c63ed9372c4b70350b369955da32effab8e1648a5615f8a7a0e66291cf33926c

Sharing

Copy URL Twitter E-mail

General

Target

c63ed9372c4b70350b369955da32effab8e1648a5615f8a7a0e66291cf33926c
Size

1.7MB
MD5

2b7bc81bcf25f876763c8b6e25600ab2
SHA1

e65e80e95a7508eeca110c9505a328bbbd18dcc0
SHA256

c63ed9372c4b70350b369955da32effab8e1648a5615f8a7a0e66291cf33926c
SHA512

654f5384d8440e282ef6d4194d30455db0ad37ed35deea1b1e4073b52dcbfb5b2f866960c862bb1ae5f5cb069c1a1937baa2e7d6e239e9354648701e662724c7
SSDEEP

24576:0EzFlU3NpH3QtBII4BpHJh4Oc1Evkbnki3cjuPg7owexafG6UpiMP+n:FzFlUdpLI4Btboh3xI8txuU4MA

Score

N/A

Malware Config

Signatures

Files

c63ed9372c4b70350b369955da32effab8e1648a5615f8a7a0e66291cf33926c
.exe windows x86

7c2517fe66d794e562d5d5e154565eb4

Code Sign

04:7a:53
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03/03/2009, 12:53

Not After

03/03/2024, 12:53

Subject

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:05:4b:3c:48:2b:31:cf:7f:ce:9e:96:eb:0b:db:7f
Certificate

Issuer

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

12/12/2013, 00:00

Not After

12/12/2014, 00:00

Subject

CN=Open Source Developer\, 东莞市迈强电子科技有限公司,O=东莞市迈强电子科技有限公司,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c1:7b:0b:c7:db:53:0d:22:1f:30:69:da:7a:da:ec:3e:97:28:c8:20
Signer

Actual PE Digest

c1:7b:0b:c7:db:53:0d:22:1f:30:69:da:7a:da:ec:3e:97:28:c8:20

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Open Source Developer\, 东莞市迈强电子科技有限公司,O=东莞市迈强电子科技有限公司,C=CN

28/10/2022, 15:10
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

MulDiv
LocalFree
FormatMessageW
FreeResource
GetVersionExA
lstrcmpW
LoadLibraryW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
WritePrivateProfileStringW
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrlenA
GetModuleHandleA
SetErrorMode
CompareStringW
GetProcessHeap
SetEndOfFile
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetLocaleInfoA
LCMapStringW
LCMapStringA
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
RtlUnwind
InitializeCriticalSectionAndSpinCount
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
HeapAlloc
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
HeapCreate
GetCurrentThread
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
ExitProcess
GetStartupInfoW
WideCharToMultiByte
IsDebuggerPresent
lstrcatW
lstrlenW
WaitForSingleObject
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot
MultiByteToWideChar
WinExec
GetTempFileNameA
GetTempPathA
GetModuleHandleW
FreeLibrary
DeleteFileA
SetFileAttributesA
GetProcAddress
LoadLibraryA
Sleep
GetModuleFileNameW
CreateMutexW
WTSGetActiveConsoleSessionId
GetModuleFileNameA
GetVersionExW
GetNativeSystemInfo
WriteFile
SetFilePointer
ReadFile
VirtualFree
VirtualAlloc
GlobalLock
GlobalAlloc
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalFree
GlobalUnlock
CloseHandle
DeviceIoControl
GetLastError
CreateFileA
InitializeCriticalSection

user32

DestroyMenu
UnregisterClassW
GetSysColorBrush
SetCursor
GetMessageW
TranslateMessage
ValidateRect
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
CopyRect
PtInRect
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
UnhookWindowsHookEx
GetFocus
ShowWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetWindowTextW
GetWindow
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetSysColor
EndPaint
BeginPaint
ReleaseDC
GetDC
RegisterClassW
ClientToScreen
ScreenToClient
DrawIcon
IsIconic
LoadIconW
wsprintfW
GetSystemMetrics
DestroyWindow
CreateWindowExA
RegisterClassA
LoadCursorW
DefWindowProcW
SetParent
GetWindowThreadProcessId
EnumWindows
PostMessageW
KillTimer
SendMessageW
IsWindow
InvalidateRect
GetWindowRect
GetParent
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
EnableWindow
CloseWindow
GetClientRect
SetWindowPos
SystemParametersInfoW
LoadImageW
PostQuitMessage
EqualRect
SetTimer

gdi32

GetDeviceCaps
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
BitBlt
CreateCompatibleBitmap
SetViewportOrgEx
CreateCompatibleDC
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SelectObject
GetObjectW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExW
OpenServiceA
RegOpenKeyExW
RegCloseKey
RegOpenKeyA
RevertToSelf
ImpersonateLoggedOnUser
GetUserNameA
ControlService
OpenSCManagerA
StartServiceA
CreateServiceA
DeleteService
CloseServiceHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsA
PathFindExtensionW
PathFindFileNameW

gdiplus

GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipGetImageWidth
GdipGetImageHeight
GdiplusStartup
GdipDrawImageRectRect

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntryA

iphlpapi

GetAdaptersInfo

wtsapi32

WTSQueryUserToken

ole32

CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c2517fe66d794e562d5d5e154565eb4

Code Sign

04:7a:53Certificate

Key Usages

54:05:4b:3c:48:2b:31:cf:7f:ce:9e:96:eb:0b:db:7fCertificate

Extended Key Usages

Key Usages

c1:7b:0b:c7:db:53:0d:22:1f:30:69:da:7a:da:ec:3e:97:28:c8:20Signer

Signature Validations

Verification

28/10/2022, 15:10 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

gdiplus

wininet

iphlpapi

wtsapi32

ole32

oleaut32

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 11KB - Virtual size: 59KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 34KB - Virtual size: 33KB

04:7a:53
Certificate

54:05:4b:3c:48:2b:31:cf:7f:ce:9e:96:eb:0b:db:7f
Certificate

c1:7b:0b:c7:db:53:0d:22:1f:30:69:da:7a:da:ec:3e:97:28:c8:20
Signer

28/10/2022, 15:10
Valid: false

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 11KB - Virtual size: 59KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 34KB - Virtual size: 33KB