ade1398c1c3963exeexeexeex[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ade1398c1c3963exeexeexeex.exe
Size

2.6MB
MD5

ade1398c1c396395a8cbf971e0b52ac3
SHA1

3a547b0a7400cdd3255fa80c4170e4fe3401c309
SHA256

e47c49aa34a060436171fd5f454a15f292c47a5d45c3391b354bcf106cb4b7f9
SHA512

b9410cbcd0ecd355193a15bf1b7553d6c0a4593413bb1a924e2ae426e1c47282f86852517090d03c622366fbc3cf58b80aa2a9edcf926e4d114be217669944af
SSDEEP

49152:S4Ao5KIfvHFDHBHcg5Q9jK1JMSpTL2gve1ANDPEMlcnKCeTHB+vsztRDO0cGE4dY:FAoJfvRHBj5Q9+1JMS1L2gvgANHcnKCt

Score

1^/10

Malware Config

Signatures

Files

ade1398c1c3963exeexeexeex.exe
.exe windows x86

e84cd59c14c394b3b854f4e78b2fa13b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:ce:17:89:2a:df:0f:72:9a:87:b9:4e:b6:7f:28:66
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19/08/2021, 00:00

Not After

19/08/2022, 23:59

Subject

CN=HP Inc.,OU=Hp cybersecurity,O=HP Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/06/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:f0:0e:c8:1e:03:ec:fd:9e:3b:88:6c:23:4a:ea:b9:eb:0c:c3:79:99:9e:8d:ad:19:ae:19:44:4e:a3:3c:01
Signer

Actual PE Digest

0d:f0:0e:c8:1e:03:ec:fd:9e:3b:88:6c:23:4a:ea:b9:eb:0c:c3:79:99:9e:8d:ad:19:ae:19:44:4e:a3:3c:01

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetTimeZoneInformation
GetDriveTypeW
HeapCreate
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
IsValidCodePage
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
CreateThread
ExitThread
ExitProcess
GetFileType
FindResourceW
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetConsoleCP
HeapAlloc
DecodePointer
EncodePointer
HeapFree
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetTempPathA
GetTempFileNameA
GetACP
GetOEMCP
GetCPInfo
lstrcpyA
GetCurrentDirectoryA
GlobalFlags
FindResourceA
FreeResource
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
SetErrorMode
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
TlsFree
DeleteCriticalSection
GetStdHandle
SetHandleCount
HeapReAlloc
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
FileTimeToLocalFileTime
FileTimeToSystemTime
ResumeThread
SetThreadPriority
GlobalAddAtomA
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleHandleW
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ActivateActCtx
LoadLibraryA
DeactivateActCtx
GetModuleHandleA
GetProcAddress
CreateFileA
lstrcmpiA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
GetModuleFileNameA
CopyFileA
WritePrivateProfileSectionA
lstrlenA
GetFullPathNameA
MultiByteToWideChar
EndUpdateResourceA
EnumResourceNamesA
LoadLibraryExA
BeginUpdateResourceA
EnumResourceLanguagesA
FindResourceExA
UpdateResourceA
FreeLibrary
DeleteFileA
CloseHandle
GetPrivateProfileSectionA
FindNextFileA
LockResource
FindClose
RemoveDirectoryA
FindFirstFileA
CreateDirectoryA
CreateProcessA
SizeofResource
Sleep
WideCharToMultiByte
GetWindowsDirectoryA
WaitForSingleObject
LoadResource
CompareStringW

user32

SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
IntersectRect
GetMenuItemInfoA
InflateRect
UnregisterClassA
DestroyIcon
IsIconic
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
EndPaint
CloseClipboard
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
GetDesktopWindow
RealChildWindowFromPoint
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
GetWindowRgn
DestroyCursor
DrawIcon
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
LoadCursorA
GetDC
ReleaseDC
GetSysColor
MapDialogRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
BeginPaint
IsCharLowerA
GetSysColorBrush
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
CharUpperA
GetSystemMetrics
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBoxA
DestroyMenu

gdi32

CreateCompatibleBitmap
OffsetViewportOrgEx
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
SetDIBColorTable
CreateFontIndirectA
CreateHatchBrush
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
SetViewportOrgEx
SelectObject
Escape
StretchBlt
CreateDIBitmap
ExtTextOutA
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetPixel
GetDeviceCaps
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
CreateDCA
CopyMetaFileA
SetViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegQueryValueA
RegEnumKeyA

shell32

SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
DragQueryFileA
DragFinish
ShellExecuteA
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

SysFreeString
SysAllocString
VariantInit
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantClear
SysAllocStringLen

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84cd59c14c394b3b854f4e78b2fa13b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:ce:17:89:2a:df:0f:72:9a:87:b9:4e:b6:7f:28:66Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

0d:f0:0e:c8:1e:03:ec:fd:9e:3b:88:6c:23:4a:ea:b9:eb:0c:c3:79:99:9e:8d:ad:19:ae:19:44:4e:a3:3c:01Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 273KB - Virtual size: 273KB

.data Size: 28KB - Virtual size: 57KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 164KB - Virtual size: 164KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:ce:17:89:2a:df:0f:72:9a:87:b9:4e:b6:7f:28:66
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

0d:f0:0e:c8:1e:03:ec:fd:9e:3b:88:6c:23:4a:ea:b9:eb:0c:c3:79:99:9e:8d:ad:19:ae:19:44:4e:a3:3c:01
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 273KB - Virtual size: 273KB

.data
Size: 28KB - Virtual size: 57KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 164KB - Virtual size: 164KB