InstallGenoPro[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

InstallGenoPro.exe
Size

6.1MB
MD5

2987bd6b22de138654669d51d8ff98fb
SHA1

27f3db825b733900d0f6acf86dc1d76106fb5d0a
SHA256

b6a9cde512965a0084a363ab488d0532f9059d3c94d4f1b354f5536098c4ccf0
SHA512

18bb36c272348523b2a5a27455ac4746b76dd021342c2bf0a09c6005b0994715e6aa21a87afccf53f9a3aebe206689c4cfe663beadbfcc526bf69dab18633b85
SSDEEP

196608:a7VaQw+/U38qcRq0GNuyAlygCQyVLdyYk15h839zmlc:a5Bwq0Ukuy+xLrdMp

Score

1^/10

Malware Config

Signatures

Files

InstallGenoPro.exe
.exe windows x86

751de7e0699c3742c1d7f1587d60ea7a

Code Sign

47:5e:14:3b:9a:f3:46:e6:6d:60:8a:63:65:60:a2:61
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20/01/2020, 00:00

Not After

13/11/2020, 23:59

Subject

CN=GenoPro,O=GenoPro,L=Fraijanes,ST=Guatemala,C=GT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:85:14:65:34:6b:1c:11:89:08:0d:4f:1c:cc:4a:40:bc:7a:3b:74:29:a5:17:f5:ac:88:ad:73:f2:08:df:42
Signer

Actual PE Digest

71:85:14:65:34:6b:1c:11:89:08:0d:4f:1c:cc:4a:40:bc:7a:3b:74:29:a5:17:f5:ac:88:ad:73:f2:08:df:42

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=GenoPro,O=GenoPro,L=Fraijanes,ST=Guatemala,C=GT

26/06/2020, 23:21
Valid: true

Chain 1

CN=GenoPro,O=GenoPro,L=Fraijanes,ST=Guatemala,C=GT

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
WriteFile
GetLastError
DeleteFileA
SetFileAttributesA
ReadFile
GetFileSize
CreateFileA
SetFileTime
SizeofResource
WinExec
GetVersion
GetFileAttributesA
CreateDirectoryA
MultiByteToWideChar
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
OpenProcess
HeapReAlloc
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapFree
HeapAlloc
FlushFileBuffers
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
CloseHandle
lstrcmpiA
TerminateProcess
FindResourceA
SetFilePointer
LoadResource
ExitProcess

user32

IsDlgButtonChecked
GetDlgItem
EnableWindow
GetActiveWindow
GetLastActivePopup
MessageBoxA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetDlgItemTextA
PostQuitMessage
LoadIconA
SendMessageA
SetFocus
CheckDlgButton
CreateDialogParamA
DestroyWindow
SetWindowTextA
DialogBoxParamA
EndDialog
wsprintfA
SetDlgItemTextA
SetTimer
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
SetWindowPos
ShowWindowAsync
PostMessageA
LoadCursorA
SetCursor
ShowWindow
UpdateWindow
GetMessageA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

751de7e0699c3742c1d7f1587d60ea7a

Code Sign

47:5e:14:3b:9a:f3:46:e6:6d:60:8a:63:65:60:a2:61Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

71:85:14:65:34:6b:1c:11:89:08:0d:4f:1c:cc:4a:40:bc:7a:3b:74:29:a5:17:f5:ac:88:ad:73:f2:08:df:42Signer

Signature Validations

Verification

26/06/2020, 23:21 Valid: true

Chain 1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 6.0MB - Virtual size: 6.0MB

47:5e:14:3b:9a:f3:46:e6:6d:60:8a:63:65:60:a2:61
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

71:85:14:65:34:6b:1c:11:89:08:0d:4f:1c:cc:4a:40:bc:7a:3b:74:29:a5:17:f5:ac:88:ad:73:f2:08:df:42
Signer

26/06/2020, 23:21
Valid: true

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 6.0MB - Virtual size: 6.0MB