6a733415c0eee41bedcc2e9056965fcdc12db926b90fed2feac3e348e546f1ae

Sharing

Copy URL Twitter E-mail

General

Target

6a733415c0eee41bedcc2e9056965fcdc12db926b90fed2feac3e348e546f1ae
Size

4.9MB
MD5

524e5f0ae64bf167811b0133f2f4212a
SHA1

bbaf21a83c9f59d9ab5efe611603a2a328a0123b
SHA256

6a733415c0eee41bedcc2e9056965fcdc12db926b90fed2feac3e348e546f1ae
SHA512

117014d64507f59ab2f4a768e8f0f384c0720e4b0b2ed9774fb7af5276cec768ff5c89ddbdbc20317e1ace6e27a36daad76bf63a04d063852d8c9fd7502fb5ac
SSDEEP

49152:SKzMJmlgBlngqKP9JX5cg2xIdPYTRSPE4KNxB5Hz4ouN:x8m2Bls94g2xIdP4ReKLB5Hz4oy

Score

1^/10

Malware Config

Signatures

Files

6a733415c0eee41bedcc2e9056965fcdc12db926b90fed2feac3e348e546f1ae
.exe windows x86

cfc31a9096907c5c43510b507679d274

Code Sign

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:26

Not After

11/09/2023, 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/03/2023, 04:13

Not After

08/03/2026, 04:13

Subject

CN=Power Software Limited,O=Power Software Limited,L=Sheung Wan,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

64:33:51:d3:c7:38:9f:08
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

24/06/2016, 20:44

Not After

24/06/2031, 20:44

Subject

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/12/2022, 18:30

Not After

06/12/2032, 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:26

Not After

11/09/2023, 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:26

Not After

11/09/2023, 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/03/2023, 04:13

Not After

08/03/2026, 04:13

Subject

CN=Power Software Limited,O=Power Software Limited,L=Sheung Wan,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

64:33:51:d3:c7:38:9f:08
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

24/06/2016, 20:44

Not After

24/06/2031, 20:44

Subject

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/12/2022, 18:30

Not After

06/12/2032, 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11/09/2018, 09:26

Not After

11/09/2023, 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:50:a9:ea:ed:56:e5:ee:9d:70:67:9c:8e:ee:f5:1a:1b:55:9e:d9:ec:3f:94:d5:4a:4d:a1:55:fe:ee:00:6d
Signer

Actual PE Digest

90:50:a9:ea:ed:56:e5:ee:9d:70:67:9c:8e:ee:f5:1a:1b:55:9e:d9:ec:3f:94:d5:4a:4d:a1:55:fe:ee:00:6d

Digest Algorithm

sha256

PE Digest Matches

false

e2:b7:2f:7d:1e:1e:9f:57:9d:73:b1:7c:ef:d2:bf:8b:10:f5:9d:60
Signer

Actual PE Digest

e2:b7:2f:7d:1e:1e:9f:57:9d:73:b1:7c:ef:d2:bf:8b:10:f5:9d:60

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerGetNumDevs
mixerOpen
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetDevCapsW
waveOutGetDevCapsW
waveOutOpen
waveOutReset
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
mixerClose
mciSendCommandW
mixerGetControlDetailsW
mixerSetControlDetails
mciGetErrorStringW

rpcrt4

UuidFromStringW

kernel32

HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
VirtualAlloc
IsBadWritePtr
LCMapStringA
SetUnhandledExceptionFilter
SetStdHandle
IsValidLocale
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetDriveTypeA
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
GetFileType
CompareStringA
GetACP
GetOEMCP
SetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
FindResourceA
GlobalAddAtomA
GetProfileStringA
FindClose
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
Sleep
WaitForSingleObject
ReadFile
SetLastError
ExitProcess
ResumeThread
SuspendThread
CreateThread
GetTickCount
LocalFree
RaiseException
RtlUnwind
TerminateProcess
GetSystemTimeAsFileTime
HeapFree
GetCurrentDirectoryA
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
SetErrorMode
GetProcessVersion
LocalReAlloc
GlobalReAlloc
TlsFree
GlobalFlags
lstrcmpiA
UnlockFile
LockFile
lstrcmpA
GetModuleHandleA
GlobalDeleteAtom
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetFileInformationByHandle
MoveFileExW
TlsAlloc
DosDateTimeToFileTime
TlsSetValue
TlsGetValue
LocalAlloc
GlobalUnlock
GetSystemDefaultLangID
SetThreadExecutionState
CreateEventA
GetOverlappedResult
GetCurrentThread
MapViewOfFile
UnmapViewOfFile
GetThreadPriority
VirtualProtect
ExitThread
WinExec
GetExitCodeProcess
CreatePipe
DuplicateHandle
SetFilePointer
SetEndOfFile
GlobalLock
GlobalSize
GetCurrentProcessId
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
SetEvent
InitializeCriticalSection
SetThreadPriority
GetFileTime
GlobalHandle
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
GetCurrentThreadId
GetCurrentProcess
GetVersion
DefineDosDeviceW
GetLogicalDrives
SetFileTime
ResetEvent
GetFileSize
WriteFile
FlushFileBuffers
FreeLibrary
LoadResource
SizeofResource
LockResource
CloseHandle
DeviceIoControl
GetLastError
GlobalFree

