7022a16d455a3ad78d0bbeeb2793cb35e48822c3a0a8d9eaa326ffc91dd9e625[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7022a16d455a3ad78d0bbeeb2793cb35e48822c3a0a8d9eaa326ffc91dd9e625.zip
Size

230KB
MD5

055cdffbc3985b8889941fc0a0c8242c
SHA1

8ef84f8e6e4a1e3e5676cd98514d6c3419c499ab
SHA256

764adeae522c4bde9417074b6c79d13e551dc96f92082f0f2a4a570153e9bf40
SHA512

974d7a06d3f09b0f8594729bb90f2913e6b324c3f8eb7a4902f33b6fd88740b7bf227b0dd13082fcc554db91517ffc4f5ab90480d3a09064e7e875b028b8ddfc
SSDEEP

6144:eWG03QT2t0L12H4CuYx5TcJmSG9d4F/5n:VG0gTNL12H0mT2bIe

Score

1^/10

Malware Config

Signatures

Files

7022a16d455a3ad78d0bbeeb2793cb35e48822c3a0a8d9eaa326ffc91dd9e625.zip
.zip

Password: infected
7022a16d455a3ad78d0bbeeb2793cb35e48822c3a0a8d9eaa326ffc91dd9e625.bin
.exe windows x86

Password: infected

bae10aaa9e80d644f79420466068cc74

Code Sign

10:63:74:50:f8:44:54:b3:4b:f0:7e:4d:58:b0:f5:f2
Certificate

Issuer

CN=EGECQQEDPMAGYYBTTV

Not Before

24-01-2022 13:40

Not After

31-12-2039 23:59

Subject

CN=EGECQQEDPMAGYYBTTV

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

95:93:19:6b:9b:b6:0f:4c:58:e2:85:a5:b8:c5:d9:97:4c:71:93:fd
Signer

Actual PE Digest

95:93:19:6b:9b:b6:0f:4c:58:e2:85:a5:b8:c5:d9:97:4c:71:93:fd

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetModuleHandleW
FreeLibrary
GetProcAddress
GetTickCount
CreateEventW
GetCurrentProcessId
CloseHandle
WaitForSingleObject
GetThreadLocale
CreateDirectoryW
GetSystemWindowsDirectoryW
FindClose
FindFirstFileW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
InterlockedIncrement
GlobalMemoryStatusEx
GetVersionExW
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
GetNativeSystemInfo
GetLastError
CreateFileW
GetSystemDirectoryW
CreateProcessW
lstrlenW
GetEnvironmentVariableW
GetWindowsDirectoryW
LocalFree
LocalAlloc
FormatMessageW
GetLongPathNameW
GetShortPathNameW
InterlockedDecrement
GetTempPathW
GetLocalTime
OutputDebugStringW
GetCurrentThreadId
GetModuleHandleExW
GetExitCodeProcess
GetFileAttributesW
lstrlenA
WriteConsoleW
FlushFileBuffers
HeapSize
CompareStringW
LCMapStringW
QueryPerformanceCounter
ReadFile
GetProcessHeap
SetEndOfFile
SetFilePointer
GetConsoleMode
GetConsoleCP
SetStdHandle
SetHandleCount
Sleep
SetEnvironmentVariableW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
WriteFile
HeapCreate
IsProcessorFeaturePresent
InterlockedExchange
LoadLibraryA
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileExW
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc
GetStringTypeW
ExitProcess
DecodePointer
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
GetFileType
MultiByteToWideChar
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetFullPathNameW
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetVolumeInformationA
GetModuleFileNameA
GetOverlappedResult
CreateEventA
GlobalReAlloc
GetFileTime
SetFileTime
SystemTimeToFileTime
GetCurrentThread
GlobalMemoryStatus
GetSystemInfo
GetExitCodeThread
TerminateThread
CreateThread
GetDiskFreeSpaceA
GetCommandLineA
CreateMutexA
ReleaseMutex
OpenEventA
ResetEvent
GetFileAttributesA
lstrcatA
GetVersionExA
GetModuleHandleA
GetComputerNameA
GetPrivateProfileIntA
GetUserDefaultLangID
GetPrivateProfileSectionA
GetSystemDirectoryA
VirtualAlloc
VirtualFree
FindFirstFileA
MoveFileExA
RemoveDirectoryA
FindNextFileA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileSize
CopyFileA
GetPrivateProfileStringA
CreateFileA
DeviceIoControl
InitializeCriticalSection
PulseEvent
GetWindowsDirectoryA
DeleteFileA
GetCurrentDirectoryA
OpenFile
lstrcpyA
lstrcpynA
GetSystemTime
CreateProcessA
FormatMessageA
OutputDebugStringA
InterlockedCompareExchange
GetStartupInfoA
SetFileAttributesA
SetErrorMode

