5dde816fc8cb0226a524750308b1bac459b6caf5e24954214a2e3863ea682cff

Sharing

Copy URL Twitter E-mail

General

Target

5dde816fc8cb0226a524750308b1bac459b6caf5e24954214a2e3863ea682cff
Size

1020KB
MD5

1303040c54c1f97ea71fd7ab202d0e69
SHA1

e994783829c3c9645af0019e96ef51193b8a41f0
SHA256

5dde816fc8cb0226a524750308b1bac459b6caf5e24954214a2e3863ea682cff
SHA512

c121e8a4d2fa9f27eaa8072cb4902eb18f8e7527e145b32d6c2f42c1a1dd013f5c71bf88af4d3e2f812ed1de26635e70e934e706649296c28081f19505991dc3
SSDEEP

12288:rTDAvHvVPuq1li7gncJ9b5JN78DFw+KX8kgF1XdPwOEPv:YHvVP3le/9b5JN78DFwtsfXdPq

Score

1^/10

Malware Config

Signatures

Files

5dde816fc8cb0226a524750308b1bac459b6caf5e24954214a2e3863ea682cff
.exe windows x64

f5ad921366ec31887e44c34a006a46aa

Code Sign

0a
Certificate

Issuer

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

29/01/2018, 05:43

Not After

29/01/2020, 05:43

Subject

CN=亚洲诚信代码签名测试证书SHA2,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

06
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

01/01/2015, 07:48

Not After

30/12/2025, 07:48

Subject

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0a
Certificate

Issuer

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

29/01/2018, 05:43

Not After

29/01/2020, 05:43

Subject

CN=亚洲诚信代码签名测试证书SHA2,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

06
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

01/01/2015, 07:48

Not After

30/12/2025, 07:48

Subject

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e6:a4:51:dd:28:1e:99:96:bb:8e:cd:09:1a:c2:b8:6c:b8:aa:c0:a7:c9:f9:4d:1f:e5:7d:a5:b3:3b:21:64:dc
Signer

Actual PE Digest

e6:a4:51:dd:28:1e:99:96:bb:8e:cd:09:1a:c2:b8:6c:b8:aa:c0:a7:c9:f9:4d:1f:e5:7d:a5:b3:3b:21:64:dc

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=亚洲诚信代码签名测试证书SHA2,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

06/04/2023, 09:36
Valid: false

0c:37:55:81:92:33:1e:cd:df:e1:bd:d7:09:b0:f5:d9:4a:e3:b2:e5
Signer

Actual PE Digest

0c:37:55:81:92:33:1e:cd:df:e1:bd:d7:09:b0:f5:d9:4a:e3:b2:e5

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=亚洲诚信代码签名测试证书SHA2,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

06/04/2023, 09:36
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FileTimeToLocalFileTime
SetEnvironmentVariableA
CompareStringW
FindFirstFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetDriveTypeA
HeapFree
HeapQueryInformation
HeapReAlloc
HeapAlloc
HeapCreate
HeapSetInformation
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetACP
FlsFree
FlsAlloc
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
LoadLibraryW
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlPcToFileHeader
RaiseException
RtlUnwindEx
IsBadReadPtr
HeapValidate
HeapSize
GetStartupInfoA
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileSizeEx
GetOEMCP
GetCPInfo
VirtualProtect
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GlobalFlags
GetThreadLocale
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleFileNameW
GetModuleHandleW
GetAtomNameA
SetErrorMode
GetFullPathNameA
GetFileTime
lstrcmpW
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
SetEvent
GlobalAddAtomA
WritePrivateProfileStringA
FreeResource
GetCurrentProcessId
CompareStringA
FreeLibrary
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleHandleA
lstrcmpA
SetLastError
MultiByteToWideChar
MulDiv
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenA
GetTickCount
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
FileTimeToSystemTime
SetFileTime
WriteFile
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
FindNextFileA
GetEnvironmentVariableA
CopyFileA
FindResourceA
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryA
GetLastError
CreateEventA
GetModuleFileNameA
Sleep
WideCharToMultiByte
lstrlenW
CreateDirectoryA
FindClose
OpenEventA

