39d4d53215f3a1a815b9873982c06a7ef60f704f90b9c5d2ba07c66fa1683bae

Sharing

Copy URL Twitter E-mail

General

Target

39d4d53215f3a1a815b9873982c06a7ef60f704f90b9c5d2ba07c66fa1683bae
Size

420KB
MD5

61e15978f0c49e7059740a1f392cd02c
SHA1

2e55f4acd70117357a797dced65a5b57f9221198
SHA256

39d4d53215f3a1a815b9873982c06a7ef60f704f90b9c5d2ba07c66fa1683bae
SHA512

efea422184d80905f50b3f4c342753241daa1188c3ad152616267c72f33a9f3e57484e9908fd607f7164f88b094b96a0f5f07c5d9eb3f41dfb1941e9345315c5
SSDEEP

12288:KaCHeJwnOB8oF6jk56PoF6PYZb2poXSN+qi1lGF8/eNv4kaPwo9DZpTzDafwZBji:CEmcPwo9ZpTzuf0rEH7P

Score

1^/10

Malware Config

Signatures

Files

39d4d53215f3a1a815b9873982c06a7ef60f704f90b9c5d2ba07c66fa1683bae
.dll windows:5 windows x86

99f45c8ac8c1c73089d9ebe6f445f21a

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

55:62:2a:dd:81:47:77:b2:1b:1a:1d:31
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

06/01/2023, 06:40

Not After

06/01/2026, 06:40

Subject

CN=Shenzhen Aidapu Network Technology Co.\,Ltd.,O=Shenzhen Aidapu Network Technology Co.\,Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2f:00:ab:83:67:21:b4:26:53:0e:97:43:99:95:f5:e8:3f:06:6f:8e
Signer

Actual PE Digest

2f:00:ab:83:67:21:b4:26:53:0e:97:43:99:95:f5:e8:3f:06:6f:8e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
CreateFileW
GetFileSizeEx
CloseHandle
WaitForSingleObject
InitializeCriticalSection
Sleep
LeaveCriticalSection
CreateSemaphoreA
InterlockedExchange
EnterCriticalSection
DeleteCriticalSection
CreateThread
FindFirstFileW
FindClose
FindNextFileW
CreateFileA
CreateEventA
GetOverlappedResult
ResetEvent
LocalAlloc
DeviceIoControl
CancelIo
LocalFree
CreateProcessW
GetCurrentProcess
CreateDirectoryW
GetModuleFileNameW
CreateDirectoryA
GetLastError
GetProcAddress
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
GetDiskFreeSpaceExW
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
CreateMutexW
OpenMutexW
CopyFileW
Process32First
Process32Next
CreateToolhelp32Snapshot
ExitProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
DecodePointer
EncodePointer
IsProcessorFeaturePresent

shell32

SHGetSpecialFolderPathA

msvcr100

wcstombs_s
_set_errno
strrchr
mbstowcs_s
realloc
_time64
sprintf
rewind
fopen
fread
rand
srand
fwrite
toupper
ftell
fseek
fclose
strncmp
sscanf
_stricmp
_ftelli64
_vsnprintf_s
strstr
strchr
_fseeki64
strtol
strtoul
getenv
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
??3@YAXPAX@Z
??2@YAPAXI@Z
strerror
_wfopen
_errno
sprintf_s
_strtoui64
wcsncpy
fprintf
vsprintf_s
printf
vfprintf
strcspn
_vsnwprintf_s
fflush
_wremove
calloc
_snwprintf
_wstat64i32
_wtempnam
wcsrchr
wcsstr
_waccess
_wunlink
_wrename
_stat64i32
feof
_fstat64i32
atoi
_wcsdup
tolower
perror
_vsnprintf
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
strncpy
_snprintf
__iob_func
wcscpy_s
strcpy_s
_strdup
_fileno
malloc
memset
memcpy
_CxxThrowException
__CxxFrameHandler3
free

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

ws2_32

WSAGetLastError
shutdown
setsockopt
recv
socket
gethostbyname
send
connect
WSAStartup
htons
closesocket
select