user32

GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
MsgWaitForMultipleObjectsEx
GetNextDlgGroupItem
DrawIconEx
CopyImage
GetIconInfo
MonitorFromPoint
RealChildWindowFromPoint
LoadAcceleratorsW
ShowOwnedPopups
NotifyWinEvent
CopyIcon
IsClipboardFormatAvailable
SetWindowContextHelpId
UpdateLayeredWindow
EnumDisplayMonitors
SetLayeredWindowAttributes
InSendMessage
CopyAcceleratorTableA
InvalidateRgn
LoadImageW
ToAsciiEx
CreateAcceleratorTableA
SubtractRect
GetWindowRgn
GetDCEx
CharUpperBuffA
SendNotifyMessageA
MapVirtualKeyExA
InvertRect
SetPropA
GetPropA
GetClassInfoExA
RegisterClassExA
GetComboBoxInfo
SetDlgItemTextA
MessageBeep
EnumClipboardFormats
CreateMenu
SetWindowTextW
GetDlgItemTextA
GetSystemMenu
FindWindowExA
TrackPopupMenuEx
MessageBoxW
LoadIconA
DrawTextW
GetTabbedTextExtentW
GetScrollPos
ShowScrollBar
EnableScrollBar
SetWindowRgn
WindowFromDC
GetAsyncKeyState
LoadMenuW
CreateWindowExW
PostQuitMessage
TrackPopupMenu
GetMenuStringA
SetKeyboardState
CheckMenuItem
SetWindowTextA
DestroyAcceleratorTable
ModifyMenuW
AppendMenuW
GetMenuStringW
WinHelpA
GetAncestor
CallWindowProcA
MapVirtualKeyA
keybd_event
SetMenu
AdjustWindowRectEx
SystemParametersInfoA
GetKeyboardState
ToAscii
GetTopWindow
ChildWindowFromPointEx
IsZoomed
DrawMenuBar
SetMenuDefaultItem
SendMessageW
DrawStateA
FlashWindowEx
CharUpperW
CharLowerW
IsCharLowerW
IsCharUpperW
CharUpperA
CharLowerA
IsCharLowerA
IsCharUpperA
RemoveMenu
GetMenuItemID
IsCharAlphaW
IsCharAlphaNumericW
IsCharAlphaA
IsCharAlphaNumericA
OemToCharBuffA
DefWindowProcW
GetUpdateRect
BeginPaint
EndPaint
GetKeyboardLayout
GetCursor
GetClipboardData
GetTabbedTextExtentA
CharToOemBuffA
GetScrollInfo
GetScrollRange
SetScrollPos
ScrollWindow
GetClassLongA
SetCaretPos
CreateCaret
ShowCaret
FrameRect
DestroyCaret
HideCaret
GrayStringA
LoadCursorA
CharNextA
SetClassLongA
SetWindowLongW
GetWindowLongW
SetWindowsHookExA
RegisterClassA
UnregisterClassA
FindWindowA
RegisterClipboardFormatA
TileWindows
GetDoubleClickTime
ShowWindow
InsertMenuItemA
DispatchMessageW
GetMessageW
GetForegroundWindow
SetClipboardData
GetActiveWindow
UnhookWindowsHookEx
SetForegroundWindow
SetActiveWindow
LockWindowUpdate
ModifyMenuA
GetMenuItemCount
EnableMenuItem
DeleteMenu
GetWindowThreadProcessId
CallNextHookEx
IsRectEmpty
OffsetRect
BeginDeferWindowPos
EndDeferWindowPos
IsIconic
DrawIcon
GetDlgCtrlID
GetSysColorBrush
IntersectRect
SetRect
SetRectEmpty
IsWindowEnabled
RegisterWindowMessageA
DestroyIcon
LoadImageA
GetSystemMetrics
DestroyMenu
SetMenuInfo
GetSubMenu
DefWindowProcA
ValidateRect
SetCursorPos
ReleaseCapture
