WebBrowserBookmarksView[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

WebBrowserBookmarksView.exe
Size

348KB
MD5

6603df1b69a9a0de65abaef7457f5f9d
SHA1

62ce0b24fc7c6effdfb7098e9836ef59bba53aca
SHA256

5c52bbe3ebc7c89be1e466ffe38b213dbca3ae223490ef2622704170df91684b
SHA512

cb628b5c0196df9b10dadfba53d89ff0c95b3d19625cb08634ea6aab82136bc5438dcc63fc6e451c2a94b0d149ef723f3fbb2df85161b69dd0c02405b3c9d713
SSDEEP

6144:ltnU7oJFQZYgn0LG1EzkeuDtFRgggIkFWnFNlAiVC3x4I+4Ni:ltnU7/ZYgE5zNwG9IksFNlApF+48

Score

1^/10

Malware Config

Signatures

Files

WebBrowserBookmarksView.exe
.exe windows x86

c59b2b1e20a14397c43d85c8120f4194

Code Sign

f7:a0:a7:30:c8:7d:94:cd:83:02:e3:ea:7f:66:1b:b7
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

09/09/2023, 23:59

Subject

CN=Nir Sofer,O=Nir Sofer,POSTALCODE=7135117,STREET=Dakar 21\, Unit 82,L=Lod,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:81:6a:23:c2:f8:e7:fe:c1:5c:41:6c:98:34:a4:fa:c0:fe:db:b2:d2:d2:51:2c:01:1e:be:83:5c:b8:32:19
Signer

Actual PE Digest

3e:81:6a:23:c2:f8:e7:fe:c1:5c:41:6c:98:34:a4:fa:c0:fe:db:b2:d2:d2:51:2c:01:1e:be:83:5c:b8:32:19

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
wcsncat
_adjust_fdiv
__p__commode
realloc
labs
abs
strchr
qsort
memmove
_onexit
swscanf
_wcslwr
strlen
wcschr
modf
memcmp
wcstoul
malloc
wcscmp
free
_wcsicmp
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
wcsrchr
__dllonexit
_wcsupr
_beginthreadex
_msize
_endthreadex
wcsncmp
wcslen
_itow
_wcsnicmp
_wtoi
_purecall
wcscpy
memset
wcscat
_snwprintf
__p__fmode
__set_app_type
_controlfp
_except_handler3
strftime
_gmtime64
strcmp

comctl32

ImageList_Create
ord17
ImageList_Add
ImageList_SetImageCount
ImageList_AddMasked
CreateToolbarEx
CreateStatusWindowW
ImageList_ReplaceIcon

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

HeapValidate
InterlockedCompareExchange
HeapCreate
GetFileAttributesA
WaitForSingleObject
LeaveCriticalSection
DeleteFileA
AreFileApisANSI
HeapDestroy
HeapFree
CreateFileMappingA
QueryPerformanceCounter
GetTempPathA
Sleep
GetDiskFreeSpaceW
EnterCriticalSection
HeapAlloc
LockFileEx
GetDiskFreeSpaceA
UnlockFile
FlushViewOfFile
GetFullPathNameW
GetSystemInfo
GetModuleHandleA
GetStartupInfoW
GetSystemTime
SetEndOfFile
InitializeCriticalSection
GetVersionExA
HeapSize
FileTimeToSystemTime
SystemTimeToFileTime
CompareFileTime
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetTickCount
FreeLibrary
MultiByteToWideChar
GetWindowsDirectoryW
WriteFile
GetFileAttributesW
FileTimeToLocalFileTime
FindResourceW
LoadResource
ReadFile
SystemTimeToTzSpecificLocalTime
GetModuleFileNameW
LockResource
CreateFileW
GlobalAlloc
LoadLibraryExW
GetSystemDirectoryW
LocalFree
lstrlenW
WideCharToMultiByte
lstrcpyW
GlobalUnlock
GetCurrentProcess
GetTempPathW
GetDateFormatW
GetLastError
GlobalLock
SizeofResource
GetFileSize
FindNextFileW
FindFirstFileW
FormatMessageW
FindClose
SetFilePointer
GetVersionExW
CloseHandle
GetTimeFormatW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WritePrivateProfileStringW
GetPrivateProfileIntW
EnumResourceNamesW
GetPrivateProfileStringW
GetStdHandle
SetErrorMode
GetCurrentDirectoryW
DeleteFileW
ExpandEnvironmentStringsW
GetCurrentProcessId
ExitProcess
ReadProcessMemory
OpenProcess
EnumResourceTypesW
LockFile
GetFullPathNameA
WaitForSingleObjectEx
OutputDebugStringW
HeapReAlloc
CreateFileA
FlushFileBuffers
UnlockFileEx
GetFileAttributesExW
GetProcessHeap
CreateMutexW
DeleteCriticalSection
GetSystemTimeAsFileTime
HeapCompact
FormatMessageA
GetCurrentThreadId
OutputDebugStringA