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA

shlwapi

PathRemoveFileSpecW
PathGetDriveNumberW
PathFileExistsW
PathRemoveFileSpecA
PathIsDirectoryW

libplist2

plist_get_string_val
plist_dict_set_item
plist_new_data
plist_from_bin
plist_new_string
plist_from_xml
plist_to_bin
plist_get_data_val
plist_compare_node_value
plist_is_binary
plist_dict_merge
plist_set_uint_val
plist_get_node_type
plist_get_data_ptr
plist_dict_get_size
plist_get_string_ptr
plist_dict_remove_item
plist_access_path
plist_new_bool
plist_new_dict
plist_new_uint
plist_new_array
plist_free
plist_array_append_item
plist_copy
plist_get_bool_val
plist_get_uint_val
plist_to_xml
plist_dict_new_iter
plist_dict_next_item
plist_array_get_item
plist_array_insert_item
plist_array_get_size
plist_dict_get_item

libssl-1_1

SSL_shutdown
SSL_CTX_new
SSL_write
SSL_free
SSL_CTX_free
SSL_read
SSL_set_connect_state
SSL_set_verify
SSL_CTX_use_RSAPrivateKey
SSL_set_bio
SSL_do_handshake
TLS_method
SSL_CTX_use_certificate
SSL_new

libcrypto-1_1

BIO_s_mem
SHA384
SHA1_Init
SHA1
PEM_read_bio_RSAPrivateKey
BIO_int_ctrl
PEM_read_bio_X509
RSA_free
BIO_s_socket
X509_set1_notBefore
X509_set1_notAfter
PEM_read_bio_RSAPublicKey
ASN1_INTEGER_new
ASN1_INTEGER_free
X509_set_serialNumber
EVP_PKEY_free
RSA_new
ASN1_TIME_new
X509_set_version
X509_free
BIO_ctrl
EVP_PKEY_new
BIO_new
BN_new
ASN1_TIME_free
X509_set_pubkey
X509_new
X509_sign
ASN1_TIME_set
BIO_new_mem_buf
PEM_write_bio_X509
X509_add_ext
X509_EXTENSION_free
ASN1_INTEGER_set
BN_free
BIO_free
EVP_sha1
X509V3_EXT_conf_nid
RSA_generate_key_ex
EVP_PKEY_assign
X509V3_set_ctx
X509V3_EXT_cleanup
PEM_write_bio_PrivateKey
BN_set_word

libcurl

curl_slist_append
curl_easy_init
curl_easy_cleanup
curl_easy_perform
curl_easy_setopt
curl_slist_free_all

libzip

zip_get_name
zip_delete
zip_get_num_files
zip_replace
zip_add
zip_discard
zip_strerror
zip_dir_add
zip_source_buffer
zip_file_add
zip_get_num_entries
zip_fclose
zip_open_w
zip_stat_init
zip_close
zip_name_locate
zip_file_get_external_attributes
zip_unchange_all
zip_fread
zip_fopen_index
zip_source_free
zip_stat_index

Exports

Exports

ios_exit_recovery_mode
ios_get_normal_mode_descriptor
ios_get_product_type
ios_is_libusb_standalone_driver
ios_is_open_quicktime_driver
ios_restore
ios_rqshsh
ios_setup_more_device
ios_show_preflash_text
setup_curl_agent_name

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99f45c8ac8c1c73089d9ebe6f445f21a

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

55:62:2a:dd:81:47:77:b2:1b:1a:1d:31Certificate

Extended Key Usages

Key Usages

2f:00:ab:83:67:21:b4:26:53:0e:97:43:99:95:f5:e8:3f:06:6f:8eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcr100

msvcp100

ws2_32

setupapi

shlwapi

libplist2

libssl-1_1

libcrypto-1_1

libcurl

libzip

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 9KB - Virtual size: 19KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 23KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

55:62:2a:dd:81:47:77:b2:1b:1a:1d:31
Certificate

2f:00:ab:83:67:21:b4:26:53:0e:97:43:99:95:f5:e8:3f:06:6f:8e
Signer

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 9KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 23KB