installnp[.]exe

Sharing

Copy URL Twitter E-mail

Reason

too many matches

General

Target

installnp.exe
Size

476.5MB
MD5

624bbe5be30bf2d2a320fc92a2501624
SHA1

91838e881675e717f71c8e47f494f279bf4cc980
SHA256

399a28525d424fa754d2b4c6fcda66ece2cf9bc7cb354977721527b4d5c30e2d
SHA512

02d602b3ce59bb800028c938a8d9a5015b8773cce39a547061538e9b925b7405b0459b4f61226772557f082b350daa7e790526309848f8a8a9515e25b7bdacea
SSDEEP

12582912:zX05z/Naqm5qd+85zoW5BoyfckAgr/4HbKGuBRv1JiOQtSKGc:zXa/Nar5qdV5hclgrg7KGcveOQwC

Score

N/A

Malware Config

Signatures

Files

installnp.exe
.exe windows x86

d2785336101865e7f3410ec13f91e637

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:6f:03:49:d2:1f:37:5a:cf:79:31:91
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

24/04/2020, 09:56

Not After

25/04/2023, 09:56

Subject

CN=Biz Secure Labs Pvt. Ltd,O=Biz Secure Labs Pvt. Ltd,L=Pune,ST=Maharashtra,C=IN,1.2.840.113549.1.9.1=#0c1a737570706f727440696e646961616e746976697275732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:b5:f6:bc:77:55:a4:7e:20:79:a2:64:1d:4f:27:70:c3:72:8e:36
Signer

Actual PE Digest

3c:b5:f6:bc:77:55:a4:7e:20:79:a2:64:1d:4f:27:70:c3:72:8e:36

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Biz Secure Labs Pvt. Ltd,O=Biz Secure Labs Pvt. Ltd,L=Pune,ST=Maharashtra,C=IN,1.2.840.113549.1.9.1=#0c1a737570706f727440696e646961616e746976697275732e636f6d

05/10/2022, 14:25
Valid: true

Chain 1

CN=Biz Secure Labs Pvt. Ltd,O=Biz Secure Labs Pvt. Ltd,L=Pune,ST=Maharashtra,C=IN,1.2.840.113549.1.9.1=#0c1a737570706f727440696e646961616e746976697275732e636f6d

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
GetExitCodeProcess
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
CompareStringW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
HeapCreate
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
IsValidCodePage
GetACP
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
VirtualQuery
VirtualAlloc
RaiseException
RtlUnwind
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FindResourceExA
VirtualProtect
GetProfileIntA
SearchPathA
GetTempFileNameA
GetTickCount
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
lstrcpyA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFullPathNameA
GetVolumeInformationA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedExchange
lstrcmpA
SuspendThread
SetThreadPriority
GetCurrentProcessId
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalSize
FormatMessageA
lstrlenW
InterlockedDecrement
GetModuleFileNameW
SetLastError
lstrlenA
DuplicateHandle
GetCurrentDirectoryA
GetFileType
WriteFile
SetFileTime
SystemTimeToFileTime
DosDateTimeToFileTime
WritePrivateProfileSectionA
FreeResource
ResumeThread
ResetEvent
GlobalFree
GlobalUnlock
MulDiv
CreateEventA
GlobalAlloc
SetEvent
GlobalLock
GetTempPathA
WinExec
GetVersionExA
ReleaseMutex
CreateMutexA
GetModuleFileNameA
GetSystemInfo
LocalAlloc
LoadLibraryA
GetPrivateProfileStringA
GetLongPathNameA
SetCurrentDirectoryA
MultiByteToWideChar
GetSystemDirectoryA
ReadFile
FileTimeToSystemTime
CreateProcessA
Sleep
GetProcessHeap
GetModuleHandleW
WaitForSingleObject
HeapFree
HeapAlloc
FreeLibrary
SetFilePointer
CreateFileA
GetComputerNameA
ExitProcess
DeleteFileA
LocalFree
CloseHandle
FindNextFileA
MoveFileA
GetLocalTime
FindClose
SetFileAttributesA
CopyFileA
RemoveDirectoryA
GetLastError
FindFirstFileA
CreateDirectoryA
GetShortPathNameA
GetFileAttributesA
GetWindowsDirectoryA
GetCurrentProcess
MoveFileExA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetDriveTypeA
GetModuleHandleA
LockResource
GetProcAddress
SizeofResource
WideCharToMultiByte
LoadResource
GetLocaleInfoA
FindResourceA

