毫秒表[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

毫秒表.exe
Size

195KB
MD5

fccafd90dadba3d7e32fb55b32f47ddd
SHA1

4281b2663ed1e804ed613df2e7692c6b7994e804
SHA256

3bfe55ba854143f6b91a6a4a6fbdea119ff313d840000964a3dd9558b7d10cb4
SHA512

99921710cf255e8feb91d1f2ca813fef4db5780afcaa1e33b4747051d5a58c282cce87ee97e9b8c0e3a4521ddd98dabc8a67274a4f99823d35e73cb46235f517
SSDEEP

3072:CrqsEHk2jYF5cp+P8e7YKPGEOyzRi2asx11IVwOr5+J9Og6IX3Obtmgc:1Zuyn/KPGEO32Zxfg0OboH

Score

1^/10

Malware Config

Signatures

Files

毫秒表.exe
.exe windows x64

7cc4087dee0d8768ba724bd4a389fda0

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:60:89:6b:93:1c:3c:5a:e1:ad:84:cf:da:71:06:b0
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

14/06/2021, 00:00

Not After

14/06/2023, 23:59

Subject

CN=Nenad Hrg,O=Nenad Hrg,L=Srima,C=HR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c0:07:b8:9a:04:6e:2a:56:37:8c:37:a5:ca:63:54:01:59:c0:c6:74:cb:a2:23:34:3e:c2:23:63:82:f4:24:a6
Signer

Actual PE Digest

c0:07:b8:9a:04:6e:2a:56:37:8c:37:a5:ca:63:54:01:59:c0:c6:74:cb:a2:23:34:3e:c2:23:63:82:f4:24:a6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTempPathW
Sleep
CreateThread
lstrcpynW
TerminateThread
GetProcessHeap
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
HeapSetInformation
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointer
DeleteFileW
GetFileType
SetHandleCount
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetModuleFileNameA
GetStdHandle
HeapSize
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapAlloc
HeapFree
GetLastError
RtlPcToFileHeader
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
WriteFile
GetFileAttributesW
GetUserDefaultLangID
GetTimeZoneInformation
lstrcmpiW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateFileW
CloseHandle
GetModuleFileNameW
GetCurrentThreadId
GetLocalTime
GetModuleHandleW
GetProcAddress
LoadLibraryW
lstrcmpW
OutputDebugStringW
DebugBreak
lstrlenA
SetLastError
lstrcatW
lstrcpyW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetStartupInfoA

user32

TranslateAcceleratorW
DestroyIcon
DispatchMessageW
FindWindowExW
DrawAnimatedRects
LoadAcceleratorsW
CopyRect
OffsetRect
CreateIconIndirect
TranslateMessage
GetMessageW
LoadIconW
LoadCursorW
RegisterClassExW
GetActiveWindow
BeginPaint
EndPaint
PostQuitMessage
DestroyWindow
IsWindowVisible
SetActiveWindow
GetCursorPos
GetDlgItemTextW
CreateMenu
CreatePopupMenu
AppendMenuW
UpdateWindow
MessageBoxW
GetDlgItemInt
SetDlgItemTextW
SetDlgItemInt
MoveWindow
SetWindowLongW
GetMenu
SetMenu
CheckMenuItem
LoadImageW
GetSysColor
DrawIconEx
CopyImage
GetIconInfo
GetWindowPlacement
IsWindow
GetAsyncKeyState
keybd_event
SetForegroundWindow
MessageBeep
DialogBoxParamW
SetWindowsHookExW
GetWindowLongW
CallNextHookEx
GetClassNameW
GetWindowTextW
GetSystemMetrics
GetParent
DefWindowProcW
GetMenuItemInfoW
DrawTextW
PostMessageW
GetWindowLongPtrW
SetWindowLongPtrW
CallWindowProcW
CreateWindowExW
SetWindowPos
ShowWindow
GetMenuBarInfo
GetClientRect
MapWindowPoints
GetWindowRect
GetWindowDC
FillRect
SetPropW
SystemParametersInfoW
SetWindowTextW
EndDialog
GetDC
ReleaseDC
SendMessageW
GetDlgItem
wvsprintfW
CharLowerW
wsprintfW
LoadStringW
CharNextW

gdi32

GetStockObject
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateDIBSection
GetClipBox
CreateSolidBrush
SetBkMode
SetBkColor
ExtTextOutW
SetTextColor
EnumFontsW
GetPixel
CreateBitmap
GetObjectW
CreateFontIndirectW
OffsetWindowOrgEx
SetPixel
GetDeviceCaps

comdlg32

GetOpenFileNameW

shell32

ShellExecuteW
SHAppBarMessage
Shell_NotifyIconW

ole32

CoInitialize

oleaut32

SysAllocStringLen

winmm

timeGetTime

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cc4087dee0d8768ba724bd4a389fda0

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

0a:60:89:6b:93:1c:3c:5a:e1:ad:84:cf:da:71:06:b0Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c0:07:b8:9a:04:6e:2a:56:37:8c:37:a5:ca:63:54:01:59:c0:c6:74:cb:a2:23:34:3e:c2:23:63:82:f4:24:a6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

winmm

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 27KB - Virtual size: 122KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 10KB - Virtual size: 9KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

0a:60:89:6b:93:1c:3c:5a:e1:ad:84:cf:da:71:06:b0
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c0:07:b8:9a:04:6e:2a:56:37:8c:37:a5:ca:63:54:01:59:c0:c6:74:cb:a2:23:34:3e:c2:23:63:82:f4:24:a6
Signer

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 27KB - Virtual size: 122KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 10KB - Virtual size: 9KB