General

Malware Config

Signatures

Files

• 6c63c5d6c9a23a169eaa79e96c11fc62d685f2f572c602b1bca42376225cec6d

  .exe windows x86

  1ab49b43a8b347cf8b4a01b6b2ce253f

  
  

  Code Sign

  57:b2:da:9c:4c:22:c0:71:b0:7e:0c:0e:eb:88:23:e5

  Certificate

  Issuer

  CN=GHDUIYANHFBFQSCULK

  Not Before

  05-02-2021 10:55

  Not After

  31-12-2039 23:59

  Subject

  CN=GHDUIYANHFBFQSCULK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  23-10-2020 00:00

  Not After

  22-01-2032 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  ec:13:6e:53:4d:9a:b0:ef:76:d8:44:b4:ab:0d:25:b0:69:0c:cf:1a

  Signer

  Actual PE Digest

  ec:13:6e:53:4d:9a:b0:ef:76:d8:44:b4:ab:0d:25:b0:69:0c:cf:1a

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=GHDUIYANHFBFQSCULK

  28-11-2022 11:52

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleA

  ExitProcess

  SetErrorMode

  GetLastError

  user32

  CreatePopupMenu

  DispatchMessageW

  LoadIconW

  LoadCursorW

  RemovePropW

  SetWindowPlacement

  IsZoomed

  GetWindowPlacement

  IsIconic

  SetPropW

  GetPropW

  ShowWindow

  SetForegroundWindow

  GetForegroundWindow

  ShowOwnedPopups

  PostMessageW

  SetTimer

  MoveWindow

  MapWindowPoints

  GetWindowRect

  PtInRect

  GetWindowLongW

  GetAncestor

  EnumChildWindows

  UpdateLayeredWindow

  SetActiveWindow

  DestroyMenu

  KillTimer

  GetCursorPos

  EnableWindow

  GetDlgItem

  SetRect

  GetClassNameW

  GetClientRect

  GetWindowTextW

  SetWindowTextW

  SendMessageW

  WindowFromPoint

  GetAsyncKeyState

  DialogBoxParamW

  RedrawWindow

  BringWindowToTop

  GetTopWindow

  MessageBoxW

  RegisterHotKey

  UnregisterHotKey

  EndDialog

  DefWindowProcW

  IsWindow

  GetWindowThreadProcessId

  TrackPopupMenu

  CheckMenuItem

  EnableMenuItem

  AppendMenuW

  ReleaseCapture

  SetCapture

  SetWindowLongW

  UnhookWindowsHookEx

  DestroyWindow

  RegisterShellHookWindow

  SetWindowsHookExW

  PostQuitMessage

  RegisterClipboardFormatW

  CreateWindowExW

  RegisterWindowMessageW

  GetDC

  ReleaseDC

  GetWindowRgn

  GetDesktopWindow

  GetIconInfo

  LookupIconIdFromDirectoryEx

  DestroyIcon

  CreateIconFromResourceEx

  FindWindowW

  SystemParametersInfoW

  EnumWindows

  GetWindow

  GetParent

  SendDlgItemMessageW

  IsWindowVisible

  TranslateMessage

  TranslateAcceleratorW

  GetMessageW

  LoadAcceleratorsW

  LoadImageW

  GetSystemMetrics

  EnumDisplayMonitors

  SetWindowPos

  RegisterClassExW

  LoadIconA

  CharUpperA

  gdi32

  StretchDIBits

  StretchBlt

  SetViewportOrgEx

  SetTextColor

  SetStretchBltMode

  SetBkMode

  SetBkColor

  SelectPalette

  SelectObject

  SelectClipRgn

  SaveDC

  RestoreDC

  ResizePalette

  RealizePalette

  IntersectClipRect

  GetViewportOrgEx

  GetTextMetricsW

  GetStockObject

  GetPaletteEntries

  GetObjectType

  GetObjectW

  GetNearestPaletteIndex

  GetDeviceCaps

  GetDIBits

  GetCurrentObject

  GetClipBox

  ExcludeClipRect

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreateRectRgn

  CreatePalette

  CreateHalftonePalette

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  advapi32

  RegQueryValueExW

  RegCreateKeyW

  RegSetValueExW

  RegCloseKey

  RegOpenKeyExW

  RegDeleteValueW

  SetSecurityDescriptorSacl

  GetSecurityDescriptorSacl

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  SetSecurityDescriptorDacl

  InitializeSecurityDescriptor

  RegOpenKeyExA

  RegQueryValueExA

  shell32

  ShellExecuteW

  SHGetSpecialFolderPathW

  ord680

  comctl32

  _TrackMouseEvent

  Sections

  .text

  Size: 1.7MB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata14

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata13

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata12

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata11

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata10

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata9

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata8

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