General

Malware Config

Signatures

Files

• c15be020a73c9a655c49fdde613a8056729a7afbf13fde1d509d2b15ab9ca954

  .exe windows x86

  52a3022ee6c5045aac46c15e9996e502

  
  

  Code Sign

  7e:71:44:cd:db:6f:67:b5:41:17:ed:b5:a8:60:eb:2d

  Certificate

  Issuer

  CN=XRIYHVWS

  Not Before

  14-03-2019 17:11

  Not After

  31-12-2039 23:59

  Subject

  CN=XRIYHVWS

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  15:00:c9:8b:85:d9:b6:1b:6b:82:e5:d3:2a:28:51:18:80:a1:fc:2e:65:ae:93:9b:69:82:c5:33:ae:d7:09:be

  Signer

  Actual PE Digest

  15:00:c9:8b:85:d9:b6:1b:6b:82:e5:d3:2a:28:51:18:80:a1:fc:2e:65:ae:93:9b:69:82:c5:33:ae:d7:09:be

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=XRIYHVWS

  14-03-2019 20:42

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryExW

  LoadLibraryW

  LocalAlloc

  LocalFree

  Module32NextW

  MultiByteToWideChar

  OpenProcess

  OutputDebugStringW

  PeekConsoleInputW

  QueryPerformanceCounter

  ReadConsoleOutputCharacterW

  ReadConsoleW

  RemoveDirectoryW

  RtlUnwind

  SearchPathA

  SetConsoleMode

  SetFilePointerEx

  SetLastError

  SetNamedPipeHandleState

  SetProcessPriorityBoost

  SetProcessShutdownParameters

  SetStdHandle

  LoadLibraryExA

  SetThreadLocale

  SetUnhandledExceptionFilter

  SizeofResource

  Sleep

  SwitchToFiber

  SwitchToThread

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  WriteProfileStringW

  _llseek

  lstrcatW

  lstrcmpiA

  lstrcpynW

  lstrlenA

  LoadLibraryA

  LeaveCriticalSection

  LCMapStringW

  LCMapStringA

  IsValidCodePage

  IsProcessorFeaturePresent

  IsDebuggerPresent

  IsBadCodePtr

  InterlockedIncrement

  InterlockedDecrement

  InterlockedCompareExchange

  InitializeCriticalSectionAndSpinCount

  HeapSize

  HeapReAlloc

  HeapFree

  HeapAlloc

  Heap32ListNext

  GlobalAlloc

  GetTickCount

  GetSystemTimeAsFileTime

  GetSystemDirectoryA

  GetSystemDefaultLangID

  GetStringTypeW

  GetStdHandle

  GetStartupInfoW

  GetStartupInfoA

  GetProfileStringW

  GetProcessHeap

  GetProcAddress

  GetOEMCP

  GetModuleHandleW

  GetModuleHandleExW

  GetModuleFileNameW

  GetMailslotInfo

  GetLastError

  GetFileType

  GetExitCodeProcess

  GetEnvironmentStringsW

  GetDriveTypeW

  GetCurrentThreadId

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleTitleW

  GetConsoleScreenBufferInfo

  GetConsoleOutputCP

  GetConsoleMode

  GetConsoleCP

  GetCommandLineW

  GetCalendarInfoW

  GetCPInfo

  GetAtomNameW

  GetACP

  FreeLibrary

  FreeEnvironmentStringsW

  FormatMessageW

  FormatMessageA

  FlushFileBuffers

  ExitProcess

  EnterCriticalSection

  EncodePointer

  DeleteCriticalSection

  DecodePointer

  CreateProcessW

  CreateProcessA

  CreateFileW

  CopyFileW

  CloseHandle

  BuildCommDCBAndTimeoutsW

  GetModuleHandleA

  SetThreadAffinityMask

  VirtualAlloc

  user32

  EnumDisplayMonitors

  EnumDisplaySettingsW

  FillRect

  FindWindowExW

  FindWindowW

  FlashWindow

  GetActiveWindow

  GetAsyncKeyState

  EndPaint

  GetClassNameW

  GetClientRect

  GetClipboardData

  GetClipboardFormatNameW

  GetCursorPos

  GetDC

  GetDesktopWindow

  GetDialogBaseUnits

  GetDlgItem

  GetDoubleClickTime

  GetForegroundWindow

  GetGUIThreadInfo

  GetIconInfo

  GetKeyState

  GetMenuItemCount

  GetMenuItemID

  GetMenuItemInfoW

  GetMenuState

  GetMenuStringA

  GetMessagePos

  GetMessageTime

  GetMessageW

  GetParent

  GetScrollInfo

  GetSubMenu

  GetSysColor

  GetSysColorBrush

  GetSystemMenu

  GetSystemMetrics

  GetUpdateRect

  GetUpdateRgn

  GetWindow

  GetWindowDC

  GetWindowLongW

  GetWindowPlacement

  GetWindowRect

  GetWindowTextLengthW

  GetWindowTextW

  GetWindowThreadProcessId

  HideCaret

  IMPQueryIMEW

  InflateRect

  InsertMenuItemW

  InsertMenuW

  InvalidateRect

  IsClipboardFormatAvailable

  IsDialogMessageA

  IsDialogMessageW

  IsIconic

  IsRectEmpty

  IsWindow

  IsWindowEnabled

  IsWindowVisible

  IsZoomed

  KillTimer

  LoadBitmapW

  LoadCursorW

