General

Malware Config

Signatures

Files

• 65ec01b7af862c39ac4e783283a015537810c61a065b913f11cc46db993c4e92

  .exe windows x86

  38cbca3b7dbe1ea5b157dff3cf824ed1

  
  

  Code Sign

  79:a9:2d:16:66:49:1a:45:bf:ad:fb:b0:f5:14:06:aa

  Certificate

  Issuer

  CN=GNTJWEVQ

  Not Before

  22-03-2019 17:38

  Not After

  31-12-2039 23:59

  Subject

  CN=GNTJWEVQ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  31-12-2015 00:00

  Not After

  09-07-2019 18:40

  Subject

  CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  cf:69:60:11:e6:77:0c:5d:04:f7:2d:24:46:8f:9c:61:dc:b7:1c:4f:ed:02:85:f0:4d:f9:f2:23:bc:f5:63:68

  Signer

  Actual PE Digest

  cf:69:60:11:e6:77:0c:5d:04:f7:2d:24:46:8f:9c:61:dc:b7:1c:4f:ed:02:85:f0:4d:f9:f2:23:bc:f5:63:68

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=GNTJWEVQ

  22-03-2019 18:44

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CancelTimerQueueTimer

  CloseHandle

  CompareStringA

  CompareStringW

  ContinueDebugEvent

  ConvertDefaultLocale

  CopyFileW

  CreateEventW

  CreateFileA

  CreateFileW

  CreateJobObjectA

  CreateMutexW

  CreateProcessW

  CreateThread

  CreateTimerQueueTimer

  CreateToolhelp32Snapshot

  DeleteAtom

  DeleteCriticalSection

  DeleteFileW

  DeviceIoControl

  DuplicateHandle

  EnterCriticalSection

  EnumResourceLanguagesW

  EnumSystemLocalesA

  EnumTimeFormatsA

  ExitProcess

  ExitThread

  ExpandEnvironmentStringsW

  FatalAppExitA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindAtomW

  FindClose

  FindFirstFileW

  FindFirstVolumeA

  FindResourceExW

  FindResourceW

  FlushFileBuffers

  FoldStringA

  FormatMessageW

  FreeEnvironmentStringsW

  FreeLibrary

  FreeResource

  GetACP

  GetAtomNameW

  GetCPInfo

  GetCommandLineW

  GetComputerNameW

  GetConsoleAliasesA

  GetConsoleCP

  GetConsoleMode

  GetConsoleOutputCP

  GetCurrencyFormatW

  GetCurrentDirectoryA

  GetCurrentDirectoryW

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetDateFormatA

  GetDefaultCommConfigW

  GetEnvironmentStringsW

  GetFileAttributesExW

  GetFileAttributesW

  GetFileSize

  GetFileSizeEx

  GetFileTime

  GetFileType

  GetFullPathNameW

  GetLastError

  GetLocalTime

  GetLocaleInfoA

  GetLocaleInfoW

  GetLongPathNameW

  GetModuleFileNameA

  GetModuleFileNameW

  GetModuleHandleA

  GetModuleHandleW

  GetNumberFormatW

  GetOEMCP

  GetPrivateProfileIntW

  GetPrivateProfileStringW

  GetProcAddress

  GetProcessHeap

  GetProcessTimes

  GetShortPathNameW

  GetStartupInfoA

  GetStartupInfoW

  GetStdHandle

  GetStringTypeA

  GetStringTypeExW

  GetStringTypeW

  GetSystemDefaultLCID

  GetSystemDefaultUILanguage

  GetSystemDirectoryW

  GetSystemTime

  GetSystemTimeAsFileTime

  GetTempPathW

  GetThreadLocale

  GetTickCount

  GetTimeFormatA

  GetTimeFormatW

  GetTimeZoneInformation

  GetUserDefaultLCID

  GetUserDefaultUILanguage

  GetVersionExA

  GetVersionExW

  GetVolumeInformationW

  GetWindowsDirectoryW

  BindIoCompletionCallback

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFindAtomW

  GlobalFlags

  GlobalFree

  GlobalGetAtomNameW

  GlobalHandle

  GlobalLock

  GlobalReAlloc

  GlobalSize

  GlobalUnlock

  HeapAlloc

  HeapCreate

  HeapDestroy

  HeapFree

  HeapReAlloc

  HeapSize

  HeapValidate

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsDebuggerPresent

  IsValidCodePage

  IsValidLocale

  LCMapStringA

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryA

  LoadLibraryExW

  LoadLibraryW

  LoadResource

  LocalAlloc

  LocalFileTimeToFileTime

  LocalFree

  LocalReAlloc

  LockFile

  LockResource

  MoveFileW

  MoveFileWithProgressW

  MulDiv

  MultiByteToWideChar

  OpenMutexW

  OpenProcess

  OpenThread

  OutputDebugStringA

  OutputDebugStringW

  Process32FirstW

  Process32NextW

  ProcessIdToSessionId

  QueryPerformanceCounter

  RaiseException

  ReadFile

  ReleaseMutex

  ResumeThread

  RtlUnwind

  SetComputerNameExW

  SetConsoleCtrlHandler

  SetConsoleTitleA

  SetCurrentDirectoryW

  SetEndOfFile

  SetEnvironmentVariableA

  SetErrorMode

  SetEvent

  SetFileAttributesW

  SetFilePointer

  SetFilePointerEx

  SetFileTime

  SetHandleCount

  SetLastError

  SetLocaleInfoW

  SetProcessShutdownParameters

  SetStdHandle

  SetThreadPriority

  SetTimeZoneInformation

  SetUnhandledExceptionFilter

  SetVolumeMountPointW

