General

Malware Config

Signatures

Files

• 98b08a240f557676289bbcfeaba2d48b43c57a9613414fe91075a655af534649

  .exe windows x86

  5dc8620d632b811db3d94ac9b907a142

  
  

  Code Sign

  31:1b:0d:28:30:6d:b9:43:b4:91:89:72:85:86:a7:d1

  Certificate

  Issuer

  CN=BSXWQIAZNTQDSLNHQC

  Not Before

  14-04-2019 20:46

  Not After

  31-12-2039 23:59

  Subject

  CN=BSXWQIAZNTQDSLNHQC

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  3b:1a:14:c4:1e:e8:58:2d:6d:49:12:05:2b:c3:e1:b3:82:fa:28:3e:11:c5:b1:82:ee:27:c6:b5:6e:58:e1:a9

  Signer

  Actual PE Digest

  3b:1a:14:c4:1e:e8:58:2d:6d:49:12:05:2b:c3:e1:b3:82:fa:28:3e:11:c5:b1:82:ee:27:c6:b5:6e:58:e1:a9

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=BSXWQIAZNTQDSLNHQC

  15-04-2019 07:29

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GlobalLock

  GlobalUnlock

  HeapAlloc

  HeapFree

  HeapReAlloc

  InitializeCriticalSection

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedExchangeAdd

  InterlockedIncrement

  IsDebuggerPresent

  IsValidLocale

  LeaveCriticalSection

  LoadLibraryA

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryW

  LoadResource

  LocalAlloc

  LocalFree

  LockResource

  MapViewOfFile

  MoveFileExW

  MulDiv

  MultiByteToWideChar

  OpenEventA

  OpenEventW

  OpenFileMappingW

  OpenProcess

  OutputDebugStringW

  QueryPerformanceCounter

  QueueUserWorkItem

  RaiseException

  ReadFile

  ReleaseMutex

  RemoveDirectoryW

  ResetEvent

  ResumeThread

  RtlUnwind

  SearchPathW

  SetCurrentDirectoryW

  GlobalFree

  SetErrorMode

  SetEvent

  SetFileAttributesA

  SetFilePointer

  SetLastError

  SetProcessWorkingSetSize

  SetThreadExecutionState

  SetThreadLocale

  SetThreadPriority

  SetUnhandledExceptionFilter

  SizeofResource

  Sleep

  SuspendThread

  SwitchToThread

  SystemTimeToTzSpecificLocalTime

  TerminateProcess

  TerminateThread

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnmapViewOfFile

  VirtualAlloc

  VirtualFree

  VirtualProtect

  VirtualQuery

  VirtualQueryEx

  WaitForMultipleObjects

  WaitForMultipleObjectsEx

  WaitForSingleObject

  WideCharToMultiByte

  WriteFile

  WritePrivateProfileStringW

  lstrcatW

  lstrcmpW

  lstrcmpiA

  lstrcmpiW

  lstrcpyA

  lstrcpyW

  lstrcpynW

  lstrlenA

  lstrlenW

  VirtualAllocEx

  GlobalFindAtomW

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryW

  GetWindowsDirectoryA

  GetVersionExW

  GetVersionExA

  GetVersion

  GetUserDefaultUILanguage

  GetTimeZoneInformation

  GetTimeFormatW

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetTempPathW

  GetTempFileNameW

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDefaultUILanguage

  GetStringTypeExW

  GetStdHandle

  GetStartupInfoA

  GetProfileStringW

  GetProcessHeap

  GetProcAddress

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  GetNumberFormatA

  GetModuleHandleW

  GetModuleHandleA

  GetModuleFileNameW

  GetModuleFileNameA

  GetLocaleInfoW

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetFullPathNameW

  GetFileSizeEx

  GetFileAttributesW

  GetFileAttributesExW

  GetExitCodeThread

  GetExitCodeProcess

  GetEnvironmentVariableW

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetDateFormatW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetComputerNameW

  GetCommandLineW

  GetCPInfoExW

  GetCPInfo

  GetACP

  FreeResource

  FreeLibrary

  FormatMessageW

  FormatMessageA

  FindResourceW

  FindResourceExW

  FindNextFileW

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  ExitThread

  ExitProcess

  EnumSystemLocalesW

  EnumCalendarInfoW

  EnterCriticalSection

  DuplicateHandle

  DeviceIoControl

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  CreateThread

  CreateProcessW

  CreateMutexW

  CreateMutexA

  CreateFileW

  CreateFileMappingW

  CreateFileA

  CreateEventW

  CreateEventA

  CreateDirectoryW

  CopyFileW

  CompareStringW

  SetEndOfFile

  CloseHandle

  user32

  LoadIconW

  wsprintfW

  SendMessageW

  MapDialogRect

  IsWindow

  GetDC

  DestroyWindow

  CreateDialogIndirectParamW

  CharPrevW

  CharNextW

  gdi32

  SetPolyFillMode

  SetPixel

  SetMapMode

  SetBrushOrgEx

  SetBkMode

  SetBkColor

  SetAbortProc

  SelectPalette

  SelectObject

  SelectClipRgn

  RoundRect

  Rectangle

  RectInRegion

  RealizePalette

  PtInRegion

  Polyline

  Polygon

  PolyPolygon

  PolyBezier

  PlayEnhMetaFile

  Pie

  OffsetRgn

  MoveToEx

  MaskBlt

  LineTo

  GetTextMetricsW

  GetTextExtentPoint32W

  GetTextExtentExPointW

  GetSystemPaletteEntries

  GetStockObject

  GetRgnBox

  GetRegionData

  GetPixel

  GetPaletteEntries

  GetOutlineTextMetricsW

  GetObjectW

  GetObjectType

  GetNearestPaletteIndex

  GetEnhMetaFileW

  GetEnhMetaFileHeader

  GetDeviceCaps

  GetDIBits

  GetDIBColorTable

  GetClipBox

  GetCharABCWidthsW

  SetROP2

  GdiFlush

  ExtTextOutW

  ExtSelectClipRgn

  ExtFloodFill

  ExtCreateRegion

  ExtCreatePen

  ExcludeClipRect

  EqualRgn

  EnumFontFamiliesExW

  EndPage

  EndDoc

  Ellipse

  DeleteObject

  DeleteEnhMetaFile

  DeleteDC

  CreateSolidBrush

  CreateRectRgnIndirect

  CreateRectRgn

  CreatePen

  CreatePatternBrush

  CreatePalette

  CreateICW

  CreateHatchBrush

  CreateFontIndirectW

  CreateEnhMetaFileW

  CreateDIBitmap

  CreateDIBSection

  CreateDCW

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBitmap

  CombineRgn

  CloseEnhMetaFile

  BitBlt

  Arc

  SetTextColor

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  SetWindowOrgEx

  StartDocW

  StartPage

  StretchBlt

  StretchDIBits

  GetBkColor

  SetStretchBltMode

  advapi32

  RegQueryValueExA

  Sections

  .text

  Size: 73KB - Virtual size: 72KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 568B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 48KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