WakeproudAPPLICATION[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

WakeproudAPPLICATION.exe
Size

24.2MB
MD5

76eee37e845842bf729701e08892f30b
SHA1

be223fe08eb3fe31b04fa6525ee006d1d58466b7
SHA256

5c3c5fba0e2b4bb74be4c7f7e4ed97f1be51c18c948aa2c2e85ed790e1c843ba
SHA512

cb4b7c3d8362f258e583e9082538ece16eff84a53d92b7cc66297242491f184a4fc7affd1b11104a5c9cbad5b1fa69491311f57f019bccae9b09fd1233c31eb8
SSDEEP

393216:9hw76hCCCgnFJsv6tWKFdu9COmEt7CejbPAcvHS5hqRtqdMkApKrsdkMZx7084A8:9O76hCCCgbEtLb9HSSU83VZxw8Vfw/f

Score

N/A

Malware Config

Signatures

Files

WakeproudAPPLICATION.exe
.exe windows x86

835e161c6bfc771a818d685dc97d340c

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10/02/2022, 00:00

Not After

10/02/2023, 23:59

Subject

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:92:21:c7:db:b9:aa:f0:35:ff:63:f0:b6:76:3c:26:c3:b7:0a:44:ec:01:77:a4:5d:5b:ff:1d:dc:d9:ba:c4
Signer

Actual PE Digest

d0:92:21:c7:db:b9:aa:f0:35:ff:63:f0:b6:76:3c:26:c3:b7:0a:44:ec:01:77:a4:5d:5b:ff:1d:dc:d9:ba:c4

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

09/08/2022, 13:27
Valid: true

Chain 1

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDCW
DeleteObject
RemoveFontMemResourceEx
CreateRectRgn
CreateCompatibleBitmap
GetStockObject
OffsetRgn
GetDIBits
RemoveFontResourceExW
SetBkMode
SelectObject
GetTextMetricsW
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
AddFontResourceExW
ExtTextOutW
CreateDIBSection
SetTextColor
GdiFlush
SelectClipRgn
GetCharABCWidthsW
SetWorldTransform
GetCharABCWidthsFloatW
GetDeviceCaps
SetTextAlign
GetCharABCWidthsI
CreateBitmap
BitBlt
GetOutlineTextMetricsW
GetFontData
GetTextFaceW
EnumFontFamiliesExW
GetObjectW
SetGraphicsMode
GetTextExtentPoint32W
AddFontMemResourceEx
CombineRgn
GetRegionData
GetGlyphOutlineW

oleaut32

SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmGetContext
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmNotifyIME
ImmReleaseContext
ImmGetCompositionStringW
ImmSetCompositionWindow