DrawFrameControl
FillRect
DestroyCursor
SetCursor
ShowCursor
LoadCursorW
SetCapture
GetCapture
KillTimer
SetTimer
BringWindowToTop
MessageBoxA
GetMessageA
SetScrollRange
SetScrollInfo
PostThreadMessageA
ScreenToClient
GetMenu
GetWindow
SetWindowPos
EmptyClipboard
CloseClipboard
DrawTextExA
SetFocus
IsWindowUnicode
DestroyWindow
DrawTextA
OpenClipboard
GetDesktopWindow
PostMessageA
InsertMenuA
LoadBitmapW
InflateRect
GetWindowLongA
GetCursorPos
WindowFromPoint
IsWindowVisible
InvalidateRect
ClientToScreen
AppendMenuA
CreatePopupMenu
EqualRect
PtInRect
GetDlgItem
UpdateWindow
PeekMessageA
TranslateMessage
DispatchMessageA
WaitMessage
LoadIconW
IsChild
GetFocus
GetSysColor
MapDialogRect
GetDialogBaseUnits
GetClientRect
CreateWindowExA
SetWindowLongA
GetWindowRect
MoveWindow
SetParent
RedrawWindow
ReleaseDC
GetDC
DrawFocusRect
TabbedTextOutA
CreateDialogIndirectParamA
EndDialog
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SendDlgItemMessageA
GetWindowTextLengthA
GetLastActivePopup
GetMessageTime
GetMonitorInfoA
SetWindowPlacement
GetWindowPlacement
GetKeyNameTextA
SetPropW
RemovePropW
GetPropW
CharLowerBuffW
CharLowerBuffA
RemovePropA
AttachThreadInput
TrackMouseEvent
CopyRect
GetParent
IsWindow
GetClassNameA
wsprintfA
GetKeyState
SendMessageA
EnableWindow
CheckMenuRadioItem
EnumChildWindows
LoadAcceleratorsA
TranslateAcceleratorA
LoadStringA
LoadStringW
GetUserObjectInformationW
GetClassNameW
LoadMenuIndirectA
GetNextDlgTabItem
GetClassInfoW
RegisterClassW
GetMenuDefaultItem
IsMenu
GetMenuInfo
IsDialogMessageA
UnionRect
GetMessagePos
GetMenuState
GetMenuItemInfoA
GetWindowTextA
GetWindowDC
MonitorFromWindow
MapWindowPoints
DrawEdge
DeferWindowPos
GetClassInfoA
GetCaretPos
LoadBitmapA
GetProcessWindowStation
GetClipboardOwner
GetQueueStatus
LoadMenuA
CallWindowProcW

advapi32

RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

bae10aaa9e80d644f79420466068cc74

Code Sign

10:63:74:50:f8:44:54:b3:4b:f0:7e:4d:58:b0:f5:f2Certificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

95:93:19:6b:9b:b6:0f:4c:58:e2:85:a5:b8:c5:d9:97:4c:71:93:fdSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 1024B - Virtual size: 1000B

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 31KB - Virtual size: 35KB

10:63:74:50:f8:44:54:b3:4b:f0:7e:4d:58:b0:f5:f2
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

95:93:19:6b:9b:b6:0f:4c:58:e2:85:a5:b8:c5:d9:97:4c:71:93:fd
Signer

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 1024B - Virtual size: 1000B

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 31KB - Virtual size: 35KB