user32

SetRect
SetParent
TranslateMessage
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetRectEmpty
DestroyCursor
SetCursorPos
DestroyMenu
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
IsDlgButtonChecked
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
ScrollWindow
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetMenu
TrackPopupMenu
GetMessageTime
GetLastActivePopup
GetForegroundWindow
GetWindow
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
DestroyWindow
IsWindowEnabled
GetAsyncKeyState
DrawEdge
CreateIconIndirect
GetIconInfo
ShowWindow
GetScrollInfo
IsWindow
GetWindowPlacement
MoveWindow
GetDlgCtrlID
SetWindowPos
DrawFrameControl
DrawFocusRect
MessageBeep
EnumChildWindows
SendMessageA
SetMenuDefaultItem
FrameRect
DrawIconEx
GetDCEx
IntersectRect
SetCaretPos
GetSystemMetrics
HideCaret
CreateCaret
ShowCaret
DestroyCaret
IsRectEmpty
IsIconic
InvalidateRgn
ReleaseCapture
SetCapture
SetMenu
CheckMenuRadioItem
DestroyIcon
GetSysColorBrush
IsWindowVisible
IsZoomed
EmptyClipboard
SetClipboardData
GetMessagePos
FillRect
PtInRect
GetWindowDC
GetMenuItemCount
WindowFromPoint
GetDesktopWindow
TrackPopupMenuEx
UnhookWindowsHookEx
CallNextHookEx
GetCapture
MapDialogRect
PostQuitMessage
ShowOwnedPopups
ValidateRect
MessageBoxA
GetDlgItem
SetFocus
GetKeyState
GetFocus
UpdateWindow
EqualRect
BeginDeferWindowPos
EndDeferWindowPos
GetDC
ReleaseDC
RedrawWindow
InflateRect
GetSysColor
CopyRect
OffsetRect
OpenClipboard
CloseClipboard
GetSystemMenu
BroadcastSystemMessage
GetMenuItemID
RemoveMenu
EnableMenuItem
CheckMenuItem
GetSubMenu
GetWindowRect
GetClientRect
ClientToScreen
CreatePopupMenu
SetForegroundWindow
GetParent
LockWindowUpdate
ShowScrollBar
SetTimer
KillTimer
GetCursorPos
ScreenToClient
SetCursor
InvalidateRect
GetKeyboardLayout
GetClassNameA
SetWindowsHookExA
CharNextA
DefWindowProcA
DefDlgProcA
GetClassInfoA
DrawTextA
GetWindowTextA
ExcludeUpdateRgn
GetWindowTextLengthA
DrawIcon

gdi32

GetDeviceCaps
SetDIBits
GetDIBits
GetClipBox
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
Escape
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
CombineRgn
StretchDIBits
LPtoDP
RectVisible
PtVisible
CreateRectRgn
Ellipse
GetTextColor
PolyPolyline
SetBkMode
SetTextColor
SetBkColor
CreateRectRgnIndirect
SetRectRgn
TranslateCharsetInfo
GetBkColor
SetBoundsRect
MoveToEx
LineTo
CreateDIBitmap
RoundRect
CreateCompatibleBitmap
DeleteDC
CreatePen
DeleteObject
CreateSolidBrush
Rectangle
GetStockObject
PatBlt
CreateDIBSection
CreateCompatibleDC
GetPixel
SetPixel
SetStretchBltMode
BitBlt
StretchBlt
CreateBitmap
ExtTextOutA
GetTextExtentPointA
SelectObject

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA
GetTokenInformation
OpenProcessToken
LookupAccountNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
DeleteAce
EqualSid
GetAce
GetAclInformation
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHGetMalloc
SHGetDesktopFolder
DragFinish
DragAcceptFiles

comctl32

ImageList_AddMasked
ImageList_Add
_TrackMouseEvent
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

ole32

OleGetClipboard
CoTaskMemFree
PropVariantClear
CreateStreamOnHGlobal
DoDragDrop
CoCreateInstance
CoUninitialize
ReleaseStgMedium
CoInitialize
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
CoCreateGuid

olepro32

ord251

oleaut32

SysFreeString
VariantClear
SysAllocString
SysStringByteLen

wininet

InternetAttemptConnect
InternetOpenW
InternetCloseHandle
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW
InternetConnectW

Sections

.KPC
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 988KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 548KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfc31a9096907c5c43510b507679d274

Code Sign

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65Certificate

Extended Key Usages

Key Usages

64:33:51:d3:c7:38:9f:08Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65Certificate

Extended Key Usages

Key Usages

64:33:51:d3:c7:38:9f:08Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

90:50:a9:ea:ed:56:e5:ee:9d:70:67:9c:8e:ee:f5:1a:1b:55:9e:d9:ec:3f:94:d5:4a:4d:a1:55:fe:ee:00:6dSigner

e2:b7:2f:7d:1e:1e:9f:57:9d:73:b1:7c:ef:d2:bf:8b:10:f5:9d:60Signer

Headers

File Characteristics

Imports

winmm

rpcrt4

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

wininet

Sections

.KPC Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 988KB - Virtual size: 2.4MB

.rsrc Size: 548KB - Virtual size: 546KB

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65
Certificate

64:33:51:d3:c7:38:9f:08
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

20:45:6e:ff:67:25:04:b0:d5:ff:21:fa:45:55:82:65
Certificate

64:33:51:d3:c7:38:9f:08
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

90:50:a9:ea:ed:56:e5:ee:9d:70:67:9c:8e:ee:f5:1a:1b:55:9e:d9:ec:3f:94:d5:4a:4d:a1:55:fe:ee:00:6d
Signer

e2:b7:2f:7d:1e:1e:9f:57:9d:73:b1:7c:ef:d2:bf:8b:10:f5:9d:60
Signer

.KPC
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 988KB - Virtual size: 2.4MB

.rsrc
Size: 548KB - Virtual size: 546KB