winmm

PlaySoundW

kernel32

GetProcessHeap
QueryPerformanceFrequency
OpenFileMappingW
EncodePointer
IsProcessorFeaturePresent
SetLastError
TlsGetValue
SetEndOfFile
LeaveCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
InitializeCriticalSection
FindFirstFileW
GetCurrencyFormatW
HeapSetInformation
DuplicateHandle
DeleteFileA
GetUserDefaultLCID
ResumeThread
SetEnvironmentVariableA
GlobalLock
CreateFileMappingW
GetConsoleMode
IsValidLanguageGroup
IsValidCodePage
MoveFileW
EnterCriticalSection
FindClose
GetFileAttributesW
WideCharToMultiByte
CreateSemaphoreW
GetSystemTime
GetSystemDirectoryW
HeapAlloc
WriteConsoleW
MoveFileExW
LoadLibraryW
FreeEnvironmentStringsW
GetStringTypeW
RaiseException
GetLastError
CreateFileA
FindFirstFileExW
WaitForSingleObject
DeviceIoControl
InterlockedDecrement
HeapReAlloc
GetModuleHandleW
FileTimeToSystemTime
CreateThread
FormatMessageW
GetUserDefaultLangID
SetHandleCount
SetFilePointer
GlobalSize
InterlockedIncrement
CompareStringW
GetSystemTimeAsFileTime
InterlockedExchange
ReleaseSemaphore
OutputDebugStringW
GetEnvironmentVariableA
GetModuleHandleA
SetThreadPriority
RtlUnwind
GetCurrentThreadId
lstrlenA
GetTimeFormatA
SetFilePointerEx
UnmapViewOfFile
GetFullPathNameW
HeapFree
SleepEx
GetCommandLineW
GetSystemInfo
GlobalUnlock
OpenProcess
GetTickCount64
InitializeCriticalSectionAndSpinCount
GetLongPathNameW
LCMapStringW
CheckRemoteDebuggerPresent
TlsSetValue
TlsAlloc
MapViewOfFile
UnhandledExceptionFilter
GetOEMCP
SetFileAttributesW
GetTimeZoneInformation
GetDateFormatW
GetCurrentProcess
OutputDebugStringA
GetDateFormatA
EnumSystemLocalesA
GetLocaleInfoW
CreateProcessW
ReadFile
SetEvent
GetFileType
FlushFileBuffers
SetStdHandle
ResetEvent
CreateMutexW
CreateFileW
TerminateProcess
GetCurrentDirectoryW
GetFileInformationByHandle
GetProcAddress
CreateDirectoryW
LocalFree
GetVersionExW
GetConsoleCP
ExpandEnvironmentStringsW
GetThreadPriority
GetCurrentProcessId
IsDebuggerPresent
GetLocalTime
TerminateThread
WriteFile
FindNextFileW
DecodePointer
GlobalAlloc
IsValidLocale
GetLocaleInfoA
VerSetConditionMask
GetUserDefaultUILanguage
GetStdHandle
GetEnvironmentStringsW
Sleep
HeapCreate
CopyFileW
GetFileAttributesExW
CreateEventW
SetErrorMode
SetUnhandledExceptionFilter
GetModuleFileNameW
FileTimeToLocalFileTime
DeleteFileW
TlsFree
RemoveDirectoryW
QueryPerformanceCounter
FreeLibrary
GetCommandLineA
GetFileSizeEx
lstrcmpW
GetTimeFormatW
VerifyVersionInfoW
MultiByteToWideChar
CloseHandle
GetCurrentThread
HeapSize
ExitProcess
VirtualQuery
GetVolumeInformationW
GetFileSize
GetDriveTypeW
GetModuleFileNameA
ExitThread
VirtualFree
GetStartupInfoW
ReleaseMutex
GetLogicalDrives
GetTickCount
PeekNamedPipe
GetCPInfo
GetACP
SystemTimeToTzSpecificLocalTime

user32

GetParent
GetClipboardFormatNameW
GetSysColor
InvalidateRect
RegisterClassExW
GetCursorPos
GetDesktopWindow
TrackMouseEvent
GetAncestor
GetWindowRect
CreateCursor
GetAsyncKeyState
GetCaretBlinkTime
GetMonitorInfoW
DefWindowProcW
MessageBeep
SetWindowsHookExW
SetCaretPos
MoveWindow
SetCursor
GetWindowThreadProcessId
GetSysColorBrush
SetWindowPos
GetWindowLongW
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
CallNextHookEx
EnumDisplayMonitors
DrawIconEx
IsZoomed
SetForegroundWindow
SetWindowTextW
GetDoubleClickTime
GetMenu
CreateIconIndirect
RegisterWindowMessageW
GetUpdateRect
DestroyIcon
GetDC
SendMessageW
CharNextExA
SetFocus
ScreenToClient
IsWindowVisible
GetIconInfo
DestroyWindow
GetMessageExtraInfo
ReleaseDC
SetParent
SetWindowRgn
AdjustWindowRectEx
GetKeyboardLayoutList
ToUnicode
GetSystemMetrics
ReleaseCapture
GetKeyState
CreateCaret
IsChild
TrackPopupMenuEx
GetKeyboardState
KillTimer
GetClassInfoW
BeginPaint
SystemParametersInfoW
SetMenuItemInfoW
ToAscii
PostMessageW
SetCapture
SetClipboardViewer
ChildWindowFromPointEx
RegisterClassW
EndPaint
SetCursorPos
LoadImageW
GetSystemMenu
GetFocus
CreateWindowExW
LoadIconW
ShowWindow
PeekMessageW
TranslateMessage
NotifyWinEvent
GetCapture
DispatchMessageW
GetActiveWindow
MapVirtualKeyW
FlashWindowEx
UnhookWindowsHookEx
HideCaret
DestroyCaret
GetWindowPlacement
DestroyCursor
ChangeClipboardChain
GetClientRect
IsIconic
EnableMenuItem
ClientToScreen
SetWindowLongW
UnregisterClassW
RegisterClipboardFormatW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
SHGetFileInfoW

