General

Malware Config

Signatures

Files

• 36e8824be5fe9326355ce10b2bcd9c80cca5cd28fb544be5b45396689fb849da

  .exe windows x86

  871b8b6d59c1e6ca20ad1137a5a68497

  
  

  Code Sign

  7e:a9:18:84:7b:3b:10:af:4b:1e:03:75:ad:99:88:d6

  Certificate

  Issuer

  CN=SZSUSNER

  Not Before

  14-03-2019 21:20

  Not After

  31-12-2039 23:59

  Subject

  CN=SZSUSNER

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  2a:84:84:fd:e9:7b:e1:35:e1:04:b4:a1:ed:6e:d0:b6:52:7c:32:44:94:b3:6b:26:7b:13:06:c7:29:8c:8d:cd

  Signer

  Actual PE Digest

  2a:84:84:fd:e9:7b:e1:35:e1:04:b4:a1:ed:6e:d0:b6:52:7c:32:44:94:b3:6b:26:7b:13:06:c7:29:8c:8d:cd

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=SZSUSNER

  15-03-2019 07:58

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetCommProperties

  GetCommState

  GetCommandLineA

  GetCommandLineW

  GetConsoleCP

  GetConsoleMode

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetDateFormatA

  GetDateFormatW

  GetEnvironmentStringsW

  GetFileType

  GetLastError

  GetModuleFileNameW

  GetModuleHandleExW

  GetModuleHandleW

  GetOEMCP

  GetOverlappedResult

  GetProcAddress

  GetProcessHeap

  GetStartupInfoA

  GetStartupInfoW

  GetStdHandle

  GetStringTypeW

  GetSystemDefaultLangID

  GetSystemTime

  GetSystemTimeAsFileTime

  GetTickCount

  GetTimeFormatA

  GetTimeFormatW

  GetUserDefaultLCID

  GetVersionExA

  HeapAlloc

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  InitializeSListHead

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsBadReadPtr

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  GetCPInfo

  LeaveCriticalSection

  LoadLibraryA

  LoadLibraryExW

  LoadLibraryW

  LocalAlloc

  LocalFree

  LocalReAlloc

  MultiByteToWideChar

  OpenEventW

  QueryPerformanceCounter

  RaiseException

  ReadFile

  ResetEvent

  ResumeThread

  RtlUnwind

  SetCommState

  SetCommTimeouts

  SetConsoleCtrlHandler

  SetEnvironmentVariableW

  SetEvent

  SetFilePointer

  SetFilePointerEx

  SetLastError

  SetStdHandle

  SetUnhandledExceptionFilter

  SetupComm

  Sleep

  SuspendThread

  TerminateProcess

  TerminateThread

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  WaitForMultipleObjects

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  lstrcatA

  lstrcatW

  lstrcmpA

  lstrcpyW

  lstrcpynA

  lstrlenA

  lstrlenW

  GetACP

  FreeLibrary

  FreeEnvironmentStringsW

  FormatMessageW

  FormatMessageA

  FlushFileBuffers

  FindNextFileW

  FindFirstFileExW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  ExitThread

  ExitProcess

  EnterCriticalSection

  EncodePointer

  DuplicateHandle

  DisconnectNamedPipe

  DeleteCriticalSection

  DecodePointer

  CreateThread

  CreateProcessW

  CreateNamedPipeW

  CreateFileW

  CreateEventW

  CreateEventA

  ConnectNamedPipe

  CloseHandle

  ClearCommError

  CallNamedPipeW

  AreFileApisANSI

  VirtualAlloc

  LCMapStringW

  GetModuleHandleA

  user32

  PeekMessageA

  MessageBoxA

  LoadStringA

  InvalidateRgn

  GetWindowThreadProcessId

  GetSystemMenu

  GetMessageTime

  GetDCEx

  SendDlgItemMessageA

  EnableMenuItem

  DispatchMessageA

  DestroyWindow

  DdeCreateStringHandleA

  CreateIconFromResource

  CreateDialogParamA

  CharNextExA

  GetTopWindow

  SendMessageTimeoutA

  SetForegroundWindow

  TranslateAccelerator

  FlashWindow

  gdi32

  CreateCompatibleDC

  CreateCompatibleBitmap

  CombineRgn

  BitBlt

  GetDeviceCaps

  GetPixel

  GetStockObject

  GetTextExtentPoint32W

  GetTextMetricsW

  CreateFontIndirectW

  MoveToEx

  PatBlt

  SelectObject

  SetBkColor

  SetPixel

  SetRectRgn

  SetTextColor

  StretchBlt

  TextOutW

  CreateICW

  CreatePen

  CreateRectRgn

  CreateSolidBrush

  LineTo

  DeleteObject

  DeleteDC

  advapi32

  RegOpenKeyExW

  RegCloseKey

  RegOpenKeyA

  RegQueryValueExA

  RegQueryValueExW

  shell32

  SHCreateDirectoryExA

  SHGetPathFromIDListW

  shlwapi

  StrCmpNIA

  Sections

  .text

  Size: 104KB - Virtual size: 103KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 49KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 23KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 24KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