HWMonitorPro_x32[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

HWMonitorPro_x32.exe
Size

2.0MB
MD5

24773f55a9e9536b99ed350aa86fa0c9
SHA1

d91b9c9898cd4b14ac99d4fa25f4c3a7ffaa9ec7
SHA256

e461dbfae016f936c2c99cc27eb1adb480fe5fde83db1dff36bfdd523ce72d98
SHA512

f0883f5169aa66ddb5a2ce94d33c505db2ed1081a5cd2b83008de881868ef82f990b8f6d9a450539ecf11960c07bce013cc1079ae16bf7aee6315830f566b791
SSDEEP

24576:7LvzESG5IyB3LN2nVT7NoLlVIxL3EqHBiakl/qkuNPfNMvd:7LLxy5p2nBhoLXIxTEq+s8

Score

1^/10

Malware Config

Signatures

Files

HWMonitorPro_x32.exe
.exe windows x86

68b3c952adde2baf491e1abebf1a4545

Code Sign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:49:bc:0d:5d:7c:30:38:b5:e7:65:28:0a:d0:1b:d8
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21/09/2018, 00:00

Not After

31/12/2019, 12:00

Subject

SERIALNUMBER=493 590 202,CN=CPUID S.A.R.L.U.,O=CPUID S.A.R.L.U.,L=Dunkerque,C=FR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024652

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:05:ec:13:8e:94:a1:db:6e:b7:dc:79:05:08:3f:04
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14/09/2018, 00:00

Not After

17/09/2021, 12:00

Subject

SERIALNUMBER=493 590 202,CN=CPUID S.A.R.L.U.,O=CPUID S.A.R.L.U.,L=Dunkerque,C=FR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024652

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cc:19:0e:4b:3d:17:68:79:07:42:6f:54:76:97:7f:ba:f4:ca:59:b8:08:ce:6d:37:17:bd:9b:37:b6:4c:3f:b6
Signer

Actual PE Digest

cc:19:0e:4b:3d:17:68:79:07:42:6f:54:76:97:7f:ba:f4:ca:59:b8:08:ce:6d:37:17:bd:9b:37:b6:4c:3f:b6

Digest Algorithm

sha256

PE Digest Matches

true

fb:c3:dd:7d:b3:95:80:f1:d6:c4:48:53:a6:d5:84:49:38:d7:c5:7a
Signer

Actual PE Digest

fb:c3:dd:7d:b3:95:80:f1:d6:c4:48:53:a6:d5:84:49:38:d7:c5:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

timeGetTime

advapi32

RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueW
CloseServiceHandle
CreateServiceW
DeleteService
OpenServiceA
StartServiceA
ControlService
OpenSCManagerA
RegSetValueW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyExW
RegCreateKeyW
RegOpenKeyExA

kernel32

TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
lstrlenA
GetThreadLocale
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
MoveFileW
GetStringTypeExW
lstrcmpiW
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetShortPathNameW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
GetFileSizeEx
SetErrorMode
GetTempFileNameW
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
VirtualAlloc
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalGetAtomNameW
GetCurrentProcessId
LeaveCriticalSection
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GlobalLock
GlobalUnlock
FormatMessageW
GetTickCount
CancelIo
ResetEvent
CreateEventA
SetThreadAffinityMask
ResumeThread
QueryPerformanceFrequency
GetCurrentThread
GetPriorityClass
SetPriorityClass
GetThreadPriority
QueryPerformanceCounter
WriteConsoleA
GlobalMemoryStatus
GetDiskFreeSpaceA
LocalAlloc
LocalFree
CreateDirectoryA
GetTempPathA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
DeleteFileA
RemoveDirectoryA
GetComputerNameA
CreateFileA
DeviceIoControl
GetCurrentDirectoryA
GetModuleFileNameA
OpenMutexA
CreateMutexA
GetVersionExA
GetCurrentProcess
GetSystemInfo
LoadLibraryA
GetProcessHeap
HeapFree
WinExec
lstrcatW
lstrcpyW
lstrlenW
SetLastError
GetExitCodeProcess
CreateProcessW
MulDiv
SetFilePointer
WriteFile
SetFileTime
GetFileTime
SystemTimeToFileTime
GetLocalTime
ReadFile
CreateFileW
GlobalFree
GlobalAlloc
DeleteFileW
SetThreadPriority
ExitThread
Sleep
ReleaseMutex
FileTimeToSystemTime
GetComputerNameW
CreateDirectoryW
GetFileAttributesW
CreateMutexW
GetLastError
GetModuleFileNameW
GetModuleHandleW
WaitForSingleObject
CreateThread
CloseHandle
InterlockedDecrement
SetCurrentDirectoryW
GetCurrentDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
GetTempPathW
GetVersionExW
MultiByteToWideChar
GetDiskFreeSpaceW
FreeResource
GetFullPathNameW
GetStartupInfoW