ole32

DoDragDrop
OleUninitialize
CoTaskMemAlloc
RegisterDragDrop
CoCreateInstance
OleSetClipboard
CoUninitialize
OleGetClipboard
CoTaskMemFree
CoLockObjectExternal
OleFlushClipboard
CoGetMalloc
OleIsCurrentClipboard
CoCreateGuid
ReleaseStgMedium
CoInitialize
RevokeDragDrop
OleInitialize

advapi32

CryptDestroyHash
CryptImportKey
RegFlushKey
CryptReleaseContext
CryptHashData
CryptGenRandom
RegEnumValueW
CryptGetHashParam
CopySid
RegEnumKeyExW
CryptCreateHash
GetTokenInformation
RegDeleteKeyW
FreeSid
OpenProcessToken
CryptEncrypt
CryptDestroyKey
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
CryptAcquireContextW
RegQueryInfoKeyW
GetLengthSid
RegQueryValueExW

ws2_32

htons
getsockopt
getpeername
socket
connect
WSASetLastError
getaddrinfo
bind
accept
listen
htonl
sendto
recvfrom
select
__WSAFDIsSet
ioctlsocket
gethostname
ntohs
getsockname
setsockopt
freeaddrinfo
recv
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSACloseEvent
WSACreateEvent
WSAWaitForMultipleEvents
WSAStartup
WSACleanup
WSAGetLastError
send
closesocket
WSAAsyncSelect
WSAIoctl

crypt32

CertEnumCertificatesInStore
PFXImportCertStore
CertAddCertificateContextToStore
CertOpenStore
CertFindExtension
CryptStringToBinaryW
CertCloseStore
CertFindCertificateInStore
CryptQueryObject
CertGetCertificateChain
CryptDecodeObjectEx
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CertFreeCertificateContext

wldap32

ord117
ord216
ord73
ord301
ord167
ord142
ord127
ord46
ord27
ord133
ord79
ord147
ord26
ord208
ord145
ord219
ord14
ord41

Exports

Exports

z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

835e161c6bfc771a818d685dc97d340c

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

d0:92:21:c7:db:b9:aa:f0:35:ff:63:f0:b6:76:3c:26:c3:b7:0a:44:ec:01:77:a4:5d:5b:ff:1d:dc:d9:ba:c4Signer

Signature Validations

Verification

09/08/2022, 13:27 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

oleaut32

imm32

winmm

kernel32

user32

shell32

ole32

advapi32

ws2_32

crypt32

wldap32

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 49KB - Virtual size: 62KB

.qtmetad Size: 512B - Virtual size: 272B

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 237KB - Virtual size: 236KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

d0:92:21:c7:db:b9:aa:f0:35:ff:63:f0:b6:76:3c:26:c3:b7:0a:44:ec:01:77:a4:5d:5b:ff:1d:dc:d9:ba:c4
Signer

09/08/2022, 13:27
Valid: true

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 49KB - Virtual size: 62KB

.qtmetad
Size: 512B - Virtual size: 272B

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 237KB - Virtual size: 236KB