General

Malware Config

Signatures

Files

• d88767640afcf2207b483e70115cd64cd1ddf156106af0961ec537509de705e2

  .exe windows x86

  1f73ccef65ac87a71891a2242abcd4e9

  
  

  Code Sign

  66:3f:85:0a:53:d2:a9:bb:47:39:c6:d0:31:89:30:72

  Certificate

  Issuer

  CN=OHPHNFHI

  Not Before

  10-04-2019 11:35

  Not After

  31-12-2039 23:59

  Subject

  CN=OHPHNFHI

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  a2:03:a0:e8:57:89:88:c1:12:8e:ff:56:dc:ba:9e:1e:40:8a:1b:54:ff:2d:3c:8d:0e:bf:cf:d0:5c:f3:6d:90

  Signer

  Actual PE Digest

  a2:03:a0:e8:57:89:88:c1:12:8e:ff:56:dc:ba:9e:1e:40:8a:1b:54:ff:2d:3c:8d:0e:bf:cf:d0:5c:f3:6d:90

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=OHPHNFHI

  10-04-2019 21:04

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GlobalFree

  GlobalGetAtomNameW

  GlobalLock

  GlobalSize

  GlobalUnlock

  HeapAlloc

  HeapFree

  HeapReAlloc

  InitializeCriticalSection

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsDBCSLeadByte

  LeaveCriticalSection

  LoadLibraryA

  LoadLibraryExW

  LoadLibraryW

  LocalAlloc

  LocalFree

  LocalLock

  LocalUnlock

  MapViewOfFile

  MoveFileExW

  MultiByteToWideChar

  OpenProcess

  OutputDebugStringW

  QueryDosDeviceW

  RaiseException

  ReleaseMutex

  ResetEvent

  GlobalDeleteAtom

  RtlUnwind

  SetErrorMode

  SetEvent

  SetFileAttributesA

  SetFilePointer

  SetLastError

  SetThreadExecutionState

  SetThreadLocale

  SignalObjectAndWait

  Sleep

  SystemTimeToFileTime

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnmapViewOfFile

  VirtualAlloc

  VirtualFree

  VirtualQuery

  VirtualQueryEx

  WaitForMultipleObjects

  WaitForSingleObject

  WideCharToMultiByte

  WriteFile

  WritePrivateProfileStringW

  lstrcmpW

  lstrcpyA

  lstrcpyW

  lstrcpynW

  lstrlenA

  lstrlenW

  VirtualAllocEx

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryW

  GetWindowsDirectoryA

  GetVersionExW

  GetVersionExA

  GetVersion

  GetThreadLocale

  GetTempPathW

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetStdHandle

  GetStartupInfoW

  GetStartupInfoA

  GetProcessTimes

  GetProcessHeap

  GetProcAddress

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  GetPriorityClass

  GetModuleHandleW

  GetModuleHandleA

  GetModuleFileNameW

  GetLongPathNameW

  GetLogicalDriveStringsW

  GetLocaleInfoW

  GetLocalTime

  GetLastError

  GetFileAttributesW

  GetExitCodeThread

  GetDiskFreeSpaceW

  GetDateFormatW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameW

  GetCommandLineW

  GetCPInfo

  GetACP

  FreeLibrary

  FormatMessageW

  FormatMessageA

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  ExitThread

  ExitProcess

  EnumCalendarInfoA

  EnterCriticalSection

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  DefineDosDeviceW

  CreateThread

  CreateProcessW

  CreateMutexW

  CreateMutexA

  CreateFileW

  CreateFileMappingW

  CreateFileA

  CreateEventW

  CreateEventA

  CompareStringW

  ResumeThread

  CloseHandle

  user32

  UnregisterClassW

  UpdateWindow

  ValidateRect

  ValidateRgn

  GetCaretBlinkTime

  IsWindowUnicode

  IsWindowVisible

  GetQueueStatus

  DestroyMenu

  VkKeyScanW

  CopyIcon

  CreatePopupMenu

  IsCharAlphaW

  CountClipboardFormats

  IsWindowEnabled

  GetMenuCheckMarkDimensions

  GetOpenClipboardWindow

  GetParent

  GetFocus

  TranslateMessage

  TranslateAcceleratorA

  TileChildWindows

  TabbedTextOutA

  ShowWindow

  SetSystemCursor

  SetMenuItemInfoW

  SetDlgItemTextA

  SetClassWord

  SetClassLongW

  SendMessageTimeoutW

  RemovePropW

  RegisterClassW

  PtInRect

  PostThreadMessageW

  PostMessageW

  PeekMessageW

  OemToCharA

  MsgWaitForMultipleObjectsEx

  MsgWaitForMultipleObjects

  MessageBoxW

  MessageBoxA

  LockWorkStation

  LoadStringW

  LoadMenuW

  LoadIconW

  LoadCursorW

  IsWindow

  IsCharUpperW

  InternalGetWindowText

  GetSystemMetrics

  GetSystemMenu

  GetNextDlgTabItem

  GetMessageW

  GetKeyboardType

  GetKeyboardLayoutNameW

  GetCursorPos

  GetClassLongA

  ExitWindowsEx

  EnumPropsW

  EnumPropsExA

  EnumDesktopsW

  EnumDesktopsA

  EndMenu

  EnableMenuItem

  EmptyClipboard

  DrawTextExW

  DrawStateW

  DrawIconEx

  DispatchMessageW

  DestroyWindow

  DeleteMenu

  DefWindowProcW

  DefFrameProcA

  DefDlgProcA

  DdeFreeStringHandle

  DdeCmpStringHandles

  CreateWindowStationA

  CreateWindowExW

  CreateDialogIndirectParamA

  CharUpperBuffW

  CharToOemW

  CharToOemBuffA

  CharToOemA

  CharNextW

  CharLowerBuffA

  CharLowerA

  ChangeMenuW

  DdeQueryStringA

  gdi32

  AddFontResourceA

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateDCW

  CreateEllipticRgn

  CreateEnhMetaFileA

  CreateFontIndirectA

  CreateFontIndirectExW

  CreateFontW

  CreatePen

  CreateSolidBrush

  DeleteDC

  DeleteObject

  Ellipse

  EndPath

  EngBitBlt

  EngFindResource

  EngMultiByteToWideChar

  EngQueryLocalTime

  ExtCreatePen

  FillRgn

  GdiAlphaBlend

  GdiEntry8

  GdiGetPageCount

  GetDIBits

  GetDeviceCaps

  GetObjectW

  GetPaletteEntries

  GetPixel

  GetStockObject

  GetTextExtentPoint32W

  GetTextFaceW

  GetTextMetricsW

  GetWinMetaFileBits

  LineTo

  MoveToEx

  PolyDraw

  PolylineTo

  Rectangle

  RoundRect

  STROBJ_bEnumPositionsOnly

  SelectObject

  SetBkColor

  SetBkMode

  SetBoundsRect

  SetPixel

  SetTextColor

  SetViewportOrgEx

  StartDocW

  StartFormPage

  StretchBlt

  StrokeAndFillPath

  BeginPath

  StrokePath

  PathToRegion

  GetTextCharacterExtra

  GetPolyFillMode

  GetDCBrushColor

  CreateHalftonePalette

  DeleteMetaFile

  GetLayout

  EndPage

  FillPath

  CreateMetaFileW

  AngleArc

  CloseFigure

  shell32

  DragFinish

  ole32

  CoTaskMemFree

  Sections

  .text

  Size: 70KB - Virtual size: 70KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 600B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