General

Malware Config

Signatures

Files

• 2f9debc3bb96ae6cfb1fe12d142d3aa98dc7bc7a83c9aa6ce730992edd756d3f

  .exe windows x86

  b69e46e98a3734fc65fb43f7ddd1762b

  
  

  Code Sign

  11:d0:66:9d:db:dc:7c:76:b1:dd:ba:30:1c:cf:c5:ec

  Certificate

  Issuer

  CN=EEOSBZDBKDZIEXZDHC

  Not Before

  25-04-2019 11:22

  Not After

  31-12-2039 23:59

  Subject

  CN=EEOSBZDBKDZIEXZDHC

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  f7:f7:1d:44:e8:49:ee:a0:90:b2:c5:e1:5f:2a:ae:d7:34:4f:91:a3:6c:fa:e3:32:71:c5:5d:49:64:2e:da:11

  Signer

  Actual PE Digest

  f7:f7:1d:44:e8:49:ee:a0:90:b2:c5:e1:5f:2a:ae:d7:34:4f:91:a3:6c:fa:e3:32:71:c5:5d:49:64:2e:da:11

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=EEOSBZDBKDZIEXZDHC

  26-04-2019 09:38

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleHandleW

  VirtualAllocEx

  TlsSetValue

  TlsGetValue

  LocalAlloc

  lstrlenW

  lstrcmpA

  lstrcmpW

  WriteProcessMemory

  WritePrivateProfileStringW

  WriteFile

  WaitForSingleObject

  VirtualQuery

  VirtualProtect

  VirtualFree

  VirtualAlloc

  UnmapViewOfFile

  TerminateThread

  TerminateProcess

  SystemTimeToFileTime

  SuspendThread

  Sleep

  SizeofResource

  SetUnhandledExceptionFilter

  SetThreadPriority

  SetLastError

  SetFilePointer

  SetFileAttributesA

  SetEvent

  SetEndOfFile

  ResumeThread

  ResetEvent

  RemoveDirectoryA

  ReleaseMutex

  ReadProcessMemory

  ReadFile

  RaiseException

  QueryPerformanceFrequency

  QueryPerformanceCounter

  OutputDebugStringW

  OpenProcess

  OpenFileMappingA

  OpenFileMappingW

  MulDiv

  MapViewOfFile

  LockResource

  LocalSize

  LocalFree

  LoadResource

  LoadLibraryExA

  LoadLibraryW

  LeaveCriticalSection

  IsBadWritePtr

  IsBadReadPtr

  InitializeCriticalSection

  HeapFree

  HeapDestroy

  HeapCreate

  HeapAlloc

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalMemoryStatus

  GlobalHandle

  GlobalLock

  GlobalFree

  GlobalAlloc

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GetVersionExA

  GetVersionExW

  GetVersion

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetThreadContext

  GetTempPathA

  GetTempPathW

  GetTempFileNameW

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDefaultLangID

  GetProcAddress

  GetPrivateProfileStringW

  GetPriorityClass

  GetModuleHandleA

  GetModuleFileNameA

  GetModuleFileNameW

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetFileTime

  GetFileSize

  GetFileAttributesA

  GetFileAttributesW

  GetDiskFreeSpaceA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameA

  GetComputerNameW

  GetCommandLineA

  GetCommandLineW

  FreeResource

  InterlockedIncrement

  InterlockedExchangeAdd

  InterlockedExchange

  InterlockedDecrement

  InterlockedCompareExchange

  FreeLibrary

  FormatMessageA

  FormatMessageW

  FlushInstructionCache

  FindResourceA

  FindResourceW

  FindNextFileA

  FindFirstFileA

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsA

  ExitThread

  ExitProcess

  EnterCriticalSection

  DuplicateHandle

  DeleteFileA

  DeleteFileW

  DeleteCriticalSection

  CreateThread

  CreateRemoteThread

  CreateProcessA

  CreateProcessW

  CreatePipe

  CreateMutexA

  CreateMutexW

  CreateFileMappingA

  CreateFileMappingW

  CreateFileA

  CreateFileW

  CreateEventW

  CreateDirectoryA

  CopyFileA

  CompareStringW

  CloseHandle

  Beep

  RtlUnwind

  UnlockFileEx

  FlushFileBuffers

  LockFileEx

  GetFileSizeEx

  SetFilePointerEx

  SetThreadUILanguage

  GetStartupInfoW

  GetStdHandle

  GetFileType

  WideCharToMultiByte

  GetConsoleOutputCP

  WriteConsoleW

  GetConsoleMode

  LoadLibraryExW

  SetConsoleMode

  SystemTimeToTzSpecificLocalTime

  GetSystemTimeAsFileTime

  UnhandledExceptionFilter

  GetACP

  MultiByteToWideChar

  GetConsoleCP

  SetThreadLocale

  SearchPathW

  QueryDosDeviceW

  GetLogicalDriveStringsW

  ProcessIdToSessionId

  GetProcessHeap

  SetErrorMode

  GetExitCodeProcess

  lstrcpyW

  SwitchToThread

  PulseEvent

  OpenEventW

  InitializeCriticalSectionAndSpinCount

  GlobalMemoryStatusEx

  GetSystemPowerStatus

