40e45a1b5d1493e4adbddc41248eeb0d[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

40e45a1b5d1493e4adbddc41248eeb0d.bin
Size

1.9MB
MD5

07790eb49d5d284742e563b4d62686e5
SHA1

51867a5039edaf6b43c42970a52aa3456888cca0
SHA256

2a1cfc741e0748e28685a55cd71ad4d1ba98081141d4e35eed2249d0da4f79fd
SHA512

f8e40b4a8a6267cc79224130d250fe5596c941772ddb880859bf30ac32fc77550015a405d27a5e811f570b5f420c932f8d8db85696b26b61763cbb9df4fcaebc
SSDEEP

49152:hU6WmNn3avT4tSAjkUIW7Ku4F0mVyDQsofS89I4:FWmNn1S8D4F0mVTVP

Score

1^/10

Malware Config

Signatures

Files

40e45a1b5d1493e4adbddc41248eeb0d.bin
.zip

Password: infected
dc287b1f38dfd32bdd479048022dba205674c378882867499ae216cbd251f6f5.bin
.exe windows:6 windows x86

9265e489704b48c0bec7e0ca7b68c219

Code Sign

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7f
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-05-2021 15:43

Not After

07-11-2030 16:13

Subject

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2b
Certificate

Issuer

CN=Entrust Code Signing Root Certification Authority - CSBR1,O=Entrust\, Inc.,C=US

Not Before

07-05-2021 19:19

Not After

29-12-2040 23:59

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:ce:c0:5a:d0:28:f4:e8:a4:d7:73:9f:2d:fa:4c:6c
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS2,O=Entrust\, Inc.,C=US

Not Before

28-12-2022 22:16

Not After

28-12-2023 22:16

Subject

SERIALNUMBER=1242287,CN=Mack Digital Marking\, LLC,O=Mack Digital Marking\, LLC,L=Louisville,ST=Kentucky,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13084b656e7475636b79,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:80:07:c0:b9:ae:9f:7b:97:de:c9:dd:93:1d:72:9e:fc:84:73:68:37:cf:97:44:12:e2:fb:b5:00:4e:83:75
Signer

Actual PE Digest

ba:80:07:c0:b9:ae:9f:7b:97:de:c9:dd:93:1d:72:9e:fc:84:73:68:37:cf:97:44:12:e2:fb:b5:00:4e:83:75

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ImageList_DragEnter
ImageList_SetIconSize
ImageList_DragMove
ImageList_Draw
ImageList_SetBkColor
FlatSB_GetScrollPos
ImageList_Write
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
ImageList_DrawIndirect
ImageList_Read
FlatSB_GetScrollInfo
ImageList_BeginDrag
ImageList_EndDrag
ImageList_Remove
ImageList_Create
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_SetImageCount
FlatSB_SetScrollPos
ImageList_Add
InitializeFlatSB
ImageList_DrawEx
ImageList_Destroy
ImageList_GetDragImage
ImageList_DragLeave