  SizeofResource

  Sleep

  SuspendThread

  SystemTimeToFileTime

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnlockFile

  VerifyVersionInfoA

  VirtualAlloc

  VirtualFree

  WTSGetActiveConsoleSessionId

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringW

  WriteProcessMemory

  _llseek

  lstrcmpA

  lstrcmpW

  lstrcmpiW

  lstrcpynA

  lstrlenA

  lstrlenW

  VirtualAllocEx

  GlobalAddAtomW

  AddAtomW

  user32

  DdePostAdvise

  DdeQueryConvInfo

  DefWindowProcW

  DeferWindowPos

  DeleteMenu

  DestroyIcon

  DestroyMenu

  DestroyWindow

  DispatchMessageW

  DrawAnimatedRects

  DrawTextExW

  DrawTextW

  EnableMenuItem

  EnableWindow

  EndDeferWindowPos

  EndDialog

  EndPaint

  EnumWindowStationsA

  EqualRect

  FillRect

  GetActiveWindow

  GetAltTabInfo

  GetCapture

  GetClassInfoExW

  GetClassInfoW

  GetClassLongW

  GetClassNameW

  GetClientRect

  GetClipboardFormatNameA

  GetCursorPos

  GetDC

  GetDCEx

  GetDesktopWindow

  GetDialogBaseUnits

  GetDlgCtrlID

  GetDlgItem

  GetDlgItemInt

  GetDlgItemTextW

  GetFocus

  GetForegroundWindow

  GetGUIThreadInfo

  GetKeyNameTextW

  GetKeyState

  GetKeyboardLayoutList

  GetLastActivePopup

  GetMenu

  GetMenuBarInfo

  GetMenuCheckMarkDimensions

  GetMenuItemCount

  GetMenuItemID

  GetMenuItemInfoW

  GetMenuItemRect

  GetMenuState

  GetMenuStringW

  GetMessagePos

  GetMessageTime

  GetMessageW

  GetNextDlgTabItem

  GetParent

  GetPropW

  GetScrollInfo

  GetScrollPos

  GetScrollRange

  GetSubMenu

  GetSysColor

  GetSysColorBrush

  GetSystemMenu

  GetSystemMetrics

  GetTopWindow

  GetWindow

  GetWindowContextHelpId

  GetWindowDC

  GetWindowInfo

  GetWindowLongW

  GetWindowPlacement

  GetWindowRect

  GetWindowTextLengthW

  GetWindowTextW

  GetWindowThreadProcessId

  GrayStringW

  InflateRect

  InsertMenuItemW

  InsertMenuW

  IntersectRect

  InvalidateRect

  IsChild

  IsDialogMessageW

  DdeInitializeA

  IsIconic

  IsRectEmpty

  IsWindow

  IsWindowEnabled

  IsWindowVisible

  KillTimer

  LoadAcceleratorsW

  LoadBitmapW

  LoadCursorW

  LoadIconW

  LoadMenuW

  LoadStringW

  LockWindowUpdate

  MapVirtualKeyW

  MapWindowPoints

  MessageBoxW

  ModifyMenuW

  MoveWindow

  OemToCharBuffA

  OffsetRect

  PeekMessageW

  PostMessageA

  PostMessageW

  PostQuitMessage

  PtInRect

  RealChildWindowFromPoint

  RealGetWindowClass

  RegisterClassW

  RegisterWindowMessageW

  ReleaseCapture

  ReleaseDC

  RemoveMenu

  RemovePropW

  ReuseDDElParam

  ScreenToClient

  ScrollWindow

  ScrollWindowEx

  SendDlgItemMessageA

  SendDlgItemMessageW

  SendMessageW

  SetActiveWindow

  SetCapture

  SetCursor

  SetDlgItemInt

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetMenu

  SetMenuItemBitmaps

  SetParent

  SetProcessDefaultLayout

  SetPropW

  SetRect

  SetRectEmpty

  SetScrollInfo

  SetScrollPos

  SetScrollRange

  SetTimer

  SetWindowLongW

  SetWindowPlacement

  SetWindowPos

  SetWindowTextW

  SetWindowsHookExW

  ShowOwnedPopups

  ShowScrollBar

  ShowWindow

  SystemParametersInfoA

  SystemParametersInfoW

  TabbedTextOutW

  TrackPopupMenu

  TrackPopupMenuEx

  TranslateAcceleratorW

  TranslateMessage

  UnhookWindowsHookEx

  UnionRect

  UnpackDDElParam

  UnregisterClassA

  UnregisterClassW

  UnregisterDeviceNotification

  UpdateWindow

  ValidateRect

  WinHelpW

  WindowFromPoint

  wsprintfW

  AppendMenuW

  AdjustWindowRectEx

  DdeConnect

  CreateWindowExW

  CreatePopupMenu

  CreateDialogIndirectParamW

  CopyRect

  CopyAcceleratorTableW

  ClientToScreen

  CheckRadioButton

  CheckMenuItem

  CheckDlgButton

  CharUpperW

  CharNextExA

  CallWindowProcW

  CallNextHookEx

  BringWindowToTop

  BeginPaint

  IsDlgButtonChecked

  BeginDeferWindowPos

  gdi32

  GetStockObject

  shell32

  SHGetFileInfoA

  ShellExecuteExA

  SHQueryRecycleBinW

  DragFinish

  ExtractAssociatedIconA

  SHCreateProcessAsUserW

  SHGetDesktopFolder

  ShellHookProc

  SHGetIconOverlayIndexW

  SHGetMalloc

  SHGetPathFromIDList

  SHInvokePrinterCommandA

  SHInvokePrinterCommandW

  shlwapi

  StrRStrIA

  StrCmpNA

  StrStrIA

  Sections

  .text

  Size: 117KB - Virtual size: 116KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 23KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 28KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