  FindFirstFileW

  LoadLibraryA

  lstrcmpiA

  GetSystemDirectoryA

  SetThreadAffinityMask

  GetQueuedCompletionStatus

  SetThreadPriorityBoost

  WaitForSingleObjectEx

  CreateIoCompletionPort

  MoveFileExA

  MoveFileA

  lstrcpynA

  lstrcatA

  lstrcpyA

  lstrlenA

  GetStringTypeW

  GetStringTypeA

  GetStartupInfoA

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  SetHandleCount

  LCMapStringA

  LCMapStringW

  GetEnvironmentVariableA

  HeapReAlloc

  SetStdHandle

  GetCPInfo

  GetOEMCP

  AddAtomA

  AreFileApisANSI

  DeviceIoControl

  FindAtomA

  GetAtomNameA

  GetConsoleScreenBufferInfo

  GetDriveTypeA

  GetFileInformationByHandle

  GetFullPathNameA

  GetLogicalDriveStringsA

  GetShortPathNameA

  GetTimeZoneInformation

  GetVolumeInformationA

  PeekNamedPipe

  SetFileTime

  SetVolumeLabelA

  UnlockFile

  WritePrivateProfileSectionA

  GetPrivateProfileSectionA

  _llseek

  _lwrite

  _lread

  _lclose

  GetTempFileNameA

  FindResourceExA

  EnumResourceLanguagesA

  EnumResourceNamesA

  EnumResourceTypesA

  GetCurrentDirectoryA

  GetPrivateProfileIntA

  TlsFree

  TlsAlloc

  IsDBCSLeadByte

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  lstrcmpiW

  lstrcpynW

  lstrcatW

  GetShortPathNameW

  GetSystemWindowsDirectoryW

  GetLocaleInfoW

  GetUserDefaultUILanguage

  WaitForMultipleObjects

  SetEnvironmentVariableW

  GetEnvironmentVariableW

  GetFileAttributesExW

  ExpandEnvironmentStringsW

  CreateDirectoryW

  CopyFileW

  SetFileAttributesW

  MoveFileExW

  RemoveDirectoryW

  GetSystemDefaultLCID

  FindNextChangeNotification

  FlushViewOfFile

  OpenMutexW

  CreateTimerQueueTimer

  ChangeTimerQueueTimer

  DeleteTimerQueueTimer

  FindFirstChangeNotificationW

  FindCloseChangeNotification

  GetUserDefaultLCID

  WaitNamedPipeW

  FindNextFileW

  FindResourceExW

  GetDiskFreeSpaceExW

  GetNumberFormatW

  SetCurrentDirectoryW

  GetUserGeoID

  GetNativeSystemInfo

  MoveFileW

  GetCurrentDirectoryW

  GetLongPathNameW

  WriteProfileStringW

  GetProfileStringW

  GetUserDefaultLangID

  GetDriveTypeW

  GetExitCodeThread

  DebugBreak

  LocalReAlloc

  SetProcessShutdownParameters

  user32

  GetProcessWindowStation

  GetQueueStatus

  LoadCursorFromFileW

  PaintDesktop

  CharUpperA

  IsWindow

  GetSysColorBrush

  IsClipboardFormatAvailable

  AnyPopup

  CloseWindowStation

  GetDesktopWindow

  GetClipboardOwner

  GetThreadDesktop

  GetCaretBlinkTime

  DestroyWindow

  GetKeyState

  IsIconic

  GetTopWindow

  GetSysColor

  GetListBoxInfo

  CharNextW

  IsWindowVisible

  CharUpperW

  ShowCaret

  GetDC

  DestroyCursor

  VkKeyScanW

  GetActiveWindow

  MessageBoxA

  gdi32

  DeleteObject

  UpdateColors

  GetLayout

  CreateMetaFileW

  DeleteEnhMetaFile

  GetTextAlign

  GetDCPenColor

  CloseMetaFile

  CreateMetaFileA

  FillPath

  RealizePalette

  EndDoc

  SwapBuffers

  GetFontLanguageInfo

  GetSystemPaletteUse

  GetGraphicsMode

  GetStretchBltMode

  WidenPath

  ExtSelectClipRgn

  CreatePatternBrush

  GetViewportExtEx

  SelectPalette

  CreatePen

  CreateRectRgnIndirect

  PatBlt

  SetRectRgn

  CombineRgn

  GetTextExtentPoint32A

  GetBkColor

  GetTextColor

  GetRgnBox

  GetMapMode

  CreateRectRgn

  SelectClipRgn

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  PtVisible

  GetPixel

  GetObjectA

  SetMapMode

  SetStretchBltMode

  SetBkMode

  RestoreDC

  SaveDC

  SetBkColor

  SetTextColor

  GetClipBox

  CreateBitmap

  BitBlt

  CreateCompatibleBitmap

  GetDeviceCaps

  CreateFontIndirectA

  GetStockObject

  DeleteDC

  StretchBlt

  SelectObject

  CreateCompatibleDC

  CreateSolidBrush

  GetWindowExtEx

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  msvcrt

  _except_handler3

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  _acmdln

  exit

  _XcptFilter

  _exit

  _onexit

  __dllonexit

  _controlfp

  Sections

  .text

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 172B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 106KB - Virtual size: 105KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