General

Malware Config

Signatures

Files

• Lark-win32_ia32-6.0.6-signed.exe

  .exe windows x86

  b34115eae82e0d23ca7b7e56cd97088a

  
  

  Code Sign

  02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  10-11-2006 00:00

  Not After

  10-11-2031 00:00

  Subject

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  03:08:85:d0:9d:21:a1:65:cc:49:aa:3d:7e:eb:a5:c9

  Certificate

  Issuer

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  20-03-2021 00:00

  Not After

  03-04-2023 23:59

  Subject

  SERIALNUMBER=201839742H,CN=Lark Technologies Pte. Ltd.,O=Lark Technologies Pte. Ltd.,L=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  18-04-2012 12:00

  Not After

  18-04-2027 12:00

  Subject

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a

  Certificate

  Issuer

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Not Before

  21-09-2022 00:00

  Not After

  21-11-2033 23:59

  Subject

  CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  23-03-2022 00:00

  Not After

  22-03-2037 23:59

  Subject

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  01-08-2022 00:00

  Not After

  09-11-2031 23:59

  Subject

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  fe:c9:84:0a:a7:90:b7:49:ce:0c:98:08:82:5b:34:b3:58:56:1e:95:49:e6:fe:b5:50:2d:5e:65:f9:fe:93:a6

  Signer

  Actual PE Digest

  fe:c9:84:0a:a7:90:b7:49:ce:0c:98:08:82:5b:34:b3:58:56:1e:95:49:e6:fe:b5:50:2d:5e:65:f9:fe:93:a6

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  SERIALNUMBER=201839742H,CN=Lark Technologies Pte. Ltd.,O=Lark Technologies Pte. Ltd.,L=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  17-03-2023 13:13

  Valid: true

  Chain 1

  SERIALNUMBER=201839742H,CN=Lark Technologies Pte. Ltd.,O=Lark Technologies Pte. Ltd.,L=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateMutexW

  CreateDirectoryW

  MoveFileExW

  MoveFileW

  TerminateThread

  GetCurrentProcessId

  Sleep

  WaitForSingleObject

  TerminateProcess

  InitializeCriticalSectionEx

  RaiseException

  CloseHandle

  DecodePointer

  SetFilePointer

  RemoveDirectoryW

  ReadFile

  GetFileSize

  DeleteFileW

  LoadLibraryExA

  VirtualQuery

  GetSystemInfo

  DeleteCriticalSection

  CreateFileW

  CopyFileW

  GetModuleHandleW

  WriteConsoleW

  HeapSize

  GetProcessHeap

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetOEMCP

  IsValidCodePage

  FindFirstFileExW

  SetConsoleCtrlHandler

  FlushFileBuffers

  HeapReAlloc

  SetFilePointerEx

  GetFileSizeEx

  GetConsoleCP

  ReadConsoleW

  GetConsoleMode

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetTimeFormatW

  GetDateFormatW

  GetCurrentProcess

  GetLastError

  GetVersionExW

  GetProcAddress

  MultiByteToWideChar

  WideCharToMultiByte

  FreeLibrary

  GetModuleFileNameW

  LoadLibraryExW

  LoadLibraryW

  CompareFileTime

  SetEndOfFile

  SetFileTime

  WriteFile

  SetLastError

  SetCurrentDirectoryW

  GetCurrentDirectoryW

  SetFileAttributesW

  GetTempPathW

  GetCurrentThreadId

  GetTickCount

  GetSystemDirectoryW

  GetWindowsDirectoryW

  FindClose

  FindCloseChangeNotification

  FindFirstChangeNotificationW

  FindFirstFileW

  FindNextFileW

  GetFileAttributesW

  GetFileInformationByHandle

  GetLogicalDriveStringsW

  GetModuleHandleA

  GetStdHandle

  GetACP

  OpenProcess

  MulDiv

  GlobalUnlock

  GlobalLock

  lstrlenW

  ExitProcess

  LocalFileTimeToFileTime

  SystemTimeToFileTime

  LocalFree

  FormatMessageW

  InitializeCriticalSectionAndSpinCount

  FreeResource

  LoadResource

  LockResource

  SizeofResource

  FindResourceW

  CreateFileA

  GlobalAlloc

  GlobalFree

  GetLocalTime

  lstrcpynW

  lstrcmpiW

  lstrcpyW

  VerSetConditionMask

  GetEnvironmentVariableW

  GetDiskFreeSpaceExW

  GetFinalPathNameByHandleW

  QueryDosDeviceW

  VerifyVersionInfoW

  AllocConsole

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  K32EnumProcessModules

  K32GetModuleFileNameExW

  K32GetProcessImageFileNameW

  SetDllDirectoryW

  GetUserDefaultUILanguage

  DuplicateHandle

  WaitForSingleObjectEx

  SwitchToThread

  GetCurrentThread

  GetExitCodeThread

  GetNativeSystemInfo

  EnterCriticalSection

  LeaveCriticalSection

  TryEnterCriticalSection

  QueryPerformanceCounter

  QueryPerformanceFrequency

  CreateEventW

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetSystemTimeAsFileTime

  EncodePointer

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  GetStringTypeW

  GetCPInfo

  SetEvent

  ResetEvent

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetStartupInfoW

  InitializeSListHead

  OutputDebugStringW

  CreateTimerQueue

  SignalObjectAndWait

  CreateThread

  SetThreadPriority

  GetThreadPriority

  GetLogicalProcessorInformation

  CreateTimerQueueTimer

  ChangeTimerQueueTimer

  DeleteTimerQueueTimer

  GetNumaHighestNodeNumber

  GetProcessAffinityMask

  SetThreadAffinityMask

  RegisterWaitForSingleObject

  UnregisterWait

  GetThreadTimes

  FreeLibraryAndExitThread

  VirtualAlloc

  VirtualProtect

  VirtualFree

  SetProcessAffinityMask

  ReleaseSemaphore

  InterlockedPopEntrySList

  InterlockedPushEntrySList

  InterlockedFlushSList

  QueryDepthSList

  UnregisterWaitEx

  WaitForMultipleObjectsEx

  RtlUnwind

  ExitThread

  ResumeThread

  GetModuleHandleExW

  GetCommandLineA

  GetCommandLineW

  SetStdHandle

  GetFileType

  GetTimeZoneInformation

  HeapFree

  HeapAlloc

  RtlCaptureStackBackTrace

  user32

  DispatchMessageW

  PostMessageW

  CreateWindowExW

  IsWindow

  DestroyWindow

  SetWindowPos

  IsWindowVisible

  IsIconic

  IsZoomed

  CharNextW

  SetFocus

  GetActiveWindow

  GetFocus

  GetKeyState

  SetCapture