shell32

SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW
SHAppBarMessage

user32

SetClipboardData
GetMenuItemID
GetMenuItemCount
DefMDIChildProcW
WaitMessage
CloseClipboard
SetActiveWindow
GetForegroundWindow
IsWindowEnabled
PostMessageW
MapWindowPoints
DrawFocusRect
AdjustWindowRectEx
DrawMenuBar
SetScrollPos
CallNextHookEx
DrawEdge
LoadBitmapW
EnableWindow
InsertMenuW
EndMenu
IsWindow
ScreenToClient
GetKeyboardLayout
DrawTextExW
RemoveMenu
GetMonitorInfoW
EnableScrollBar
UnregisterClassW
SetWindowsHookExW
GetMenuItemInfoW
GetSysColorBrush
DestroyCursor
ReleaseCapture
SetCursor
MapVirtualKeyW
DefWindowProcW
PostQuitMessage
DispatchMessageA
ScrollWindow
GetClassNameW
LoadKeyboardLayoutW
SendMessageA
ShowOwnedPopups
SetWindowTextW
IsWindowUnicode
ReleaseDC
GetClassInfoW
GetWindowLongW
IsClipboardFormatAvailable
GetWindow
GetDlgCtrlID
GetClientRect
EmptyClipboard
PeekMessageA
RegisterClassW
IsChild
MessageBoxW
GetDesktopWindow
CallWindowProcW
IsDialogMessageA
InflateRect
CharNextW
RegisterWindowMessageW
MessageBeep
RemovePropW
GetClipboardData
CharUpperBuffW
TranslateMDISysAccel
CharLowerW
GetMessageExtraInfo
GetWindowRect
DeleteMenu
MonitorFromPoint
LoadCursorW
GetScrollPos
ShowWindow
GetWindowTextW
SetTimer
GetMenu
TranslateMessage
GetKeyboardState
MonitorFromWindow
GetScrollInfo
SetWindowPlacement
SetCapture
ShowCaret
SetWindowPos
CopyImage
SetPropW
GetMenuState
SetScrollRange
GetMessagePos
FindWindowW
DestroyMenu
DispatchMessageW
EnumWindows
SystemParametersInfoW
InsertMenuItemW
ShowScrollBar
DefFrameProcW
SetParent
GetDC
SetForegroundWindow
GetUpdateRect
GetCapture
GetLastActivePopup
DrawFrameControl
GetComboBoxInfo
SetWindowRgn
SetFocus
SetScrollInfo
SwitchToThisWindow
CharLowerBuffW
CreateIcon
IsWindowVisible
GetClassLongW
LoadStringW
BeginPaint
OffsetRect
CreateMenu
CheckMenuItem
GetKeyNameTextW
SetRect
GetPropW
GetIconInfo
GetWindowDC
GetDCEx
SetCursorPos
GetScrollRange
TrackPopupMenu
FrameRect
GetKeyState
GetFocus
IsDialogMessageW
GetTopWindow
CharUpperW
DestroyIcon
IsZoomed
GetSubMenu
GetWindowPlacement
UpdateWindow
FillRect
CreateWindowExW
DrawIconEx
RedrawWindow
RegisterClipboardFormatW
SetMenu
ActivateKeyboardLayout
GetClassInfoExW
InvalidateRect
ClientToScreen
EnableMenuItem
CreateIconIndirect
EnumDisplayMonitors
GetActiveWindow
GetMenuItemRect
IsIconic
HideCaret
GetSysColor
EnumClipboardFormats
LoadIconW
UnhookWindowsHookEx
PeekMessageW
GetCursor
DestroyWindow
GetSystemMenu
GetDlgItem
SendMessageW
GetKeyboardLayoutList
DrawTextW
ValidateRect
MsgWaitForMultipleObjects
EnumChildWindows
MsgWaitForMultipleObjectsEx
DrawIcon
OpenClipboard
GetMenuStringW
GetSystemMetrics
SetMenuItemInfoW
GetKeyboardLayoutNameW
EndPaint
GetParent
SetWindowLongW
WindowFromPoint
SetClassLongW
KillTimer
FindWindowExW
IsRectEmpty
CreatePopupMenu
PtInRect
GetCursorPos
GetWindowThreadProcessId
EnumThreadWindows

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleaut32

GetErrorInfo
VariantClear
VariantCopy
SafeArrayGetLBound
SafeArrayCreate
SafeArrayGetUBound
SysAllocStringLen
SafeArrayPtrOfIndex
VariantInit
SysFreeString
VariantChangeType
SysReAllocStringLen

advapi32

RegCloseKey
QueryServiceStatus
OpenProcessToken
GetUserNameW
OpenSCManagerW
RegQueryInfoKeyW
RegFlushKey
LookupPrivilegeValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
OpenServiceW
AdjustTokenPrivileges
RegEnumValueW

msvcrt

memcpy
memset

winhttp

WinHttpQueryHeaders
WinHttpSetCredentials
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpQueryAuthSchemes
WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpConnect
WinHttpSetStatusCallback
WinHttpQueryOption
WinHttpSetTimeouts
WinHttpWriteData
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpSetOption

kernel32

LoadLibraryA
CreateEventW
GetDiskFreeSpaceW
VerifyVersionInfoW
FindNextFileW
SwitchToThread
GetStdHandle
CreateDirectoryW
GetModuleHandleW
FormatMessageW
GetEnvironmentVariableW
HeapCreate
GetLocalTime
VerSetConditionMask
GlobalFree
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetCurrentProcess
QueryPerformanceFrequency
SetThreadLocale
SetFilePointer
RtlUnwind
ExitProcess
LCMapStringW
QueryPerformanceCounter
lstrlenW
ResetEvent
IsDebuggerPresent
FreeResource
GetFullPathNameW
GetFileAttributesW
GetCurrentThreadId
CreateThread
FreeLibrary
LockResource
TlsSetValue
GetThreadLocale
GetCPInfo
RaiseException
HeapFree
LocalFree
MulDiv
GetSystemInfo
GetTickCount
WideCharToMultiByte
VirtualFree
SetLastError
CreateProcessW
GetComputerNameW
GetTempPathW
GetLastError
GlobalAddAtomW
SetThreadPriority
FindFirstFileW
SizeofResource
GetUserDefaultUILanguage
TerminateThread
VirtualAlloc
GetExitCodeThread
GetStartupInfoW
SuspendThread
GetFileSize
ReadFile
CreateMutexW
SetErrorMode
DeleteCriticalSection
GetCurrentThread
VirtualQueryEx
GetDateFormatW
GetACP
HeapAlloc
VirtualQuery
GetProcessHeap
ResumeThread
GlobalDeleteAtom
GetTimeZoneInformation
GetVersion
DeviceIoControl
WaitForSingleObject
MoveFileW
Sleep
FindClose
LoadLibraryW
GlobalAlloc
EnumResourceNamesW
EnterCriticalSection
GetDriveTypeW
LocalAlloc
WriteFile
GetCPInfoExW
GlobalSize
IsValidLocale
HeapDestroy
GetSystemDefaultUILanguage
SetEndOfFile
GlobalLock
TlsGetValue
UnhandledExceptionFilter
GetLocaleInfoW
CloseHandle
GetModuleFileNameW
LoadLibraryExW
CompareStringW
FileTimeToSystemTime
GlobalHandle
ExitThread
CreateFileW
GetVersionExW
GlobalUnlock
LoadResource
WaitForMultipleObjectsEx
GetCurrentProcessId
GetCommandLineW
EnumCalendarInfoW
FindResourceW
SetEvent
GlobalFindAtomW
GetThreadPriority

