9233efe676d87a94a976c16f5721120b8946771c5be6dde7b1f0fd5e6743445e

Sharing

Copy URL

Twitter E-mail

General

Target

9233efe676d87a94a976c16f5721120b8946771c5be6dde7b1f0fd5e6743445e
Size

2.0MB
MD5

82df89282c71a6ca22b5ce0695d611ff
SHA1

f17ab4893fea139b8d27c094c0f10b7c46445d78
SHA256

9233efe676d87a94a976c16f5721120b8946771c5be6dde7b1f0fd5e6743445e
SHA512

82a4d882b78b28b72bf51e3a75c7b2d05fddd94592ad45832efabd7a9d8f37d4521206139c106879ccd8b835e30b6c1856d1a2c5cb4a38c7db4473195b18e5ae
SSDEEP

49152:ZgfYCj3AI5NFMIuxuMWIdMtiZZi/r+Kz3+ULkNVAjbOPMccZT:ZgfYCLAUHwuMbis3i/fz3+ULkNGjbOPS

Score

N/A

Malware Config

Signatures

Files

9233efe676d87a94a976c16f5721120b8946771c5be6dde7b1f0fd5e6743445e
.exe windows x86

f00850b56b3b9f9aa76e2e862971f0cc

Code Sign

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/01/2004, 00:00

Not After

31/12/2028, 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:ca:d0:24:98:f9:fa:6c:7e:ac:a4:3a:bb:ab:95:91
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18/04/2022, 00:00

Not After

17/04/2024, 23:59

Subject

CN=Media Ground,O=Media Ground,ST=Gwangju,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GetTimeZoneInformation
GetStringTypeW
GetFullPathNameW
GetCurrentDirectoryW
GetFileAttributesExW
LCMapStringW
CompareStringW
GetStdHandle
ExitProcess
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
GetCommandLineW
GetCommandLineA
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
OutputDebugStringW
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindNextFileW
SearchPathA
GetProfileIntA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
lstrcpyA
GetWindowsDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
GetACP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetTickCount
FindResourceA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExA
GetCurrentThreadId
GetCurrentThread
GetThreadLocale
lstrcmpiA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
DuplicateHandle
OutputDebugStringA
GetVolumeInformationA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
SetLastError
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
CreateMutexA
WaitForSingleObject
GetCurrentDirectoryA
GetTempPathA
GetLastError
GetCurrentProcess
MoveFileA
SystemTimeToFileTime
GetLocalTime
CreateDirectoryA
GetModuleFileNameA
Sleep
GetTempFileNameA
WriteFile
CloseHandle
CreateFileA
GetModuleHandleA
VirtualAlloc
FreeLibrary
WideCharToMultiByte
GetProcAddress
LoadLibraryA
DeleteFileA
FindResourceW
LoadResource
LockResource
SizeofResource
HeapQueryInformation

user32

InflateRect
GetMenuItemInfoA
DestroyMenu
DestroyIcon
SetRectEmpty
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoA
CopyImage
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
LoadCursorA
GetSysColorBrush
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetAsyncKeyState
BringWindowToTop
LoadAcceleratorsA
LockWindowUpdate
UpdateLayeredWindow
GetWindowTextA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
GetLastActivePopup
MessageBoxA
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDesktopWindow
GetWindowLongA
SetActiveWindow
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
TrackMouseEvent
LoadImageW
GetKeyNameTextA
MapVirtualKeyA
UnionRect
GetSystemMenu
SetParent
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetClassNameA
GetWindowThreadProcessId
GetParent
SetTimer
KillTimer
IsIconic
SendMessageA
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
UnregisterClassA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CharUpperA
PostMessageA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
RegisterClipboardFormatA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
FrameRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
IsWindowEnabled
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
CopyIcon
SetCursorPos
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetWindowRgn
SetClassLongA
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
GetTextMetricsA
CreateCompatibleDC
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA
SHFileOperationA
SHGetFileInfoA
DragQueryFileA
SHAppBarMessage
SHBrowseForFolderA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
GetWindowTheme
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed

ole32

RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
RegisterDragDrop
OleTranslateAccelerator
IsAccelerator
CoGetClassObject
OleDestroyMenuDescriptor
OleGetClipboard
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoDisconnectObject
CoInitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoLockObjectExternal

oleaut32

SysAllocString
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit

oledlg

ord8

wininet

InternetSetOptionA
InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetQueryDataAvailable

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdipBitmapUnlockBits

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f00850b56b3b9f9aa76e2e862971f0cc

Code Sign

01Certificate

Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

2a:ca:d0:24:98:f9:fa:6c:7e:ac:a4:3a:bb:ab:95:91Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wininet

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 314KB - Virtual size: 313KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 137KB - Virtual size: 137KB

01
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

2a:ca:d0:24:98:f9:fa:6c:7e:ac:a4:3a:bb:ab:95:91
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 314KB - Virtual size: 313KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 137KB - Virtual size: 137KB