General

Malware Config

Signatures

Files

• b3ea2eb443529e63babd54926a44d3d269a564972beca227ad47ccc59e767da9

  .exe windows x86

  66ccc9b386c795db1088871f16b6a9c2

  
  

  Code Sign

  26:25:66:9e:61:c5:94:b1:44:de:f8:86:90:11:e8:b8

  Certificate

  Issuer

  CN=XXTFKBJT

  Not Before

  15-03-2019 21:54

  Not After

  31-12-2039 23:59

  Subject

  CN=XXTFKBJT

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  c8:f8:7a:1d:cb:71:e6:1e:ee:e2:dc:cc:08:24:25:94:59:f2:ca:63:cf:15:2e:27:c1:fc:af:14:49:22:d0:9e

  Signer

  Actual PE Digest

  c8:f8:7a:1d:cb:71:e6:1e:ee:e2:dc:cc:08:24:25:94:59:f2:ca:63:cf:15:2e:27:c1:fc:af:14:49:22:d0:9e

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=XXTFKBJT

  16-03-2019 04:34

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVolumePathNameW

  HeapAlloc

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionAndSpinCount

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryExW

  LoadLibraryW

  LocalAlloc

  LocalFree

  MapViewOfFile

  MultiByteToWideChar

  OpenEventW

  OpenProcess

  OutputDebugStringW

  QueryPerformanceCounter

  ReadConsoleW

  ReadFile

  ReleaseMutex

  GetTimeZoneInformation

  SetConsoleCursorPosition

  SetConsoleMode

  SetEndOfFile

  SetFilePointer

  SetLastError

  SetUnhandledExceptionFilter

  Sleep

  SystemTimeToTzSpecificLocalTime

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnmapViewOfFile

  VerSetConditionMask

  VerifyVersionInfoW

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  lstrcatW

  lstrcmpW

  lstrcmpiW

  lstrcpyW

  lstrcpynW

  lstrlenW

  GetTimeFormatW

  GetTickCount

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetStringTypeW

  GetStdHandle

  GetStartupInfoW

  GetProcessHeap

  GetProcAddress

  GetOEMCP

  GetNumberFormatW

  GetModuleHandleW

  GetModuleHandleExW

  GetModuleFileNameW

  GetLocaleInfoW

  GetLastError

  GetFileType

  GetFileSize

  GetFileAttributesW

  GetEnvironmentStringsW

  GetDriveTypeW

  GetCurrentThreadId

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleScreenBufferInfo

  GetConsoleMode

  GetConsoleCP

  GetComputerNameExW

  GetCommandLineW

  GetCPInfo

  GetACP

  FreeLibrary

  FreeEnvironmentStringsW

  FormatMessageW

  FlushFileBuffers

  FileTimeToSystemTime

  ExpandEnvironmentStringsW

  ExitProcess

  EnterCriticalSection

  EncodePointer

  DeleteCriticalSection

  DecodePointer

  CreateProcessW

  CreateMutexW

  CreateFileW

  CreateFileMappingW

  CreateDirectoryW

  CompareStringW

  CloseHandle

  VirtualAllocEx

  RtlUnwind

  GetModuleHandleA

  user32

  DrawIconEx

  DrawStateA

  DrawTextA

  DrawTextW

  EnableMenuItem

  EnableWindow

  EndDeferWindowPos

  EndDialog

  EndPaint

  EnumChildWindows

  EnumDisplayMonitors

  EnumWindows

  EqualRect

  ExcludeUpdateRgn

  ExitWindowsEx

  FillRect

  FindWindowA

  FindWindowW

  FrameRect

  GetActiveWindow

  GetAsyncKeyState

  GetCapture

  GetClassInfoA

  GetClassLongA

  GetClassNameA

  GetClassNameW

  GetClientRect

  GetCursorPos

  GetDC

  GetDCEx

  GetDesktopWindow

  GetDlgCtrlID

  GetDlgItem

  DrawIcon

  GetDlgItemTextW

  GetDoubleClickTime

  GetForegroundWindow

  GetGUIThreadInfo

  GetKeyState

  GetKeyboardLayout

  GetLastActivePopup

  GetMenu

  GetMenuCheckMarkDimensions

  GetMenuItemCount

  GetMenuItemID

  GetMenuItemInfoW

  GetMenuState

  GetMenuStringA

  GetMessageA

  GetMessagePos

  GetMessageTime

  GetMessageW

  GetNextDlgGroupItem

  GetNextDlgTabItem

  GetParent

  GetPropA

  GetScrollInfo

  GetSubMenu

  GetSysColor

  GetSysColorBrush

  GetSystemMetrics

  GetTopWindow

  GetUpdateRect

  GetWindow

  GetWindowDC

  GetWindowLongA

  GetWindowLongW

  GetWindowPlacement

  GetWindowRect

  GetWindowTextA

  GetWindowTextLengthA

  GetWindowTextLengthW

  GetWindowTextW

  GetWindowThreadProcessId

  GrayStringA

  HideCaret

  IMPQueryIMEW

  InflateRect