ole32

IsEqualGUID
OleInitialize
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
OleUninitialize
CoTaskMemFree

gdi32

Chord
RestoreDC
LineTo
CreateDIBitmap
GetTextExtentPointW
GetTextColor
PolyBezierTo
SetWindowOrgEx
ArcTo
GetStretchBltMode
GetEnhMetaFileHeader
ExtFloodFill
CreateCompatibleBitmap
GdiFlush
CreateDIBSection
Pie
GetBkMode
Arc
SetViewportOrgEx
GetRgnBox
GetPixel
CombineRgn
SetDIBColorTable
Polyline
GetClipBox
UnrealizeObject
GetPaletteEntries
SetEnhMetaFileBits
SelectPalette
SetBkMode
SetTextColor
GetCurrentPositionEx
GetStockObject
CreateHalftonePalette
PlayEnhMetaFile
StretchBlt
CreateRectRgn
SetWinMetaFileBits
SetBkColor
SelectObject
IntersectClipRect
CopyEnhMetaFileW
CreatePalette
GetWinMetaFileBits
SetStretchBltMode
GetSystemPaletteEntries
GetDIBColorTable
CreateBrushIndirect
RoundRect
DeleteDC
CreatePenIndirect
ExtTextOutW
GetTextMetricsW
SetDIBits
CreateBitmap
PatBlt
CreateSolidBrush
GetViewportOrgEx
CreateFontIndirectW
ExtCreateRegion
CreateCompatibleDC
SetBrushOrgEx
GetTextExtentPoint32W
FrameRgn
Polygon
BitBlt
GetEnhMetaFileDescriptionW
SetPixel
ExcludeClipRect
AngleArc
GetObjectW
SetROP2
PolyBezier
RectVisible
GetCurrentObject
Rectangle
MoveToEx
GetBrushOrgEx
GetBitmapBits
Ellipse
SetDCPenColor
CreateRoundRectRgn
GetDIBits
GetEnhMetaFilePaletteEntries
GetWindowOrgEx
SaveDC
GetNearestPaletteIndex
SetGraphicsMode
EnumFontFamiliesExW
DeleteEnhMetaFile
GetEnhMetaFileBits
MaskBlt
SetRectRgn
DeleteObject
RealizePalette
GetDeviceCaps
SetWorldTransform

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 485KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 106KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

9265e489704b48c0bec7e0ca7b68c219

Code Sign

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7fCertificate

Extended Key Usages

Key Usages

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2bCertificate

Extended Key Usages

Key Usages

49:ce:c0:5a:d0:28:f4:e8:a4:d7:73:9f:2d:fa:4c:6cCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

ba:80:07:c0:b9:ae:9f:7b:97:de:c9:dd:93:1d:72:9e:fc:84:73:68:37:cf:97:44:12:e2:fb:b5:00:4e:83:75Signer

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

shell32

user32

version

oleaut32

advapi32

msvcrt

winhttp

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.itext Size: 13KB - Virtual size: 12KB

.data Size: 485KB - Virtual size: 484KB

.bss Size: - Virtual size: 106KB

.idata Size: 13KB - Virtual size: 13KB

.didata Size: 4KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 108B

.tls Size: - Virtual size: 88B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 283KB - Virtual size: 283KB

.rsrc Size: 321KB - Virtual size: 321KB

4e:40:e4:37:54:ed:e6:8c:00:00:00:00:51:d3:94:7f
Certificate

35:af:b7:7b:9d:34:1f:6a:fc:8f:84:46:ab:31:35:2b
Certificate

49:ce:c0:5a:d0:28:f4:e8:a4:d7:73:9f:2d:fa:4c:6c
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ba:80:07:c0:b9:ae:9f:7b:97:de:c9:dd:93:1d:72:9e:fc:84:73:68:37:cf:97:44:12:e2:fb:b5:00:4e:83:75
Signer

.text
Size: 2.9MB - Virtual size: 2.9MB

.itext
Size: 13KB - Virtual size: 12KB

.data
Size: 485KB - Virtual size: 484KB

.bss
Size: - Virtual size: 106KB

.idata
Size: 13KB - Virtual size: 13KB

.didata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 108B

.tls
Size: - Virtual size: 88B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 283KB - Virtual size: 283KB

.rsrc
Size: 321KB - Virtual size: 321KB