user32

SystemParametersInfoW
GetMenuItemInfoW
ShowOwnedPopups
PostQuitMessage
GetMessageW
TranslateMessage
ValidateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetActiveWindow
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorW
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetScrollPos
GetScrollPos
IsWindowVisible
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
SetScrollInfo
GetDlgCtrlID
WindowFromPoint
SetRect
CharUpperW
DeleteMenu
LoadCursorW
GetSysColorBrush
UnregisterClassW
RegisterWindowMessageW
IsZoomed
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
UnhookWindowsHookEx
wsprintfA
CreateIconIndirect
CreateCursor
GetSystemMetrics
SetCursor
SetForegroundWindow
GetCursorPos
SetTimer
DestroyIcon
LoadIconW
ModifyMenuW
EnableMenuItem
GetSubMenu
InflateRect
DrawFocusRect
GetSysColor
IsRectEmpty
CopyRect
LoadMenuW
AppendMenuW
CreatePopupMenu
SetWindowLongW
KillTimer
PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW
MessageBoxW
LoadBitmapW
UpdateWindow
GetWindowRect
IsWindow
PostMessageW
InvalidateRect
ReleaseDC
GetDC
GetParent
PtInRect
GetWindowLongW
GetClientRect
SendMessageW
ClientToScreen
EnableWindow
GetClassInfoW

gdi32

CreatePatternBrush
CreatePen
GetTextMetricsW
GetBkColor
ExtCreatePen
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
CreateCompatibleDC
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
RestoreDC
SaveDC
SetBkColor
GetClipBox
GetDeviceCaps
DeleteDC
TextOutW
SetTextAlign
PatBlt
SetBkMode
SetTextColor
CreateSolidBrush
SelectClipRgn
CreateRectRgn
CreateFontIndirectW
GetStockObject
GetPixel
CreateBitmap
GetObjectW
DeleteObject
Polyline
CreateRectRgnIndirect
SelectObject
CreateDIBSection
CreateFontW
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

Shell_NotifyIconW
DragFinish
DragQueryFileW
ExtractIconW
SHGetFileInfoW
ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

ole32

CoTaskMemFree
StringFromGUID2
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetVartype

ws2_32

htons
bind
listen
WSAAsyncSelect
connect
socket
shutdown
accept
recv
closesocket
WSACleanup
WSAStartup
gethostbyname
htonl
WSAGetLastError
send

iphlpapi

GetIfEntry
GetAdaptersInfo

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b3c952adde2baf491e1abebf1a4545

Code Sign

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

0d:49:bc:0d:5d:7c:30:38:b5:e7:65:28:0a:d0:1b:d8Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

61:20:4d:b4:00:00:00:00:00:27Certificate

Key Usages

03:05:ec:13:8e:94:a1:db:6e:b7:dc:79:05:08:3f:04Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

cc:19:0e:4b:3d:17:68:79:07:42:6f:54:76:97:7f:ba:f4:ca:59:b8:08:ce:6d:37:17:bd:9b:37:b6:4c:3f:b6Signer

fb:c3:dd:7d:b3:95:80:f1:d6:c4:48:53:a6:d5:84:49:38:d7:c5:7aSigner

Headers

DLL Characteristics

File Characteristics

Imports

version

winmm

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

ole32

oleaut32

ws2_32

iphlpapi

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 333KB - Virtual size: 333KB

.data Size: 126KB - Virtual size: 148KB

.rsrc Size: 375KB - Virtual size: 374KB

61:20:4d:b4:00:00:00:00:00:27
Certificate

0d:49:bc:0d:5d:7c:30:38:b5:e7:65:28:0a:d0:1b:d8
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

61:20:4d:b4:00:00:00:00:00:27
Certificate

03:05:ec:13:8e:94:a1:db:6e:b7:dc:79:05:08:3f:04
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

cc:19:0e:4b:3d:17:68:79:07:42:6f:54:76:97:7f:ba:f4:ca:59:b8:08:ce:6d:37:17:bd:9b:37:b6:4c:3f:b6
Signer

fb:c3:dd:7d:b3:95:80:f1:d6:c4:48:53:a6:d5:84:49:38:d7:c5:7a
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 333KB - Virtual size: 333KB

.data
Size: 126KB - Virtual size: 148KB

.rsrc
Size: 375KB - Virtual size: 374KB