Static task
static1
Behavioral task
behavioral1
Sample
upHola.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
upHola.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
Target
upHola.exe
Size
2.0MB
MD5
feaf56b19b4e992b022260000ce5b8f6
SHA1
2c84638276b02601a7266b043ac1a813f5253d5b
SHA256
cc1ad5de64821788ed2d101c9452ed6de412e080291756b2d7cc78423cf75e5d
SHA512
7a66ab928f5217fb1e5e6eddc581344c2e76d14a61c86397fce32f00082351b04a55156638bfd3a60c8e1634e3259080ca578d62e5ed87321736bf9fb74761db
SSDEEP
49152:Im4YYLEULsN3pUEKyUvoz8Gc+J7NroTcPF9N8V:ibLEN3prKyUvy8Gci7NroTT
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
SERIALNUMBER=91310118MA1JMBHC21,CN=Shanghai Zherui Network Technology Co.\, Ltd.,O=Shanghai Zherui Network Technology Co.\, Ltd.,STREET=青浦区五厍浜路201号13幢四层B区429室,L=Shanghai,ST=Shanghai,C=CN,1.3.6.1.4.1.311.60.2.1.2=#13085348414e47484149,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE
CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
SERIALNUMBER=91310118MA1JMBHC21,CN=Shanghai Zherui Network Technology Co.\, Ltd.,O=Shanghai Zherui Network Technology Co.\, Ltd.,STREET=青浦区五厍浜路201号13幢四层B区429室,L=Shanghai,ST=Shanghai,C=CN,1.3.6.1.4.1.311.60.2.1.2=#13085348414e47484149,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e
CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE
CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE
CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign
CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
getpeername
getsockopt
connect
closesocket
getservbyname
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError
WSACleanup
shutdown
htonl
gethostbyname
getsockname
htons
gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSAIoctl
setsockopt
ntohs
WSAStartup
ord26
ord33
ord27
ord32
ord79
ord200
ord301
ord22
ord143
ord41
ord50
ord60
ord211
ord35
ord46
ord217
ord30
GetFileAttributesW
MultiByteToWideChar
LocalFileTimeToFileTime
CloseHandle
GetCurrentDirectoryW
SystemTimeToFileTime
WideCharToMultiByte
GetCurrentProcess
Sleep
MoveFileExA
DeleteFileA
CreateThread
GetProcAddress
GetModuleHandleW
GetACP
FormatMessageW
GetLastError
FindFirstFileW
FindNextFileW
TerminateProcess
GetModuleFileNameW
CreatePipe
FindClose
WaitForSingleObject
DeleteFileW
MoveFileExW
GetModuleFileNameA
FindFirstFileExW
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
EnterCriticalSection
GetFullPathNameW
GetStdHandle
OutputDebugStringA
LeaveCriticalSection
InitializeCriticalSection
GetTempPathA
GetWindowsDirectoryA
DeleteCriticalSection
GetComputerNameA
GetCurrentThreadId
RtlCaptureStackBackTrace
GetSystemTimeAsFileTime
SetLastError
FormatMessageA
InitializeCriticalSectionEx
SleepEx
GetTickCount64
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetFileType
PeekNamedPipe
WaitForMultipleObjects
FreeLibrary
VerSetConditionMask
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
VerifyVersionInfoA
FlushConsoleInputBuffer
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GlobalMemoryStatus
GetSystemTime
SetConsoleCtrlHandler
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
GetConsoleMode
SetFilePointer
SetFileTime
WriteFile
ReadFile
CreateDirectoryW
CreateFileW
SetFilePointerEx
GetConsoleCP
ExitProcess
GetCommandLineA
GetCommandLineW
ReadConsoleW
HeapAlloc
HeapFree
GetFileSizeEx
FlushFileBuffers
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetExitCodeProcess
GetFileAttributesExW
SetStdHandle
SetEndOfFile
GetTimeZoneInformation
HeapReAlloc
SetConsoleMode
ReadConsoleInputW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetConsoleOutputCP
CreateProcessW
DuplicateHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
RtlUnwind
GetCPInfo
GetStringTypeW
HeapSize
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
EncodePointer
DecodePointer
LocalFree
LCMapStringEx
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
CryptEnumProvidersA
RegisterServiceCtrlHandlerW
SetServiceStatus
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CreateServiceW
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
ControlService
StartServiceW
OpenServiceW
RegCloseKey
StartServiceCtrlDispatcherW
SHCreateDirectoryExA
SHFileOperationW
StringFromGUID2
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitializeEx
VariantInit
SysFreeString
SysAllocString
VariantClear
PathFileExistsW
PathStripPathA
PathRemoveFileSpecA
HttpQueryInfoW
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
UnDecorateSymbolName
SymFromAddr
SymSetOptions
SymInitialize
SymCleanup
CertEnumCertificatesInStore
CertFindCertificateInStore
CertOpenStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertCloseStore
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