PcAppStore[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PcAppStore.exe
Size

1.7MB
MD5

5b9cb3073e4110808decbd163ee270fd
SHA1

2278fc86d85c57cc3f179d3b16adca53651d8d65
SHA256

5a6b250c939a72f157362cc9c0a64ab1841bfd26ceb323b7c9b019dcd3c5bbff
SHA512

fd424c6873ff2a8dd41811afb45e03799309540eaea0867183b2033f682184904bdd28872386875f2c85f3f91c2975006a2fcc98fdad93a7fcb2f34fea2e6a2b
SSDEEP

49152:Tnn+Bwy0OE3Zo+5k76npwaxgi0O16iguXqwOg:Km2EJJ5kBi0OgiJ

Score

N/A

Malware Config

Signatures

Files

PcAppStore.exe
.exe windows x86

4bc86485b7907c1bb98457b9ff177e24

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

26/07/2022, 00:00

Not After

26/07/2023, 23:59

Subject

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

26/07/2022, 00:00

Not After

26/07/2023, 23:59

Subject

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:93:8d:2a:66:39:92:b8:e6:dc:e9:db:73:22:78:22:f6:47:ee:98:f9:ee:c8:18:a1:33:97:ef:cd:2b:a3:a7
Signer

Actual PE Digest

96:93:8d:2a:66:39:92:b8:e6:dc:e9:db:73:22:78:22:f6:47:ee:98:f9:ee:c8:18:a1:33:97:ef:cd:2b:a3:a7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

01/12/2022, 14:34
Valid: true

Chain 1

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

23:6a:f8:f2:97:4a:c5:9c:5f:48:c1:b4:49:ca:10:20:87:7f:8c:2f
Signer

Actual PE Digest

23:6a:f8:f2:97:4a:c5:9c:5f:48:c1:b4:49:ca:10:20:87:7f:8c:2f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

01/12/2022, 14:34
Valid: true

Chain 1

CN=Fast Corporate Ltd,O=Fast Corporate Ltd,ST=Tel Aviv,C=IL

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

kernel32

LocalFree
OpenEventW
CreateEventW
CloseHandle
GetTickCount64
DeleteFileW
WaitForMultipleObjects
Sleep
WaitForSingleObject
GetModuleFileNameW
CreateDirectoryW
FormatMessageW
CreateThread
SetEvent
ResetEvent
WideCharToMultiByte
TerminateProcess
GetTickCount
WaitForSingleObjectEx
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
ReadFile
GlobalAlloc
FreeResource
GlobalFree
K32EnumProcesses
OpenProcess
QueryFullProcessImageNameW
GetCurrentProcess
GetStdHandle
FindClose
CreateFileW
LoadLibraryW
SetCurrentDirectoryW
GetProcAddress
GetCurrentProcessId
SystemTimeToFileTime
FreeLibrary
GetSystemTime
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetFileSize
DeleteCriticalSection
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
FlushFileBuffers
InitializeCriticalSectionEx
DecodePointer
PeekNamedPipe
QueryPerformanceFrequency
GetStringTypeW
WriteConsoleW
GetCommandLineW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
GetTimeZoneInformation
ReadConsoleW
IsDebuggerPresent
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
GetCurrentDirectoryW
SetEnvironmentVariableW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCPInfo
MultiByteToWideChar
GetLastError
CompareStringEx
LCMapStringEx
SetLastError
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
FindResourceExW
FindResourceW
LoadResource
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
FindFirstFileExW
FindNextFileW
EncodePointer
GetLocaleInfoEx
GetModuleHandleW
SetFilePointerEx
LockResource
SizeofResource
RaiseException
FreeEnvironmentStringsW
GetFileSizeEx

user32

TrackPopupMenu
DestroyWindow
DefWindowProcW
PostQuitMessage
MonitorFromPoint
LoadIconW
RegisterClassExW
CreateWindowExW
GetMessageW
LoadCursorW
RegisterClassW
FindWindowW
FindWindowExW
SetWindowLongW
ShowWindow
UpdateWindow
RedrawWindow
GetWindowLongW
InsertMenuW
SetTimer
BringWindowToTop
BeginPaint
EndPaint
PostMessageW
CallNextHookEx
keybd_event
GetSystemMetrics
MessageBoxW
GetAsyncKeyState
GetPhysicalCursorPos
WindowFromPoint
GetWindowThreadProcessId
SetWinEventHook
PeekMessageW
TranslateMessage
GetForegroundWindow
SetForegroundWindow
CreatePopupMenu
GetCursorPos
MoveWindow
GetMonitorInfoA
SetWindowsHookExW
SetRect
DispatchMessageW
SystemParametersInfoW
GetWindowRect
GetClassNameW
GetWindowTextW
EnumChildWindows
GetDesktopWindow
SendInput
wsprintfW
UnhookWindowsHookEx

gdi32

GetPixel

winspool.drv

EnumPrintersW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegNotifyChangeKeyValue
RegQueryValueExW
RegSetKeyValueW
RegCreateKeyW
RegSetValueExW

shell32

ShellExecuteExW
ShellExecuteW
CommandLineToArgvW
SHAppBarMessage
SHQueryUserNotificationState
SHEmptyRecycleBinW
SHGetFolderPathW
Shell_NotifyIconW
SHQueryRecycleBinW

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CoInitialize

oleaut32

SafeArrayGetElement
VariantInit
SysFreeString
SysAllocString
VariantClear

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathRenameExtensionW
PathFindFileNameW
PathAddBackslashW

ws2_32

inet_addr

wlanapi

WlanEnumInterfaces
WlanRegisterNotification
WlanScan
WlanGetAvailableNetworkList
WlanOpenHandle
WlanFreeMemory
WlanAllocateMemory
WlanCloseHandle

iphlpapi

GetIpNetTable
IcmpCloseHandle
SendARP
IcmpCreateFile

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor

gdiplus

GdiplusStartup
GdiplusShutdown
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStreamICM
GdipCreateFromHDC
GdipGetImageHeight
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipDrawString
GdipFillEllipseI
GdipDrawImageRectI
GdipFillRectangleI
GdipDeleteGraphics
GdipGetImageWidth

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bc86485b7907c1bb98457b9ff177e24

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

96:93:8d:2a:66:39:92:b8:e6:dc:e9:db:73:22:78:22:f6:47:ee:98:f9:ee:c8:18:a1:33:97:ef:cd:2b:a3:a7Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: true

Chain 1

23:6a:f8:f2:97:4a:c5:9c:5f:48:c1:b4:49:ca:10:20:87:7f:8c:2fSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

version

shlwapi

ws2_32

wlanapi

iphlpapi

api-ms-win-shcore-scaling-l1-1-1

gdiplus

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 182KB - Virtual size: 181KB

.data Size: 68KB - Virtual size: 107KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 50KB - Virtual size: 50KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

ea:59:a4:45:c0:36:77:0f:17:00:db:c8:a5:bf:7f:f7
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

96:93:8d:2a:66:39:92:b8:e6:dc:e9:db:73:22:78:22:f6:47:ee:98:f9:ee:c8:18:a1:33:97:ef:cd:2b:a3:a7
Signer

01/12/2022, 14:34
Valid: true

23:6a:f8:f2:97:4a:c5:9c:5f:48:c1:b4:49:ca:10:20:87:7f:8c:2f
Signer

01/12/2022, 14:34
Valid: true

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 182KB - Virtual size: 181KB

.data
Size: 68KB - Virtual size: 107KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 50KB - Virtual size: 50KB