  LoadIconW

  LoadImageW

  LoadStringW

  MapVirtualKeyW

  MapWindowPoints

  MessageBeep

  MessageBoxTimeoutW

  MessageBoxW

  ModifyMenuW

  MoveWindow

  MsgWaitForMultipleObjects

  OffsetRect

  OpenClipboard

  PeekMessageW

  PostMessageW

  PostQuitMessage

  PostThreadMessageW

  PtInRect

  RedrawWindow

  RegisterClassW

  RegisterClipboardFormatW

  RegisterHotKey

  RegisterWindowMessageW

  ReleaseDC

  RemoveMenu

  ScreenToClient

  ScrollWindow

  SendMessageW

  SetActiveWindow

  SetCapture

  SetClassLongW

  SetCursor

  SetCursorPos

  SetFocus

  SetForegroundWindow

  SetMenu

  SetMenuItemInfoW

  SetParent

  SetRect

  SetRectEmpty

  SetScrollInfo

  SetShellWindow

  SetTimer

  SetWindowLongW

  SetWindowPos

  SetWindowRgn

  SetWindowTextW

  SetWindowsHookExW

  ShowCursor

  ShowWindow

  SystemParametersInfoW

  TrackPopupMenu

  TranslateAcceleratorW

  TranslateMessage

  UnhookWindowsHookEx

  UnionRect

  UnregisterClassW

  UnregisterHotKey

  UpdateWindow

  ValidateRect

  ValidateRgn

  VkKeyScanW

  WaitForInputIdle

  WindowFromPoint

  keybd_event

  wsprintfW

  EndDeferWindowPos

  EnableWindow

  EnableScrollBar

  EnableMenuItem

  EmptyClipboard

  DrawTextW

  DrawStateW

  DrawMenuBar

  DrawIconEx

  DrawFrameControl

  DrawFocusRect

  DrawEdge

  DispatchMessageW

  DestroyMenu

  DestroyIcon

  DestroyCursor

  DestroyAcceleratorTable

  DeferWindowPos

  DefWindowProcW

  DdeUninitialize

  DdeQueryStringW

  DdePostAdvise

  DdeNameService

  DdeInitializeW

  DdeGetLastError

  DdeGetData

  DdeFreeStringHandle

  DdeFreeDataHandle

  DdeDisconnect

  DdeCreateStringHandleW

  DdeCreateDataHandle

  DdeConnect

  DdeClientTransaction

  CreateWindowStationW

  CreateWindowExW

  CreatePopupMenu

  CreateIconIndirect

  CreateDialogParamW

  CreateDialogIndirectParamW

  CreateAcceleratorTableW

  CopyRect

  CopyImage

  CloseClipboard

  ClientToScreen

  ChildWindowFromPointEx

  ChildWindowFromPoint

  CheckMenuRadioItem

  CheckMenuItem

  ChangeDisplaySettingsW

  CascadeChildWindows

  CallWindowProcW

  CallNextHookEx

  BringWindowToTop

  BeginPaint

  BeginDeferWindowPos

  AttachThreadInput

  AppendMenuW

  AdjustWindowRectEx

  GetFocus

  OpenIcon

  IsMenu

  DestroyWindow

  WindowFromDC

  CloseWindowStation

  GetListBoxInfo

  CloseDesktop

  CloseWindow

  CreateMenu

  IsCharAlphaNumericW

  ReleaseCapture

  GetCapture

  gdi32

  BitBlt

  CreateBitmap

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateDCW

  CreateFontIndirectW

  CreateSolidBrush

  DeleteDC

  DeleteObject

  EngDeletePalette

  EnumICMProfilesW

  EnumObjects

  Escape

  ExtTextOutW

  GdiConvertBitmapV5

  GdiEntry4

  GdiEntry6

  GdiFixUpHandle

  GdiRealizationInfo

  GdiSetPixelFormat

  GdiStartDocEMF

  GdiSwapBuffers

  GetClipBox

  GetClipRgn

  GetDeviceCaps

  GetGlyphIndicesW

  GetObjectW

  GetPixel

  GetRegionData

  GetStockObject

  GetTextAlign

  GetTextCharacterExtra

  BeginPath

  GetTextFaceW

  OffsetViewportOrgEx

  PolyPolyline

  PolyTextOutA

  PtVisible

  RectVisible

  ResetDCA

  RestoreDC

  STROBJ_dwGetCodePage

  SaveDC

  ScaleViewportExtEx

  ScaleWindowExtEx

  SelectObject

  SetAbortProc

  SetBitmapBits

  SetBkColor

  SetBkMode

  SetColorSpace

  SetGraphicsMode

  SetLayout

  SetMapMode

  SetPixel

  SetTextColor

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  StretchDIBits

  TextOutW

  UpdateICMRegKeyW

  XLATEOBJ_piVector

  bInitSystemAndFontsDirectoriesW

  GetObjectType

  GetTextExtentPoint32W

  CreatePatternBrush

  advapi32

  RegQueryValueExA

  RegOpenKeyA

  ole32

  OleUninitialize

  OleInitialize

  Sections

  .text

  Size: 26KB - Virtual size: 25KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 30KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 155KB - Virtual size: 155KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 144KB - Virtual size: 144KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