  IntersectRect

  InvalidateRect

  IsChild

  IsClipboardFormatAvailable

  IsDialogMessageA

  IsDialogMessageW

  IsIconic

  IsRectEmpty

  IsWindow

  IsWindowEnabled

  IsWindowUnicode

  IsWindowVisible

  KillTimer

  LoadBitmapA

  LoadCursorA

  LoadCursorW

  LoadIconA

  LoadIconW

  LoadImageA

  LoadImageW

  LoadStringA

  LoadStringW

  LockWindowUpdate

  MapDialogRect

  MapWindowPoints

  MessageBeep

  MessageBoxA

  MessageBoxW

  ModifyMenuA

  ModifyMenuW

  MoveWindow

  MsgWaitForMultipleObjects

  OffsetRect

  PeekMessageA

  PostMessageA

  PostMessageW

  PostQuitMessage

  PostThreadMessageA

  PtInRect

  RegisterClassA

  RegisterClassW

  RegisterClipboardFormatA

  RegisterClipboardFormatW

  RegisterWindowMessageA

  ReleaseDC

  RemoveMenu

  RemovePropA

  ScreenToClient

  SendDlgItemMessageA

  SendDlgItemMessageW

  SendMessageA

  SendMessageW

  SetActiveWindow

  SetCapture

  SetClassLongW

  SetClipboardViewer

  SetCursor

  SetCursorPos

  SetDlgItemTextA

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetMenuItemBitmaps

  SetParent

  SetPropA

  SetRect

  SetRectEmpty

  SetScrollInfo

  SetScrollPos

  SetScrollRange

  SetShellWindow

  SetTimer

  SetWindowContextHelpId

  SetWindowLongA

  SetWindowLongW

  SetWindowPos

  SetWindowTextA

  SetWindowTextW

  SetWindowsHookExA

  ShowCaret

  ShowCursor

  ShowWindow

  SystemParametersInfoA

  SystemParametersInfoW

  TabbedTextOutA

  TrackPopupMenu

  TranslateMessage

  UnhookWindowsHookEx

  UnionRect

  UnregisterClassA

  UnregisterClassW

  UpdateWindow

  ValidateRect

  WinHelpA

  WinHelpW

  WindowFromPoint

  wsprintfA

  wsprintfW

  DrawFrameControl

  DrawFocusRect

  DispatchMessageW

  DispatchMessageA

  DestroyMenu

  DestroyIcon

  DeleteMenu

  DeferWindowPos

  DefWindowProcW

  DefWindowProcA

  DefDlgProcW

  DefDlgProcA

  DdeGetLastError

  CreateWindowStationW

  CreateWindowExW

  CreateWindowExA

  CreatePopupMenu

  CreateDialogParamW

  CreateDialogParamA

  CreateDialogIndirectParamA

  CopyRect

  CopyImage

  CopyIcon

  CopyAcceleratorTableA

  ClientToScreen

  ChildWindowFromPointEx

  ChildWindowFromPoint

  CheckMenuRadioItem

  CheckMenuItem

  CharUpperA

  CharNextA

  ChangeClipboardChain

  CascadeChildWindows

  CallWindowProcW

  CallWindowProcA

  CallNextHookEx

  BeginPaint

  BeginDeferWindowPos

  AppendMenuW

  AppendMenuA

  AdjustWindowRectEx

  GetFocus

  OpenIcon

  IsMenu

  DestroyWindow

  WindowFromDC

  CloseWindowStation

  GetListBoxInfo

  CloseDesktop

  CloseWindow

  CreateMenu

  IsCharAlphaNumericW

  ReleaseCapture

  GetDlgItemTextA

  gdi32

  CreateDCW

  CreateFontIndirectA

  CreateFontIndirectW

  CreatePen

  CreateSolidBrush

  DeleteObject

  EngDeletePalette

  EnumICMProfilesW

  EnumObjects

  GdiConvertBitmapV5

  GdiEntry4

  GdiEntry6

  GdiFixUpHandle

  GdiRealizationInfo

  GdiSetPixelFormat

  GdiStartDocEMF

  GdiSwapBuffers

  GetClipRgn

  GetDeviceCaps

  GetGlyphIndicesW

  GetObjectA

  GetRegionData

  GetStockObject

  BeginPath

  GetTextCharacterExtra

  GetTextFaceW

  LineTo

  MoveToEx

  PolyPolyline

  PolyTextOutA

  RectVisible

  Rectangle

  ResetDCA

  STROBJ_dwGetCodePage

  SelectObject

  SetAbortProc

  SetBitmapBits

  SetBkMode

  SetColorSpace

  SetGraphicsMode

  SetLayout

  SetPixel

  SetTextColor

  StretchDIBits

  UpdateICMRegKeyW

  XLATEOBJ_piVector

  bInitSystemAndFontsDirectoriesW

  GetObjectType

  GetTextAlign

  CreatePatternBrush

  advapi32

  RegQueryValueExA

  RegOpenKeyA

  Sections

  .text

  Size: 26KB - Virtual size: 25KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 33KB - Virtual size: 33KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 141KB - Virtual size: 141KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 145KB - Virtual size: 144KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