  ReleaseCapture

  SetTimer

  KillTimer

  BeginPaint

  EndPaint

  GetUpdateRect

  InvalidateRect

  GetClientRect

  GetCursorPos

  ScreenToClient

  MapWindowPoints

  GetSysColor

  IntersectRect

  IsRectEmpty

  PtInRect

  GetWindowLongW

  SetWindowLongW

  GetParent

  GetWindow

  LoadImageW

  CharUpperW

  wsprintfW

  DefWindowProcW

  CallWindowProcW

  RegisterClassW

  RegisterClassExW

  GetClassInfoExW

  ShowWindow

  EnableWindow

  GetSystemMetrics

  TranslateMessage

  SetPropW

  GetPropW

  AdjustWindowRectEx

  MoveWindow

  SetWindowRgn

  MessageBoxW

  UpdateLayeredWindow

  GetWindowRgn

  CharPrevW

  DrawTextW

  FillRect

  SetRect

  CreatePopupMenu

  DestroyMenu

  EnableMenuItem

  AppendMenuW

  TrackPopupMenu

  CreateCaret

  GetCaretBlinkTime

  HideCaret

  ShowCaret

  SetCaretPos

  GetCaretPos

  ClientToScreen

  IsWindowEnabled

  UpdateWindow

  EqualRect

  GetWindowTextW

  GetWindowTextLengthW

  wsprintfA

  DrawTextA

  CreateAcceleratorTableW

  InvalidateRgn

  GetGUIThreadInfo

  GetKeyboardLayout

  GetKeyNameTextW

  MapVirtualKeyExW

  GetShellWindow

  GetWindowThreadProcessId

  PostQuitMessage

  EnumChildWindows

  EnumWindows

  GetMessageW

  RegisterWindowMessageW

  MonitorFromWindow

  MonitorFromPoint

  ReleaseDC

  GetDC

  LoadCursorW

  OffsetRect

  UnionRect

  InflateRect

  SetForegroundWindow

  SetWindowTextW

  GetWindowRect

  GetMenu

  SetCursor

  SendMessageW

  UnregisterClassW

  GetMonitorInfoW

  advapi32

  RegLoadKeyW

  RegCreateKeyExW

  FreeSid

  DuplicateTokenEx

  OpenProcessToken

  AllocateAndInitializeSid

  CheckTokenMembership

  AdjustTokenPrivileges

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegSetValueExW

  RegEnumKeyExW

  RegCloseKey

  LookupPrivilegeValueW

  shell32

  DragQueryFileW

  SHGetSpecialFolderLocation

  SHCreateDirectoryExW

  SHChangeNotify

  SHGetPathFromIDListW

  SHBrowseForFolderW

  SHGetSpecialFolderPathW

  ShellExecuteW

  comctl32

  _TrackMouseEvent

  InitCommonControlsEx

  ord17

  gdiplus

  GdipSetTextRenderingHint

  GdipSetSmoothingMode

  GdipDeleteGraphics

  GdipCreateFromHDC

  GdipDisposeImage

  GdipCloneImage

  GdipLoadImageFromStreamICM

  GdipLoadImageFromStream

  GdipSetPenMode

  GdipDeletePen

  GdipCreatePen1

  GdipCreateSolidFill

  GdipDeleteBrush

  GdipCloneBrush

  GdipAddPathArc

  GdipAddPathLine

  GdipDrawRectangleI

  GdipCreatePath

  GdipFree

  GdipAlloc

  GdiplusShutdown

  GdiplusStartup

  GdipSetStringFormatAlign

  GdipSetStringFormatLineAlign

  GdipSetStringFormatTrimming

  GdipGetImageWidth

  GdipGetImageHeight

  GdipDrawPath

  GdipImageGetFrameDimensionsCount

  GdipImageGetFrameDimensionsList

  GdipImageGetFrameCount

  GdipImageSelectActiveFrame

  GdipGetPropertyItemSize

  GdipGetPropertyItem

  GdipDrawImageRectI

  GdipFillRectangleI

  GdipFillPath

  GdipCreateFontFromDC

  GdipCreateFontFromLogfontA

  GdipDeleteFont

  GdipDrawString

  GdipMeasureString

  GdipStringFormatGetGenericTypographic

  GdipSetInterpolationMode

  GdipDeleteStringFormat

  GdipCloneStringFormat

  GdipDeletePath

  GdipRotateWorldTransform

  GdipTranslateWorldTransform

  GdipSetStringFormatFlags

  imm32

  ImmReleaseContext

  ImmGetContext

  ImmSetCompositionWindow

  shlwapi

  PathIsNetworkPathW

  PathIsRelativeW

  SHSetValueW

  SHGetValueW

  SHDeleteValueW

  SHDeleteKeyW

  PathFindFileNameW

  PathFindExtensionW

  PathFileExistsW

  PathIsDirectoryW

  StrChrW

  ws2_32

  gethostname

  WSAStartup

  gethostbyname

  wintrust

  CryptCATCatalogInfoFromContext

  CryptCATAdminCalcHashFromFileHandle

  WinVerifyTrust

  WTHelperProvDataFromStateData

  CryptCATAdminAcquireContext

  CryptCATAdminReleaseContext

  CryptCATAdminReleaseCatalogContext

  CryptCATAdminEnumCatalogFromHash

  crypt32

  CertGetNameStringW

