a0a82373d6b3c6967140eaedb2393c71e2562fa7e441cb861a76cf9019d44813

Sharing

Copy URL Twitter E-mail

General

Target

a0a82373d6b3c6967140eaedb2393c71e2562fa7e441cb861a76cf9019d44813
Size

111KB
MD5

336cc62298a7e6c8d62348c02c0f6229
SHA1

5729f04ed2a0b01cf7a59783d106c2a0b7ff3305
SHA256

a0a82373d6b3c6967140eaedb2393c71e2562fa7e441cb861a76cf9019d44813
SHA512

d457b03fe45a4314c98886dd2d092ed88a2188acb22014183e9339b6539755f8430a106e9ca4da94f93bfb3d465d20486ea747da112accc7e407a3f84ee26c16
SSDEEP

768:CRN59KYLpWkOKhwUXlbZuZ9k3a8euc8OSERfXTOfy9nyRDZVDv196q/7lJRz7h8S:iKCVO2ZZU92lcrTpGDz7zhn7pEvXlsa2

Score

N/A

Malware Config

Signatures

Files

a0a82373d6b3c6967140eaedb2393c71e2562fa7e441cb861a76cf9019d44813
.exe windows x86

1ec30343bd6c7ddfa42cdb6c5cf56302

Code Sign

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08
Certificate

Issuer

CN=t23 inc

Not Before

14/01/2012, 21:04

Not After

31/12/2039, 23:59

Subject

CN=t23 inc

Extended Key Usages

ExtKeyUsageCodeSigning

b4:80:25:88:c1:d1:d9:10:19:ec:c7:1d:ad:44:2f:c9:b5:a8:05:ef
Signer

Actual PE Digest

b4:80:25:88:c1:d1:d9:10:19:ec:c7:1d:ad:44:2f:c9:b5:a8:05:ef

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=t23 inc

04/11/2022, 15:44
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputAttribute
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringA
VirtualLock
lstrcmpA
lstrcpyA
VerifyVersionInfoW
TransactNamedPipe
TlsGetValue
TlsAlloc
TerminateThread
TerminateJobObject
SizeofResource
SetTimerQueueTimer
SetThreadPriority
SetSystemPowerState
SetNamedPipeHandleState
SetFileAttributesW
SetFileApisToOEM
ResumeThread
ReadFileScatter
ReadConsoleOutputCharacterA
ReadConsoleOutputAttribute
OutputDebugStringA
OpenWaitableTimerW
OpenProcess
OpenFile
MulDiv
MoveFileExW
MapViewOfFileEx
MapUserPhysicalPages
LocalLock
LocalFlags
LoadModule
IsValidLanguageGroup
InterlockedExchangeAdd
InitializeCriticalSection
HeapWalk
HeapSize
HeapLock
HeapFree
GlobalMemoryStatus
GlobalHandle
GlobalFindAtomA
GetVolumeInformationA
GetUserDefaultLCID
GetThreadContext
GetTapeParameters
GetSystemDefaultLCID
GetStartupInfoW
GetStartupInfoA
GetProcessPriorityBoost
GetOEMCP
GetNumberOfConsoleInputEvents
GetNamedPipeInfo
GetModuleFileNameW
GetLogicalDriveStringsA
GetExitCodeProcess
GetDefaultCommConfigA
GetCurrencyFormatW
GetConsoleOutputCP
GetConsoleFontSize
GetConsoleAliasW
GetCalendarInfoA
GetCPInfoExA
GetACP
FreeLibraryAndExitThread
FindVolumeClose
FindNextVolumeA
FindFirstVolumeA
FindFirstChangeNotificationW
ExpandEnvironmentStringsW
EnumDateFormatsA
EnterCriticalSection
DnsHostnameToComputerNameW
CreateFileW
DnsHostnameToComputerNameA
DisableThreadLibraryCalls
DeleteFileW
DeleteFileA
DebugBreak
CreateJobObjectA
CreateEventA
CompareFileTime
CloseHandle
CancelWaitableTimer
CancelIo
BuildCommDCBA
BackupWrite
AreFileApisANSI
GetSystemInfo
GetProcAddress
LoadLibraryA
GetProcessHeap
GetWindowsDirectoryW
lstrcatW
WriteTapemark

