Uploader[.]7z | Triage

Resubmissions

29-06-2023 01:39

230629-b252psce61 10

29-06-2023 01:35

230629-bz1n7sce6v 10

Sharing

Copy URL

Twitter E-mail

General

Target

Uploader.7z
Size

441KB
MD5

8ab1a5c8f423bb9b62e68445e542fbcc
SHA1

c0fe62d65887d65af8af9f7acbdf7b0e9ebb7458
SHA256

4545c839b596f8d01becff14bb61ab84ee25af14e6ba63a946d0ff58eb0f8275
SHA512

1ecea21b9fac21e6f34f4ae745d1c8888fe6a8830379d18f7d9472606ae5421e44dbd0da0ade0c9732a273a73b5b86cb85923021e5d6c9ea45320dec8b190129
SSDEEP

12288:XNb5SxTKA36CcwdkTIWrR1eXk51r9o4vZDh6p02p:9OTK4rcqkTBr2CbDw02p

Score

1^/10

Malware Config

Signatures

Files

Uploader.7z
.zip

Password: 2023
Setup_x32_x64.exe
.exe windows x86

Password: 2023

c6c1db2c7528e88fea9f195c2379a7a1

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:10:10:87:8e:d6:f7:dd:d4:ec:8e:8f
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

18-09-2019 12:58

Not After

11-12-2022 11:53

Subject

CN=Adersoft,O=Adersoft,L=Paris,C=FR,1.2.840.113549.1.9.1=#0c14737570706f72744061646572736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14-06-2018 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02-08-2011 10:00

Not After

29-03-2029 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3e:46:ea:e6:d3:81:b0:6d:f1:90:c2:22:b1:83:aa:93:cd:f4:8f:64
Signer

Actual PE Digest

3e:46:ea:e6:d3:81:b0:6d:f1:90:c2:22:b1:83:aa:93:cd:f4:8f:64

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
VirtualProtect
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetFileType
LCMapStringW
GetStdHandle
HeapQueryInformation
GetModuleHandleExW
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineA
RtlUnwind
OutputDebugStringW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
lstrcmpA
GetCurrentProcessId
CreateEventW
GetTickCount
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
FindFirstFileW
FindClose
DeleteFileW
GetThreadLocale
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetVersionExW
GetVersion
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
GetACP
WideCharToMultiByte
GetFullPathNameW
MultiByteToWideChar
IsBadReadPtr
FormatMessageW
LocalFree
LocalAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
ExitProcess
SetFilePointer
ReadFile
GetFileSize
GetFileAttributesW
MulDiv
CreateProcessW
CreateThread
GetExitCodeProcess
WaitForSingleObject
GetLastError
GetCommandLineW
GetModuleFileNameW
CloseHandle
WriteFile
FlushFileBuffers
CreateFileW
FindResourceW
SizeofResource
LockResource
IsValidCodePage
LoadResource
WriteConsoleW

user32

WinHelpW
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
UpdateWindow
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
MonitorFromWindow
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetFocus
UnhookWindowsHookEx
GetMenuItemID
GetMenuStringW
GetParent
SendMessageW
SetTimer
KillTimer
EnableWindow
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetClassNameW
SetForegroundWindow
SetActiveWindow
SetMenuDefaultItem
TrackPopupMenu
RegisterWindowMessageW
UnregisterClassW
GetMonitorInfoW
ShowWindow
MoveWindow
IsWindowEnabled
DrawTextW
LoadIconW
SetWindowLongW
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetActiveWindow
PeekMessageW
DefWindowProcW
GetClassInfoW
UpdateLayeredWindow
SetLayeredWindowAttributes
SetCapture
ReleaseCapture
GetDC
ReleaseDC
GetWindowRect
GetCursorPos
ScreenToClient
PtInRect
LoadCursorW
SystemParametersInfoW
PostMessageW
RedrawWindow
GetDesktopWindow
wsprintfA
MessageBoxW
IsWindow
IsIconic
IsZoomed
GetSystemMetrics
GetMenu
SetMenu
DrawMenuBar
CreatePopupMenu
DestroyMenu
GetSubMenu
GetMenuItemCount
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
AppendMenuW
DeleteMenu
SetMenuInfo
DrawIcon
InvalidateRect
GetClientRect
FillRect
IsRectEmpty
DrawTextExW
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatW
GrayStringW
RealChildWindowFromPoint
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
GetWindowThreadProcessId
TranslateMessage
GetMessageW
CharUpperW
CharNextW
ClientToScreen
GetWindowDC
TabbedTextOutW

gdi32

GetClipBox
GetStockObject
GetViewportExtEx
GetWindowExtEx
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SetBkMode
SetMapMode
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
GetMapMode
Escape
CreatePen
GetRgnBox
CreateRectRgnIndirect
SetTextColor
SetBkColor
CreateBitmap
Rectangle
CreateFontW
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
GetDeviceCaps
GetObjectW
CreateDIBSection
SelectObject
DeleteObject
CreateCompatibleDC
DeleteDC

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
CreateProcessWithLogonW
RegEnumValueW
RegQueryValueW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateDirectoryExW
SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

ole32

CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateGuid
CreateStreamOnHGlobal
CoGetObject
CoTaskMemAlloc
OleInitialize
OleUninitialize
CLSIDFromString
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoDisconnectObject
CoInitialize

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantInit
SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
LoadTypeLi
SysStringLen

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdiplusShutdown
GdipAlloc
GdipCreateBitmapFromStream
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptQueryObject

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

c6c1db2c7528e88fea9f195c2379a7a1

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

3a:10:10:87:8e:d6:f7:dd:d4:ec:8e:8fCertificate

Extended Key Usages

Key Usages

33:90:20:77:61:c4:26:dd:94:50:03:0dCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

3e:46:ea:e6:d3:81:b0:6d:f1:90:c2:22:b1:83:aa:93:cd:f4:8f:64Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wintrust

crypt32

version

oleacc

Sections

.text Size: 353KB - Virtual size: 353KB

.rdata Size: 118KB - Virtual size: 117KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 198KB - Virtual size: 198KB

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

3a:10:10:87:8e:d6:f7:dd:d4:ec:8e:8f
Certificate

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

3e:46:ea:e6:d3:81:b0:6d:f1:90:c2:22:b1:83:aa:93:cd:f4:8f:64
Signer

.text
Size: 353KB - Virtual size: 353KB

.rdata
Size: 118KB - Virtual size: 117KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 198KB - Virtual size: 198KB