Trapcode Suite 15[.]1[.]3 Installer[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Trapcode Suite 15.1.3 Installer.exe
Size

2.3MB
MD5

945b65570e38110e5770bd0ff680e02a
SHA1

da27f0594cb92db6dd753391931c316a082abed8
SHA256

7282d06629fb78cf3489a0f62731a3358c42ee3d7efee20c0091431c5138d210
SHA512

11f64ffee3c76c9bfc3aed41a1b34f82004e6cac9040159a0e075713b6fc8ba43c43bb09cdcf8cbb389f0696ed2205c8f22d3a648dd2d6c12fce753e1d1c6952
SSDEEP

49152:tzdzPc9Mt8iChc8xUrTkxhQLXj4A0oE+/WWQy88G4YWsyc9LAw:bTtMQv4A0oE+/dV7YV9Lb

Score

1^/10

Malware Config

Signatures

Files

Trapcode Suite 15.1.3 Installer.exe
.exe windows x64

f4aecc860ece44cabf077a10142e49c4

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a4:23:c0:04:a9:c7:70:15:42:30:e5:d2:71:be:06:54
Certificate

Issuer

CN=SecureTrust CA,O=SecureTrust Corporation,C=US

Not Before

01/09/2016, 14:35

Not After

29/09/2024, 14:35

Subject

CN=Trustwave Code Signing SHA256 CA\, Level 1,O=Trustwave Holdings\, Inc.,L=Chicago,ST=Illinois,C=US,1.2.840.113549.1.9.1=#0c106361407472757374776176652e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:e5:84:f3:17:94:20:73:5d:88:7d:8e:11:5a:6c:3e:36:af:69
Certificate

Issuer

CN=Trustwave Code Signing SHA256 CA\, Level 1,O=Trustwave Holdings\, Inc.,L=Chicago,ST=Illinois,C=US,1.2.840.113549.1.9.1=#0c106361407472757374776176652e636f6d

Not Before

26/09/2018, 11:50

Not After

25/09/2020, 17:50

Subject

CN=Red Giant LLC,O=Red Giant LLC,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d3:24:2b:45:6b:42:b6:d6:aa:e1:a2:3a:3a:c5:9f:99:fe:91:b8:76
Signer

Actual PE Digest

d3:24:2b:45:6b:42:b6:d6:aa:e1:a2:3a:3a:c5:9f:99:fe:91:b8:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetModuleHandleW
lstrcmpiW
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryW
GetTimeFormatEx
SetFileAttributesW
GetFileAttributesExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
HeapReAlloc
SetEnvironmentVariableA
SetStdHandle
GetTimeZoneInformation
FileTimeToSystemTime
GetDriveTypeW
FindFirstFileExW
FindClose
FileTimeToLocalFileTime
DeleteFileW
GetProcAddress
TerminateProcess
FlsFree
FlsSetValue
LockResource
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetConsoleCP
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
SetFilePointer
GetStartupInfoW
InitOnceExecuteOnce
GetFileType
WriteFile
GetStdHandle
HeapSize
GetCPInfo
ExitThread
CreateThread
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
FreeLibrary
LocalFree
CreateFileW
CreateDirectoryW
RaiseException
SetLastError
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetModuleHandleA
FlushFileBuffers
GetModuleFileNameA
SizeofResource
LoadResource
FreeResource
FindResourceA
HeapFree
HeapAlloc
GetProcessHeap
SetEvent
CreateEventA
GetLastError
GetEnvironmentVariableA
CreateProcessA
Sleep
WaitForSingleObject
QueryPerformanceCounter
RemoveDirectoryA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
K32GetModuleFileNameExA
GetCommandLineW
AreFileApisANSI
K32EnumProcessModules
K32EnumProcesses
CloseHandle
GetExitCodeProcess
OpenProcess
GetDateFormatEx
CompareStringEx
GetModuleHandleExW
ExitProcess
ReadConsoleW
GetUserDefaultLocaleName
FlsGetValue
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetConsoleMode
ResumeThread
ResetEvent
ReleaseSemaphore
OpenEventA
FormatMessageA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
MoveFileExW
CopyFileW
CreateDirectoryExW
DeviceIoControl
GetFileAttributesW
FindNextFileW
FindFirstFileW
SetEndOfFile
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
WriteConsoleW
OutputDebugStringW
EnumSystemLocalesEx
IsValidLocaleName
CreateDirectoryA
DeleteFileA
GetVersionExA
LocalAlloc
InitializeCriticalSectionEx
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
DecodePointer
EncodePointer
GetLocaleInfoEx
GetStringTypeW
ReadFile
GetCurrentProcessId
IsDebuggerPresent

user32

UnregisterClassW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
SetTimer
EnableWindow
MessageBeep
SetWindowTextA
MessageBoxA
GetWindowTextA
LoadCursorW
GetClassInfoExW
RegisterClassExW
GetActiveWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetParent
MapWindowPoints
SetWindowPos
SendMessageTimeoutA
RedrawWindow
CallWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
CreateWindowExW
ShowWindow
GetWindow
GetTopWindow
MoveWindow
KillTimer
GetWindowRect
PostQuitMessage
DestroyWindow
DefWindowProcW
EndPaint
BeginPaint
SetRect
SendMessageW
LoadBitmapW
FillRect
DrawTextA
CopyRect
IsWindowEnabled
InvalidateRect
GetClientRect
SendMessageA

gdi32

CreateSolidBrush
BitBlt
GetObjectW
DeleteObject
CreateCompatibleDC
SetTextColor
SetBkColor
SelectObject
SetBkMode
DeleteDC
CreateFontIndirectA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteValueW
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
SetEntriesInAclA
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
FreeSid
SetSecurityInfo
SetEntriesInAclW
AllocateAndInitializeSid
GetSecurityInfo
RegSetKeyValueA
RegCloseKey
RegEnumKeyExA
RegGetValueA
RegOpenKeyExA
RegCreateKeyExA
OpenProcessToken

shell32

SHGetFolderPathA
ShellExecuteA

ole32

OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

gdiplus

GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipAlloc
GdipFree
GdipSetPenMode
GdipCreatePath
GdipDeletePath
GdipResetPath
GdipClosePathFigure
GdipAddPathArcI
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetPageUnit
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdiplusStartup
GdiplusShutdown

Sections

.text
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4aecc860ece44cabf077a10142e49c4

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

a4:23:c0:04:a9:c7:70:15:42:30:e5:d2:71:be:06:54Certificate

Extended Key Usages

Key Usages

06:e5:84:f3:17:94:20:73:5d:88:7d:8e:11:5a:6c:3e:36:af:69Certificate

Extended Key Usages

Key Usages

d3:24:2b:45:6b:42:b6:d6:aa:e1:a2:3a:3a:c5:9f:99:fe:91:b8:76Signer

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

Sections

.text Size: 902KB - Virtual size: 902KB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 38KB - Virtual size: 55KB

.pdata Size: 53KB - Virtual size: 53KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 21KB - Virtual size: 20KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

a4:23:c0:04:a9:c7:70:15:42:30:e5:d2:71:be:06:54
Certificate

06:e5:84:f3:17:94:20:73:5d:88:7d:8e:11:5a:6c:3e:36:af:69
Certificate

d3:24:2b:45:6b:42:b6:d6:aa:e1:a2:3a:3a:c5:9f:99:fe:91:b8:76
Signer

.text
Size: 902KB - Virtual size: 902KB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 38KB - Virtual size: 55KB

.pdata
Size: 53KB - Virtual size: 53KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 21KB - Virtual size: 20KB