user32

EmptyClipboard
DrawIcon
DrawCaption
DispatchMessageW
DestroyIcon
DestroyCaret
DeregisterShellHookWindow
DefMDIChildProcW
DefDlgProcW
DdePostAdvise
DdeGetLastError
DdeFreeDataHandle
DdeDisconnect
DdeCreateStringHandleW
CreateDialogParamW
CreateDialogIndirectParamA
CreateCaret
CloseWindowStation
ChildWindowFromPointEx
CheckMenuItem
CheckDlgButton
CharNextA
CharLowerW
CharLowerBuffW
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsA
CascadeWindows
CallWindowProcW
CallMsgFilterA
ArrangeIconicWindows
EnableWindow
EndDeferWindowPos
EnumDesktopsW
EnumDisplaySettingsExW
EnumWindows
ExcludeUpdateRgn
GetAltTabInfo
GetAltTabInfoA
GetClassLongW
GetClassNameA
GetClipboardData
GetClipboardSequenceNumber
GetDlgItemTextW
GetGuiResources
GetInputDesktop
GetKeyboardType
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemInfoA
GetMessageTime
GetMessageW
GetMouseMovePointsEx
GetNextDlgTabItem
GetPropW
GetScrollInfo
GetScrollPos
GetSubMenu
GetSystemMenu
GetSystemMetrics
GetUserObjectSecurity
GetWindowInfo
GetWindowModuleFileName
GetWindowTextA
GrayStringA
HiliteMenuItem
IMPSetIMEW
ImpersonateDdeClientWindow
InsertMenuItemA
IsChild
IsDlgButtonChecked
IsRectEmpty
LoadMenuA
LockSetForegroundWindow
LookupIconIdFromDirectoryEx
MessageBoxIndirectA
NotifyWinEvent
PaintDesktop
RemovePropW
SetActiveWindow
SetDlgItemTextA
SetMessageExtraInfo
SetScrollInfo
SetScrollRange
SetWinEventHook
TrackMouseEvent
UnregisterClassW
UnregisterHotKey
UpdateWindow
TileWindows
SwitchToThisWindow
SwapMouseButton
ShowScrollBar
ShowCaret
SetWindowRgn
SetWindowLongW

gdi32

EngFreeModule
BitBlt
CLIPOBJ_cEnumStart
CancelDC
CheckColorsInGamut
CloseEnhMetaFile
CopyMetaFileA
CreateColorSpaceA
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEnhMetaFileA
CreatePalette
CreatePolyPolygonRgn
CreateScalableFontResourceW
DeviceCapabilitiesExA
EndFormPage
EngCreateDeviceBitmap
EngCreateDeviceSurface
EngDeleteSurface
EngEraseSurface
EngLineTo
EngStrokePath
EnumEnhMetaFile
EnumObjects
EudcLoadLinkW
ExtCreateRegion
ExtSelectClipRgn
FONTOBJ_pifi
FONTOBJ_pvTrueTypeFontFile
FillPath
GdiComment
GdiConvertBrush
GdiConvertDC
GdiConvertPalette
GdiDllInitialize
GdiEntry6
GdiGetPageHandle
GdiQueryFonts
GdiRealizationInfo
GdiSetBatchLimit
GdiStartPageEMF
GdiTransparentBlt
GetCharABCWidthsFloatA
GetCharWidth32A
GetCharWidth32W
GetClipBox
GetClipRgn
GetDIBColorTable
GetEnhMetaFilePaletteEntries
GetObjectType
GetObjectW
GetPolyFillMode
GetROP2
GetStringBitmapW
GetSystemPaletteEntries
GetTextColor
GetTextExtentExPointI
GetTextExtentPointI
GetViewportOrgEx
HT_Get8BPPMaskPalette
LineDDA
MoveToEx
PatBlt
PlayMetaFileRecord
PolyBezier
Polyline
PolylineTo
PtInRegion
PtVisible
RestoreDC
SetBitmapDimensionEx
SetBoundsRect
SetDIBits
SetICMMode
SetMapMode
SetMapperFlags
SetMetaRgn
SetPaletteEntries
SetPixelFormat
TextOutW
UnrealizeObject
UpdateColors
WidenPath
XFORMOBJ_bApplyXform
XFORMOBJ_iGetXform
bInitSystemAndFontsDirectoriesW
bMakePathNameW
gdiPlaySpoolStream
BRUSHOBJ_pvGetRbrush