user32

SetCapture
ReleaseCapture
MonitorFromWindow
GetMonitorInfoW
RegisterWindowMessageW
GetFocus
RemoveMenu
DrawTextExW
InsertMenuW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
PostQuitMessage
TrackPopupMenu
CreatePopupMenu
GetKeyState
SetCursor
ReleaseDC
LoadCursorW
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
GetDC
DrawFrameControl
GetWindowRect
SetWindowTextW
GetDlgItemInt
InvalidateRect
UpdateWindow
SendMessageW
SetDlgItemTextW
GetDlgItemTextW
EndPaint
GetWindowPlacement
GetSystemMetrics
SetDlgItemInt
DeferWindowPos
BeginPaint
GetClientRect
CreateWindowExW
SetWindowPos
SendDlgItemMessageW
GetWindow
EndDialog
SetWindowLongW
GetDlgItem
PostMessageW
DefWindowProcW
RegisterClassW
TranslateAcceleratorW
MessageBoxW
SetMenu
GetForegroundWindow
LoadAcceleratorsW
LoadIconW
LoadImageW
GetSysColor
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
GetParent
KillTimer
SetTimer
SetClipboardData
OpenClipboard
CloseClipboard
EmptyClipboard
GetMenu
GetSubMenu
EnableMenuItem
GetClassNameW
MoveWindow
InsertMenuItemW
FillRect
CheckMenuItem
GetMenuItemCount
GetMenuStringW
ScreenToClient
GetCursorPos
EnableWindow
MapWindowPoints
CheckMenuRadioItem
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetDesktopWindow
SetMenuItemInfoW

gdi32

StretchBlt
GetStockObject
PatBlt
CreateSolidBrush
SetPixel
GetObjectW
GetPixel
CreateCompatibleBitmap
SetDIBits
DeleteDC
SelectObject
CreateCompatibleDC
DeleteObject
SetTextColor
CreateFontIndirectW
GetDeviceCaps
SetBkMode
GetTextExtentPoint32W
SetBkColor
SetStretchBltMode

comdlg32

FindTextW
GetSaveFileNameW
ChooseFontW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c59b2b1e20a14397c43d85c8120f4194

Code Sign

f7:a0:a7:30:c8:7d:94:cd:83:02:e3:ea:7f:66:1b:b7Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

3e:81:6a:23:c2:f8:e7:fe:c1:5c:41:6c:98:34:a4:fa:c0:fe:db:b2:d2:d2:51:2c:01:1e:be:83:5c:b8:32:19Signer

Headers

File Characteristics

Imports

msvcrt

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 270KB - Virtual size: 270KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 24KB - Virtual size: 24KB

f7:a0:a7:30:c8:7d:94:cd:83:02:e3:ea:7f:66:1b:b7
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

3e:81:6a:23:c2:f8:e7:fe:c1:5c:41:6c:98:34:a4:fa:c0:fe:db:b2:d2:d2:51:2c:01:1e:be:83:5c:b8:32:19
Signer

.text
Size: 270KB - Virtual size: 270KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 24KB - Virtual size: 24KB