TriDefIgnition 7[.]4[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

TriDefIgnition 7.4.exe
Size

5.3MB
MD5

02b6e91bc72b940e720b6f7cb0ae7fd1
SHA1

24eebe11d324e7074cbb281df54c8100971f9469
SHA256

d36daa6fc7ce873e15ed2d875c956e7d1ad79420b47aa50f6ad89f57bdf6cf90
SHA512

ba1e232075db39abd0aceff9fc3e70c438f7614a05774e9cb88b9977eee3d4a36047e85142f7fb22581353bf2c04b4746a5d51c5ad9d4f4c55708930ef4d3a2a
SSDEEP

49152:8PI0p0QptefutrBcXL5oXfX/oo9pM+KlxX+Eb8dcxO8uqPKmRXHTT06IfovokeZP:w3W9InoOi+aXJRXHk

Score

1^/10

Malware Config

Signatures

Files

TriDefIgnition 7.4.exe
.exe windows x86

4d55ca6b1beb415a72c8ee9105f75c9c

Code Sign

0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:19:fc:62:66:e1:aa:4c:61:be:db:c0:34:0a:07:26
Certificate

Issuer

CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/10/2016, 00:00

Not After

04/12/2019, 12:00

Subject

CN=Dynamic Digital Depth Australia Pty Ltd,O=Dynamic Digital Depth Australia Pty Ltd,L=West Perth,ST=Western Australia,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:f2:1a:2a:da:ac:2e:36:c6:71:0f:d0:06:5c:9b:fd:50:6a:19:8e
Signer

Actual PE Digest

46:f2:1a:2a:da:ac:2e:36:c6:71:0f:d0:06:5c:9b:fd:50:6a:19:8e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VarBstrFromCy
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

shlwapi

PathCreateFromUrlW
SHCopyKeyW
SHDeleteKeyW

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryExA
VirtualQuery
ResumeThread
SetLastError
GetProcessId
ExitProcess
VirtualQueryEx
VirtualProtectEx
SetEvent
GetShortPathNameW
CopyFileW
GetLongPathNameW
GetVersionExA
CreateFileA
QueryDosDeviceA
DefineDosDeviceA
DeviceIoControl
VerifyVersionInfoW
VerSetConditionMask
SetFilePointerEx
WriteFile
MoveFileExW
DeleteFileW
GetFileAttributesW
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
IsBadReadPtr
LoadLibraryA
GetProcessHeap
HeapFree
HeapAlloc
VirtualProtect
VirtualFree
VirtualAlloc
EnumResourceNamesW
SetFilePointer
MulDiv
LocalFree
LocalUnlock
LocalLock
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleHandleExW
WriteProcessMemory
ReadProcessMemory
CreateRemoteThread
TerminateProcess
GetCurrentProcess
OpenProcess
VirtualFreeEx
VirtualAllocEx
FindNextFileW
FindFirstFileW
CreateFileW
GetTempFileNameW
GetTempPathW
GetDriveTypeW
GetLogicalDriveStringsW
FindClose
ReadFile
FindResourceW
LoadLibraryExW
SizeofResource
LoadResource
SetErrorMode
LockResource
GetModuleHandleW
ExpandEnvironmentStringsW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetComputerNameExW
GetModuleHandleA
CreateProcessW
Sleep
GetExitCodeProcess
GetCurrentProcessId
OutputDebugStringW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
GetUserDefaultUILanguage
GetVersionExW
GetFullPathNameW
lstrcmpiW
SetEndOfFile
SetEnvironmentVariableA
GetFileInformationByHandle
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
EnumSystemLocalesW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTimeZoneInformation
GetConsoleCP
ReadConsoleW
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsDebuggerPresent
IsProcessorFeaturePresent
FindFirstFileExW
HeapReAlloc
GetCommandLineA
RtlUnwind
GetStringTypeW
DecodePointer
EncodePointer
InterlockedExchange
IsBadStringPtrA
QueryPerformanceFrequency
QueryPerformanceCounter
SetEnvironmentVariableW
GetEnvironmentVariableW
GetModuleFileNameW
LoadLibraryW
CreateSemaphoreW
CreateEventW
CloseHandle
WaitForSingleObject
GetLastError
GetBinaryTypeW
FreeLibrary
HeapSize
GlobalSize
PeekNamedPipe
WaitForMultipleObjects
CreateThread
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
SetThreadPriority
TerminateThread
GetExitCodeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateMutexW
GetFileType
GlobalFree
FormatMessageW
GetCommandLineW
GetStdHandle
ReadConsoleOutputCharacterA
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
FreeConsole
WriteConsoleA
WriteConsoleW
IsValidCodePage
GetCPInfo
RaiseException
GetCurrentThread
GetACP
GetLocaleInfoW
IsValidLocale
ExitThread

user32

GetWindowTextW
DestroyIcon
ReleaseDC
GetDC
SetForegroundWindow
UpdateWindow
SetMenuItemInfoW
ShowWindow
GetKeyState
RegisterHotKey
UnregisterHotKey
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
CreateWindowExW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetFocus
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
IsWindowEnabled
GetMenuItemCount
TrackPopupMenu
GetMenuItemInfoW
GetUpdateRgn
ScrollWindow
EnableScrollBar
SetCursorPos
SetCursor
GetCursorPos
ClientToScreen
MapWindowPoints
WindowFromPoint
ChildWindowFromPointEx
InflateRect
PtInRect
SetParent
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
PostThreadMessageW
LoadBitmapW
GetWindowTextLengthW
CreateDialogParamW
SetWindowRgn
RegisterClassW
UnregisterClassW
MonitorFromRect
GetWindowPlacement
IsIconic
BringWindowToTop
IsZoomed
DrawMenuBar
GetDesktopWindow
CreateIconIndirect
DrawFocusRect
CopyRect
OffsetRect
HideCaret
ChildWindowFromPoint
SetMenu
MsgWaitForMultipleObjects
LoadCursorW
DrawEdge
DrawFrameControl
GetMenuState
CheckMenuItem
DrawStateW
GetSysColorBrush
CheckMenuRadioItem
CreateMenu
CreatePopupMenu
DestroyMenu
GetSubMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
InsertMenuItemW
GetDoubleClickTime
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
DestroyCursor
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
DrawIconEx
GetMessageW
ValidateRect
GetWindowDC
UnionRect
GetClassInfoW
FindWindowExW
RegisterClipboardFormatW
GetClipboardFormatNameW
ValidateRgn
IsClipboardFormatAvailable
wsprintfW
AdjustWindowRectEx
ShowCursor
MessageBoxA
GetMonitorInfoW
EnumDisplayMonitors
CharLowerW
keybd_event
LoadImageW
FlashWindow
InvalidateRect
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
wsprintfA
GetShellWindow
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsW
GetIconInfo
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
PrivateExtractIconsW
SystemParametersInfoW
WinHelpW
IsDialogMessageW
LoadStringW
LoadIconW
GetWindow
GetLastActivePopup
GetParent
SetWindowLongW
GetWindowLongW
SetRect
FillRect
GetSysColor
ScreenToClient
MessageBeep
SetWindowTextW
RedrawWindow
EndPaint
BeginPaint
DrawTextW
DrawIcon
EnableMenuItem
GetSystemMenu
EnableWindow
KillTimer
SetTimer
GetAsyncKeyState
GetActiveWindow
SetFocus
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDialogBaseUnits
CheckDlgButton
GetDlgItem
CreateDialogIndirectParamW
SetWindowPos
MoveWindow
DestroyWindow
IsWindow
PostQuitMessage
WaitMessage
PostMessageW
SendMessageW
TranslateMessage
GetClientRect
GetSystemMetrics
VkKeyScanW
IsWindowVisible
PeekMessageW
DispatchMessageW
GetWindowThreadProcessId
GetClassNameW
MessageBoxW
GetWindowRect

gdi32

GetObjectW
GetDIBits
CreateCompatibleDC
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32W
DeleteObject
CreateRectRgn
CreateSolidBrush
CreateFontIndirectW
CreateDCW
GetDeviceCaps
GetTextMetricsW
SetBrushOrgEx
GdiFlush
LineTo
MoveToEx
GetOutlineTextMetricsW
ExtCreateRegion
GetRegionData
OffsetRgn
SetBkMode
BitBlt
CreateBitmap
CreateCompatibleBitmap
CreatePen
CreateICW
GetStockObject
CombineRgn
CreateRectRgnIndirect
RectInRegion
SelectClipRgn
SetTextAlign
StretchBlt
EqualRgn
GetRgnBox
PtInRegion
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
Arc
Ellipse
ExtFloodFill
GetBkColor
GetClipBox
GetPixel
MaskBlt
Pie
PolyPolygon
Rectangle
RoundRect
ExtSelectClipRgn
SetMapMode
SetPixel
SetPolyFillMode
StretchDIBits
SetROP2
SetStretchBltMode
ExtTextOutW
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
GetCharABCWidthsW
GetTextExtentExPointW
CreatePatternBrush
CreateHatchBrush
ExtCreatePen
CreateDIBitmap
CreateDIBSection
GetDIBColorTable
EnumFontFamiliesExW
ExcludeClipRect
RealizePalette
SelectPalette
DeleteDC
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetSystemPaletteEntries
EndPage
StartPage
EndDoc
StartDocW
SetAbortProc

advapi32

QueryServiceStatus
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
OpenProcessToken
StartServiceA
DuplicateTokenEx
RegDeleteKeyW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
GetTokenInformation
GetUserNameW
CloseServiceHandle
OpenSCManagerA
OpenServiceA

shell32

SHGetFileInfoW
ExtractIconExW
ExtractIconW
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
ShellExecuteExW
SHGetMalloc
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DuplicateIcon
SHSetLocalizedName
CommandLineToArgvW

ole32

RevokeDragDrop
OleInitialize
OleUninitialize
PropVariantClear
RegisterDragDrop
CoTaskMemAlloc
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoCreateGuid
ReleaseStgMedium
CoSetProxyBlanket
CoLockObjectExternal
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

d3d9

Direct3DCreate9

winhttp

WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpReceiveResponse
WinHttpOpenRequest

rpcrt4

UuidToStringW
RpcStringFreeW

comctl32

ImageList_SetDragCursorImage
ImageList_GetImageCount
ImageList_Draw
ord17
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Replace
ImageList_Remove
ImageList_GetIcon
ord16
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_GetIconSize

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

PrintDlgW
ChooseFontW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW

crypt32

CertGetCertificateChain
CertGetNameStringW
CertFreeCertificateChain

wintrust

WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WinVerifyTrust

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d55ca6b1beb415a72c8ee9105f75c9c

Code Sign

0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9Certificate

Extended Key Usages

Key Usages

0c:19:fc:62:66:e1:aa:4c:61:be:db:c0:34:0a:07:26Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

46:f2:1a:2a:da:ac:2e:36:c6:71:0f:d0:06:5c:9b:fd:50:6a:19:8eSigner

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

version

d3d9

winhttp

rpcrt4

comctl32

winspool.drv

comdlg32

crypt32

wintrust

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 80KB - Virtual size: 305KB

.tls Size: 512B - Virtual size: 13B

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 525KB - Virtual size: 524KB

0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9
Certificate

0c:19:fc:62:66:e1:aa:4c:61:be:db:c0:34:0a:07:26
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

46:f2:1a:2a:da:ac:2e:36:c6:71:0f:d0:06:5c:9b:fd:50:6a:19:8e
Signer

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 80KB - Virtual size: 305KB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 525KB - Virtual size: 524KB