DashboardSetup[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DashboardSetup.exe
Size

4.0MB
MD5

c59615fb097de59c00f0cfaabc224d0d
SHA1

ab89fd49d4ff62197d332eb4b848ab1fa52466a4
SHA256

66f6b803ee2102e4bf91ab41882cda27f336272af7f0b2d5cb8e13e0958c22a0
SHA512

234dbf128aad941e215706942d501a25aeddbd525e685b83a8f3dd5d17e0d71f7f613dd5611d14a5abaebf2a10c065b17a7c1e93553e7c509eb7d049a8c6c9b1
SSDEEP

49152:r+8DSnPpFkB231R19LyvSqVEI8yoq3ctqFOF0gGk3gDGWdWsGCgrnKexpx5Lhwbv:rQ1atgG6gKWdnGCYg7

Score

1^/10

Malware Config

Signatures

Files

DashboardSetup.exe
.exe windows x86

af73504a3f35c932248161c4d6801781

Code Sign

19:49:49:33:f7:1d:97:4e:73:78:86:93:18:79:3a:89
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24-03-2021 00:00

Not After

23-03-2024 23:59

Subject

CN=WESTERN DIGITAL CORPORATION,O=WESTERN DIGITAL CORPORATION,POSTALCODE=95119,STREET=5601 GREAT OAKS PKWY,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2019 00:00

Not After

31-12-2028 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLastError
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
VerSetConditionMask
VerifyVersionInfoW
DecodePointer
RaiseException
InitializeCriticalSectionEx
DeleteCriticalSection
GetModuleHandleW
lstrlenW
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
CreateMutexW
SetDefaultDllDirectories
GlobalAlloc
LocalFree
MulDiv
SetDllDirectoryW
GetUserDefaultLocaleName
AllocConsole
LoadResource
LockResource
SizeofResource
FindResourceW
DeleteFileW
FindFirstFileW
FindNextFileW
Sleep
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
SetConsoleCtrlHandler
ReadConsoleW
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
WriteFile
GetStdHandle
MoveFileExW
RemoveDirectoryW
GetFullPathNameW
GetDriveTypeW
ResumeThread
ExitThread
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetModuleHandleExW
ExitProcess
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
SetProcessAffinityMask
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryExA
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetFileTime
GetTempPathW
AreFileApisANSI
CopyFileW
CreateHardLinkW
WaitForSingleObjectEx
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
TryEnterCriticalSection
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
InitializeSListHead
OutputDebugStringW
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
RtlCaptureStackBackTrace

user32

GetMessageW
SendMessageW
UnregisterClassW
PostQuitMessage
RegisterClassExW
CreateWindowExW
DestroyWindow
LoadStringW
MessageBoxW
PeekMessageW
DispatchMessageW
TranslateMessage
DefWindowProcW
ShowWindow
LoadIconW
LoadCursorW
GetDesktopWindow
SetClassLongW
GetWindowLongW
GetWindowRect
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
SetWindowPos

shell32

SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteW
CommandLineToArgvW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoCreateInstance
CreateStreamOnHGlobal

gdiplus

GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusStartup
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage

Sections

.textbss
Size: - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af73504a3f35c932248161c4d6801781

Code Sign

19:49:49:33:f7:1d:97:4e:73:78:86:93:18:79:3a:89Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

gdiplus

Sections

.textbss Size: - Virtual size: 474KB

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 198KB - Virtual size: 197KB

.data Size: 17KB - Virtual size: 28KB

.idata Size: 7KB - Virtual size: 7KB

.didat Size: 1KB - Virtual size: 1KB

.msvcjmc Size: 1024B - Virtual size: 882B

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 265B

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 54KB - Virtual size: 53KB

19:49:49:33:f7:1d:97:4e:73:78:86:93:18:79:3a:89
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

.textbss
Size: - Virtual size: 474KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 198KB - Virtual size: 197KB

.data
Size: 17KB - Virtual size: 28KB

.idata
Size: 7KB - Virtual size: 7KB

.didat
Size: 1KB - Virtual size: 1KB

.msvcjmc
Size: 1024B - Virtual size: 882B

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 265B

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 54KB - Virtual size: 53KB