
IsDialogMessageA
CallWindowProcA
ChangeDisplaySettingsW
ChangeMenuA
CharLowerW
CharPrevA
CharToOemBuffA
CharToOemBuffW
CharUpperW
ChildWindowFromPointEx
CreateDesktopW
CreateDialogIndirectParamA
IsClipboardFormatAvailable
CreateDialogParamA
CreateIcon
CreateMDIWindowA
CreateMDIWindowW
CreateWindowExA
DdeDisconnectList
DdeGetData
DdeInitializeW
DdeQueryConvInfo
DdeQueryNextServer
DdeReconnect
DeleteMenu
DispatchMessageW
DlgDirListA
DlgDirListW
DlgDirSelectExW
DrawAnimatedRects
DrawMenuBar
DrawTextA
DrawTextW
EnumDisplaySettingsExA
EnumDisplaySettingsW
EnumThreadWindows
EnumWindowStationsA
GetCaretBlinkTime
GetClassNameW
GetClipboardFormatNameA
GetCursor
GetFocus
GetIconInfo
GetKeyboardType
GetMenuDefaultItem
GetMenuItemRect
GetNextDlgGroupItem
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetPropA
GetPropW
GetShellWindow
GetTitleBarInfo
GetWindowLongA
GetWindowModuleFileName
GetWindowPlacement
GrayStringA
BeginDeferWindowPos
IMPQueryIMEW
InvalidateRgn
IsChild

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleDraw
OleDuplicateData
OleGetAutoConvert
OleGetIconOfClass
OleNoteObjectVisible
OleRegEnumFormatEtc
OleRegGetUserType
ProgIDFromCLSID
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
SetDocumentBitStg
StgConvertPropertyToVariant
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgGetIFillLockBytesOnFile
StgOpenStorageEx
StgOpenStorageOnILockBytes
StringFromGUID2
StringFromIID
UpdateDCOMSettings
UtConvertDvtd16toDvtd32
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStg
OleCreateLinkToFileEx
OleCreateLinkFromDataEx
OleCreateFromFileEx
OleBuildVersion
MkParseDisplayName
HkOleRegisterObject
HPALETTE_UserUnmarshal
HPALETTE_UserMarshal
HMETAFILE_UserUnmarshal
HMETAFILE_UserFree
HMENU_UserUnmarshal
HMENU_UserMarshal
HMENU_UserFree
HICON_UserUnmarshal
HICON_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserFree
HDC_UserSize
HDC_UserFree
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBITMAP_UserUnmarshal
HACCEL_UserFree
GetDocumentBitStg
EnableHookObject
CreatePointerMoniker
CreateOleAdviseHolder
CreateItemMoniker
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateDataAdviseHolder
CreateClassMoniker
CoWaitForMultipleHandles
CoUnmarshalInterface
CoUnmarshalHresult
CoUninitialize
CoResumeClassObjects
CoReleaseServerProcess
CoRegisterMallocSpy
CoReactivateObject
CoLockObjectExternal
CoLoadLibrary
CoIsOle1Class
CoIsHandlerConnected
CoInstall
CoImpersonateClient
CoGetStdMarshalEx
CoGetInterfaceAndReleaseStream
CoGetInstanceFromIStorage
CoGetClassObject
CoGetCallContext
CoFreeUnusedLibraries
CoFileTimeToDosDateTime
CoDisableCallCancellation
CoCreateInstance
CoAllowSetForegroundWindow
CLIPFORMAT_UserUnmarshal
CLIPFORMAT_UserFree
OleConvertIStorageToOLESTREAMEx
CoGetMalloc

comctl32

ord8
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord7
_TrackMouseEvent
ord3
PropertySheetW
PropertySheetA
PropertySheet
ord13
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_Replace
ImageList_Remove
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageCount
ImageList_GetIcon
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Add
GetMUILanguage
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
DrawStatusTextW
ord5
DrawStatusText
ord15
CreateToolbarEx

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0592dcc43ba022ee12afd81d9ce1382

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

56:48:4d:af:96:16:26:e6:f7:1a:a7:26:82:fb:4c:ca:df:85:ad:b8Signer

Signature Validations

Verification

15-09-2022 14:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 12KB

.text1 Size: 50KB - Virtual size: 49KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

56:48:4d:af:96:16:26:e6:f7:1a:a7:26:82:fb:4c:ca:df:85:ad:b8
Signer

15-09-2022 14:53
Valid: false

.text
Size: 12KB - Virtual size: 12KB

.text1
Size: 50KB - Virtual size: 49KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB