LightBurn 1[.]1[.]03 (x64) Multilingual[.]zip

Resubmissions

16/10/2022, 13:05

221016-qblygaheh7 8

16/10/2022, 12:51

221016-p3p9jahebn 8

16/10/2022, 12:18

221016-pgzwvahdhq 8

Sharing

Copy URL

Twitter E-mail

General

Target

LightBurn 1.1.03 (x64) Multilingual.zip
Size

64.4MB
MD5

b696719e1dee7c7e022e1d203fb367b7
SHA1

4e50c275dc5a29dae6ef8b5945236c5a6cc51155
SHA256

4e07bdcd696781ae7a3af2087db9c5a6b2c1e02fe6474995cf961f9407bde746
SHA512

87ddd51dbfb9f484d9137d224199938bb22c591e6de87c236c1bb0c5723b36334086a34fa18e59596181c3abca5030cc5b05aea6854814cd163059335f65d738
SSDEEP

1572864:/3NCdubToTg3o00yfbPGzV0pPKnSZG4AWpdJtFw958/8:QAbTsg3bbeJePKnULbjkL

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/LightBurn 1.1.03 (x64) Multilingual/crack/LightBurn.exe	vmprotect

Files

LightBurn 1.1.03 (x64) Multilingual.zip
.zip

Password: 123
LightBurn 1.1.03 (x64) Multilingual/LightBurn-v1.1.03.exe
.exe windows x86

Password: 123

5a594319a0d69dbc452e748bcf05892e

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:07:17:8d:24:df:28:c3:62:77:69:45:79:1f:61:2e
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/07/2021, 00:00

Not After

09/07/2024, 23:59

Subject

SERIALNUMBER=201732110108,CN=LightBurn Software\, LLC,O=LightBurn Software\, LLC,L=Santa Cruz,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130a43616c69666f726e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetACP
GetExitCodeProcess
LocalFree
CloseHandle
SizeofResource
VirtualProtect
VirtualFree
GetFullPathNameW
ExitProcess
HeapAlloc
GetCPInfoExW
RtlUnwind
GetCPInfo
GetStdHandle
GetModuleHandleW
FreeLibrary
HeapDestroy
ReadFile
CreateProcessW
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
CreateThread
CompareStringW
LoadLibraryA
ResetEvent
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetCurrentThread
LoadLibraryExW
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
SetThreadPriority
GetCurrentProcess
VirtualAlloc
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
VerSetConditionMask
GetDiskFreeSpaceW
FindFirstFileW
GetUserDefaultUILanguage
lstrlenW
QueryPerformanceCounter
SetEndOfFile
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
GetSystemDirectoryW
DeleteFileW
GetLocalTime
GetEnvironmentVariableW
WaitForSingleObject
WriteFile
ExitThread
DeleteCriticalSection
TlsGetValue
GetDateFormatW
SetErrorMode
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetUserDefaultLangID
RemoveDirectoryW
CreateEventW
SetThreadLocale
GetThreadLocale

comctl32

InitCommonControls

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CreateWindowExW
TranslateMessage
CharLowerBuffW
CallWindowProcW
CharUpperW
PeekMessageW
GetSystemMetrics
SetWindowLongW
MessageBoxW
DestroyWindow
CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
LoadStringW
ExitWindowsEx
DispatchMessageW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenProcessToken
RegOpenKeyExW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 718KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LightBurn 1.1.03 (x64) Multilingual/crack/LightBurn.exe
.exe windows x64

Password: 123

a28bacd9e4f93ecddadbf8fca4f1cb74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

CommandLineToArgvW

potrace

potrace_param_default

setupapi

SetupDiEnumDeviceInfo

libusb-1.0

libusb_get_string_descriptor_ascii

ws2_32

inet_addr

qt5multimediawidgets

?setMediaObject@QCameraViewfinder@@MEAA_NPEAVQMediaObject@@@Z

qt5printsupport

??1QPrinter@@UEAA@XZ

qt5widgets

?helpEvent@QAbstractItemDelegate@@UEAA_NPEAVQHelpEvent@@PEAVQAbstractItemView@@AEBVQStyleOptionViewItem@@AEBVQModelIndex@@@Z

qt5multimedia

?qt_metacast@QCamera@@UEAAPEAXPEBD@Z

qt5gui

?fillRect@QPainter@@QEAAXHHHHAEBVQBrush@@@Z

qt5serialport

?hasVendorIdentifier@QSerialPortInfo@@QEBA_NXZ

qt5network

?metaObject@QNetworkAccessManager@@UEBAPEBUQMetaObject@@XZ

qt5xml

?data@QDomCharacterData@@QEBA?AVQString@@XZ

qt5core

?qt_metacall@QAbstractItemModel@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z

msvcp140

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

dbghelp

SymGetModuleBase64

advapi32

CryptGetHashParam

user32

CharNextA
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

winhttp

WinHttpCloseHandle

crypt32

CertFreeCertificateChain

iphlpapi

GetAdaptersInfo

ole32

CoSetProxyBlanket

oleaut32

SysAllocString

concrt140

?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ

kernel32

GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

vcruntime140

_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func

api-ms-win-crt-math-l1-1-0

fmod

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-string-l1-1-0

isdigit

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-multibyte-l1-1-0

_mbsnbicmp

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

wtsapi32

WTSSendMessageW

Exports

Exports

FT_Close
FT_ClrDtr
FT_ClrRts
FT_ComPortCancelIdle
FT_ComPortIdle
FT_CreateDeviceInfoList
FT_CyclePort
FT_EEPROM_Program
FT_EEPROM_Read
FT_EE_Program
FT_EE_ProgramEx
FT_EE_Read
FT_EE_ReadConfig
FT_EE_ReadECC
FT_EE_ReadEx
FT_EE_UARead
FT_EE_UASize
FT_EE_UAWrite
FT_EE_WriteConfig
FT_EraseEE
FT_Finalise
FT_GetBitMode
FT_GetComPortNumber
FT_GetDeviceInfo
FT_GetDeviceInfoDetail
FT_GetDeviceInfoList
FT_GetDriverVersion
FT_GetEventStatus
FT_GetLatencyTimer
FT_GetLibraryVersion
FT_GetModemStatus
FT_GetQueueStatus
FT_GetQueueStatusEx
FT_GetStatus
FT_Initialise
FT_IoCtl
FT_ListDevices
FT_Open
FT_OpenEx
FT_Purge
FT_Read
FT_ReadEE
FT_Reload
FT_Rescan
FT_ResetDevice
FT_ResetPort
FT_RestartInTask
FT_SetBaudRate
FT_SetBitMode
FT_SetBreakOff
FT_SetBreakOn
FT_SetChars
FT_SetDataCharacteristics
FT_SetDeadmanTimeout
FT_SetDivisor
FT_SetDtr
FT_SetEventNotification
FT_SetFlowControl
FT_SetLatencyTimer
FT_SetResetPipeRetryCount
FT_SetRts
FT_SetTimeouts
FT_SetUSBParameters
FT_SetWaitMask
FT_StopInTask
FT_VendorCmdGet
FT_VendorCmdGetEx
FT_VendorCmdSet
FT_VendorCmdSetEx
FT_W32_CancelIo
FT_W32_ClearCommBreak
FT_W32_ClearCommError
FT_W32_CloseHandle
FT_W32_CreateFile
FT_W32_EscapeCommFunction
FT_W32_GetCommMask
FT_W32_GetCommModemStatus
FT_W32_GetCommState
FT_W32_GetCommTimeouts
FT_W32_GetLastError
FT_W32_GetOverlappedResult
FT_W32_PurgeComm
FT_W32_ReadFile
FT_W32_SetCommBreak
FT_W32_SetCommMask
FT_W32_SetCommState
FT_W32_SetCommTimeouts
FT_W32_SetupComm
FT_W32_WaitCommEvent
FT_W32_WriteFile
FT_WaitOnMask
FT_Write
FT_WriteEE

Sections

.text
Size: - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 19.9MB - Virtual size: 19.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LightBurn 1.1.03 (x64) Multilingual/crack/readme.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 123

Password: 123

5a594319a0d69dbc452e748bcf05892e

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29Certificate

Extended Key Usages

Key Usages

0e:07:17:8d:24:df:28:c3:62:77:69:45:79:1f:61:2eCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

version

user32

oleaut32

netapi32

advapi32

Exports

Exports

Sections

.text Size: 718KB - Virtual size: 717KB

.itext Size: 6KB - Virtual size: 5KB

.data Size: 14KB - Virtual size: 13KB

.bss Size: - Virtual size: 27KB

.idata Size: 4KB - Virtual size: 3KB

.didata Size: 512B - Virtual size: 420B

.edata Size: 512B - Virtual size: 154B

.tls Size: - Virtual size: 24B

.rdata Size: 512B - Virtual size: 93B

.rsrc Size: 28KB - Virtual size: 27KB

Password: 123

a28bacd9e4f93ecddadbf8fca4f1cb74

Headers

DLL Characteristics

File Characteristics

Imports

shell32

potrace

setupapi

libusb-1.0

ws2_32

qt5multimediawidgets

qt5printsupport

qt5widgets

qt5multimedia

qt5gui

qt5serialport

qt5network

qt5xml

qt5core

msvcp140

dbghelp

advapi32

user32

winhttp

crypt32

iphlpapi

ole32

oleaut32

concrt140

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

0e:07:17:8d:24:df:28:c3:62:77:69:45:79:1f:61:2e
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

.text
Size: 718KB - Virtual size: 717KB

.itext
Size: 6KB - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 27KB

.idata
Size: 4KB - Virtual size: 3KB

.didata
Size: 512B - Virtual size: 420B

.edata
Size: 512B - Virtual size: 154B

.tls
Size: - Virtual size: 24B

.rdata
Size: 512B - Virtual size: 93B

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: - Virtual size: 8.8MB

.rdata
Size: - Virtual size: 8.9MB

.data
Size: - Virtual size: 1.1MB

.pdata
Size: - Virtual size: 354KB

.tls
Size: - Virtual size: 9B

_RDATA
Size: - Virtual size: 1KB

.vmp0
Size: - Virtual size: 11.1MB

.vmp1
Size: 19.9MB - Virtual size: 19.9MB

.reloc
Size: 512B - Virtual size: 176B

.rsrc
Size: 16KB - Virtual size: 15KB