shell32

SHGetDiskFreeSpaceExA
Shell_NotifyIconW
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteEx
ShellAboutA
SHQueryRecycleBinW
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadInProc
SHIsFileAvailableOffline
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconW
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolder
SHCreateDirectoryExW
SHEmptyRecycleBinA
SHFileOperation
SHFileOperationA
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHInvokePrinterCommandA
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetPathFromIDList
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
WOWShellExecute

ole32

CoIsOle1Class
CoQueryClientBlanket
CoRegisterMallocSpy
CoResumeClassObjects
CoTestCancel
CreateBindCtx
CreateClassMoniker
CreateDataAdviseHolder
CreateGenericComposite
CreatePointerMoniker
DllGetClassObjectWOW
EnableHookObject
FreePropVariantArray
GetHGlobalFromStream
GetRunningObjectTable
HACCEL_UserFree
HACCEL_UserMarshal
HACCEL_UserSize
HBITMAP_UserFree
HBRUSH_UserFree
HDC_UserSize
HENHMETAFILE_UserSize
HGLOBAL_UserUnmarshal
HICON_UserFree
HICON_UserSize
HMENU_UserMarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserMarshal
HMETAFILE_UserSize
HPALETTE_UserMarshal
HWND_UserMarshal
HWND_UserUnmarshal
OleCreate
OleCreateFromDataEx
OleCreateFromFile
OleDestroyMenuDescriptor
OleDuplicateData
OleFlushClipboard
OleInitialize
OleMetafilePictFromIconAndLabel
OleQueryCreateFromData
OleRegEnumFormatEtc
OleSetClipboard
ReadClassStg
ReadFmtUserTypeStg
ReadOleStg
ReadStringStream
RegisterDragDrop
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserFree
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgConvertVariantToProperty
StgCreateDocfileOnILockBytes
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgOpenStorage
StgSetTimes
StringFromCLSID
StringFromGUID2
UtConvertDvtd16toDvtd32
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStm
CoIsHandlerConnected
CoInitializeSecurity
CoImpersonateClient
CoGetObject
CoGetInstanceFromIStorage
CoGetCurrentLogicalThreadId
CoGetApartmentID
CoDisconnectObject
CoCreateInstanceEx
CoCancelCall
BindMoniker
CoFreeUnusedLibraries

shlwapi

StrChrIA
StrChrW
StrCmpNA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIW
StrStrA
StrStrIA
StrStrIW
StrStrW

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ec30343bd6c7ddfa42cdb6c5cf56302

Code Sign

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08Certificate

Extended Key Usages

b4:80:25:88:c1:d1:d9:10:19:ec:c7:1d:ad:44:2f:c9:b5:a8:05:efSigner

Signature Validations

Verification

04/11/2022, 15:44 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

Sections

.text Size: 77KB - Virtual size: 76KB

.data Size: 512B - Virtual size: 492B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 2KB - Virtual size: 2KB

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08
Certificate

b4:80:25:88:c1:d1:d9:10:19:ec:c7:1d:ad:44:2f:c9:b5:a8:05:ef
Signer

04/11/2022, 15:44
Valid: false

.text
Size: 77KB - Virtual size: 76KB

.data
Size: 512B - Virtual size: 492B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 2KB - Virtual size: 2KB