  gdi32

  PlayEnhMetaFile

  GetTextMetricsW

  GetObjectW

  GetEnhMetaFileHeader

  CreateRoundRectRgn

  CreateRectRgn

  CreateEnhMetaFileW

  CloseEnhMetaFile

  SelectObject

  SaveDC

  RestoreDC

  Rectangle

  RemoveFontMemResourceEx

  AddFontMemResourceEx

  GetStockObject

  DeleteObject

  DeleteDC

  CreatePen

  CreateFontIndirectW

  CreateDIBitmap

  CreateCompatibleDC

  PtInRegion

  SetBitmapBits

  GetBitmapBits

  CreateCompatibleBitmap

  BitBlt

  GetDeviceCaps

  SetWindowOrgEx

  GetTextExtentPointA

  CreatePatternBrush

  EnumFontFamiliesExW

  GdiFlush

  TextOutW

  MoveToEx

  GetObjectA

  SetTextColor

  SetStretchBltMode

  StretchBlt

  SetBkMode

  SetBkColor

  SelectPalette

  ExtSelectClipRgn

  SelectClipRgn

  RealizePalette

  LineTo

  GetTextExtentPoint32W

  GetDIBits

  GetCurrentObject

  GetClipBox

  GetCharABCWidthsW

  CreateSolidBrush

  CreateRectRgnIndirect

  CreatePenIndirect

  CreateDCA

  CombineRgn

  CreateDIBSection

  ole32

  CoInitialize

  CoTaskMemFree

  CoTaskMemAlloc

  CoUninitialize

  OleLockRunning

  CLSIDFromProgID

  CLSIDFromString

  CreateStreamOnHGlobal

  ReleaseStgMedium

  OleDuplicateData

  DoDragDrop

  RegisterDragDrop

  CoCreateInstance

  oleaut32

  SysStringLen

  SysAllocString

  VariantClear

  CreateErrorInfo

  SetErrorInfo

  VariantChangeType

  GetErrorInfo

  VariantInit

  SysFreeString

  VariantCopy

  SysAllocStringLen

  Exports

  Exports

  _cJSON_AddArrayToObject@8

  _cJSON_AddBoolToObject@12

  _cJSON_AddFalseToObject@8

  _cJSON_AddItemReferenceToArray@8

  _cJSON_AddItemReferenceToObject@12

  _cJSON_AddItemToArray@8

  _cJSON_AddItemToObject@12

  _cJSON_AddItemToObjectCS@12

  _cJSON_AddNullToObject@8

  _cJSON_AddNumberToObject@16

  _cJSON_AddObjectToObject@8

  _cJSON_AddRawToObject@12

  _cJSON_AddStringToObject@12

  _cJSON_AddTrueToObject@8

  _cJSON_Compare@12

  _cJSON_CreateArray@0

  _cJSON_CreateArrayReference@4

  _cJSON_CreateBool@4

  _cJSON_CreateDoubleArray@8

  _cJSON_CreateFalse@0

  _cJSON_CreateFloatArray@8

  _cJSON_CreateIntArray@8

  _cJSON_CreateNull@0

  _cJSON_CreateNumber@8

  _cJSON_CreateObject@0

  _cJSON_CreateObjectReference@4

  _cJSON_CreateRaw@4

  _cJSON_CreateString@4

  _cJSON_CreateStringArray@8

  _cJSON_CreateStringReference@4

  _cJSON_CreateTrue@0

  _cJSON_Delete@4

  _cJSON_DeleteItemFromArray@8

  _cJSON_DeleteItemFromObject@8

  _cJSON_DeleteItemFromObjectCaseSensitive@8

  _cJSON_DetachItemFromArray@8

  _cJSON_DetachItemFromObject@8

  _cJSON_DetachItemFromObjectCaseSensitive@8

  _cJSON_DetachItemViaPointer@8

  _cJSON_Duplicate@8

  _cJSON_GetArrayItem@8

  _cJSON_GetArraySize@4

  _cJSON_GetErrorPtr@0

  _cJSON_GetObjectItem@8

  _cJSON_GetObjectItemCaseSensitive@8

  _cJSON_GetStringValue@4

  _cJSON_HasObjectItem@8

  _cJSON_InitHooks@4

  _cJSON_InsertItemInArray@12

  _cJSON_IsArray@4

  _cJSON_IsBool@4

  _cJSON_IsFalse@4

  _cJSON_IsInvalid@4

  _cJSON_IsNull@4

  _cJSON_IsNumber@4

  _cJSON_IsObject@4

  _cJSON_IsRaw@4

  _cJSON_IsString@4

  _cJSON_IsTrue@4

  _cJSON_Minify@4

  _cJSON_Parse@4

  _cJSON_ParseWithOpts@12

  _cJSON_Print@4

  _cJSON_PrintBuffered@12

  _cJSON_PrintPreallocated@16

  _cJSON_PrintUnformatted@4

  _cJSON_ReplaceItemInArray@12

  _cJSON_ReplaceItemInObject@12

  _cJSON_ReplaceItemInObjectCaseSensitive@12

  _cJSON_ReplaceItemViaPointer@12

  _cJSON_SetNumberHelper@12

  _cJSON_Version@0

  _cJSON_free@4

  _cJSON_malloc@4

  Sections

  .text

  Size: 1.2MB - Virtual size: 1.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 329KB - Virtual size: 329KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 21KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 209.3MB - Virtual size: 209.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 67KB - Virtual size: 67KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