user32

SetCapture
DeleteMenu
UnregisterClassA
GetSysColorBrush
CharUpperA
DestroyMenu
GetMenuItemInfoA
InflateRect
MessageBeep
IsZoomed
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetWindowThreadProcessId
GetCursorPos
WindowFromPoint
MapVirtualKeyA
GetKeyNameTextA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BringWindowToTop
ReleaseCapture
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatA
GetSubMenu
RemoveMenu
EnableWindow
LoadImageA
PostMessageA
IsWindow
RedrawWindow
UnhookWindowsHookEx
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
MessageBoxA
FillRect
GetDC
SetRect
ReleaseDC
GetSysColor
CopyRect
GetSystemMenu
SetTimer
IsIconic
KillTimer
SetForegroundWindow
LoadBitmapA
LoadIconA
WaitMessage
DestroyIcon
CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
SetRectEmpty
LoadMenuA
PostThreadMessageA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
DrawIcon
ShowWindow
AppendMenuA
GetSystemMetrics
FindWindowA
LoadCursorA
SetCursor
SendMessageA
GetClientRect
SetWindowLongA
InvalidateRect
GetWindowLongA
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsA
CreateAcceleratorTableA
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
SetParent
SetClassLongA
SetScrollInfo
IsMenu
DrawStateA
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
TranslateAcceleratorA
InsertMenuItemA
ReuseDDElParam
UnpackDDElParam
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffA
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetCursorPos
MapVirtualKeyExA
IsCharLowerA
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
GetScrollInfo
UnionRect
IsClipboardFormatAvailable

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CopyMetaFileA
GetDCOrgEx
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32A
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
OffsetRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
GetDIBits
RealizePalette
SetPixel
OffsetWindowOrgEx
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateFontIndirectA
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateDIBSection
GetObjectA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

InitializeSid
RegCreateKeyA
RegCloseKey
OpenProcessToken
SetEntriesInAclA
SetNamedSecurityInfoA
RegQueryValueExA
LookupPrivilegeValueA
AllocateAndInitializeSid
FreeSid
RegOpenKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
CreateWellKnownSid
RegFlushKey
CheckTokenMembership
GetLengthSid
GetUserNameA
RegSetValueExA
GetSidLengthRequired
RegSetKeySecurity
OpenSCManagerA
InitializeAcl
RegOpenKeyExA
RegCreateKeyExA
SetSecurityDescriptorDacl
StartServiceA
InitializeSecurityDescriptor
GetTokenInformation
AddAccessAllowedAceEx
CloseServiceHandle
OpenServiceA
AdjustTokenPrivileges

shell32

DragQueryFileA
SHGetPathFromIDListA
SHGetSpecialFolderPathA
ShellExecuteA
SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
DragFinish

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFileExistsA
StrFormatByteSizeW
SHDeleteKeyA
StrStrIA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoRevokeClassObject

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysFreeString
OleLoadPicture
SysStringLen

winmm

PlaySoundA

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePixelFormat
GdipCloneImage

iphlpapi

GetIpForwardTable

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 474.2MB - Virtual size: 474.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 888KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

d2785336101865e7f3410ec13f91e637

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

10:6f:03:49:d2:1f:37:5a:cf:79:31:91Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

3c:b5:f6:bc:77:55:a4:7e:20:79:a2:64:1d:4f:27:70:c3:72:8e:36Signer

Signature Validations

Verification

05/10/2022, 14:25 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

imm32

gdiplus

iphlpapi

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 285KB - Virtual size: 284KB

.data Size: 24KB - Virtual size: 56KB

.rsrc Size: 474.2MB - Virtual size: 474.2MB

.reloc Size: 888KB - Virtual size: 887KB

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

10:6f:03:49:d2:1f:37:5a:cf:79:31:91
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

3c:b5:f6:bc:77:55:a4:7e:20:79:a2:64:1d:4f:27:70:c3:72:8e:36
Signer

05/10/2022, 14:25
Valid: true

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 285KB - Virtual size: 284KB

.data
Size: 24KB - Virtual size: 56KB

.rsrc
Size: 474.2MB - Virtual size: 474.2MB

.reloc
Size: 888KB - Virtual size: 887KB