user32

CharUpperA
MessageBeep
CopyAcceleratorTableA
CharNextA
InsertMenuItemA
GetMenuItemInfoA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringA
DrawTextExA
DrawTextA
GetSysColorBrush
SetRectEmpty
FillRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
RegisterWindowMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
WinHelpA
TrackPopupMenu
GetClassLongA
GetClassLongPtrA
GetClassNameA
GetWindowLongPtrA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
SetWindowLongPtrA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
SetCursor
GetKeyState
CallNextHookEx
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetMessageA
DispatchMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
TabbedTextOutA
EndDialog
CreateDialogIndirectParamA
DestroyWindow
LoadIconA
LoadCursorA
PostThreadMessageA
GetForegroundWindow
SetForegroundWindow
IsChild
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRgn
InvalidateRect
wsprintfA
GetDesktopWindow
GetMenuItemID
ModifyMenuA
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetClipboardFormatNameA
PtInRect
IsIconic
IsRectEmpty
UnregisterClassA
TranslateMessage
GetMenuState
InflateRect
SetRect
GetSubMenu
GetMenuItemCount
IsMenu
PostQuitMessage
RegisterClipboardFormatA
SendMessageA
GetWindowThreadProcessId
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
MessageBoxA
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
IsWindow
GetDlgItem
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
GetWindowTextA
GetDlgCtrlID
SetWindowLongA
MoveWindow
ShowWindow
SetFocus
GetFocus
PostMessageA

gdi32

GetBkColor
GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
BitBlt
GetPixel
TextOutA
GetTextExtentPoint32A
Escape
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetRgnBox
CreateRectRgnIndirect
CreateFontIndirectA
CreatePatternBrush
GetDeviceCaps
CreateSolidBrush
GetObjectType
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
GetStockObject
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetThreadToken
OpenThreadToken
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RevertToSelf

shell32

DragFinish
DragQueryFileA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree

oleaut32

SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantTimeToSystemTime
VariantInit

Sections

.text
Size: 718KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5ad921366ec31887e44c34a006a46aa

Code Sign

0aCertificate

Extended Key Usages

Key Usages

06Certificate

Extended Key Usages

Key Usages

0aCertificate

Extended Key Usages

Key Usages

06Certificate

Extended Key Usages

Key Usages

e6:a4:51:dd:28:1e:99:96:bb:8e:cd:09:1a:c2:b8:6c:b8:aa:c0:a7:c9:f9:4d:1f:e5:7d:a5:b3:3b:21:64:dcSigner

Signature Validations

Verification

06/04/2023, 09:36 Valid: false

0c:37:55:81:92:33:1e:cd:df:e1:bd:d7:09:b0:f5:d9:4a:e3:b2:e5Signer

Signature Validations

Verification

06/04/2023, 09:36 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 718KB - Virtual size: 718KB

.rdata Size: 197KB - Virtual size: 197KB

.data Size: 15KB - Virtual size: 40KB

.pdata Size: 37KB - Virtual size: 37KB

.rsrc Size: 44KB - Virtual size: 44KB

0a
Certificate

06
Certificate

0a
Certificate

06
Certificate

e6:a4:51:dd:28:1e:99:96:bb:8e:cd:09:1a:c2:b8:6c:b8:aa:c0:a7:c9:f9:4d:1f:e5:7d:a5:b3:3b:21:64:dc
Signer

06/04/2023, 09:36
Valid: false

0c:37:55:81:92:33:1e:cd:df:e1:bd:d7:09:b0:f5:d9:4a:e3:b2:e5
Signer

06/04/2023, 09:36
Valid: false

.text
Size: 718KB - Virtual size: 718KB

.rdata
Size: 197KB - Virtual size: 197KB

.data
Size: 15KB - Virtual size: 40KB

.pdata
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 44KB - Virtual size: 44KB