700dcfe5b23e56829c2c625ce9651e916582cb3e4a7d7ddb09eecdbabd1ac7a3

Sharing

Copy URL

Twitter E-mail

General

Target

700dcfe5b23e56829c2c625ce9651e916582cb3e4a7d7ddb09eecdbabd1ac7a3
Size

785KB
MD5

60e7ea5983513e8a4f54f70b16d0cad0
SHA1

609b97eaf4390e3ba320b1a6a3ecc2f82beb94c6
SHA256

700dcfe5b23e56829c2c625ce9651e916582cb3e4a7d7ddb09eecdbabd1ac7a3
SHA512

66748551433658235be07c790a837d5bb78c7e6a3c8a338187dd6051b73f74c56b2b3cf78af8a68f873ef7f9fb9f460aba6727aaadf9da3a40530cb07760bb90
SSDEEP

24576:SIJ9IY3qBss7xaiWEkr9QJjmXE+6o0xrEH7z:5uD7siWEkr9tE+6+

Score

1^/10

Malware Config

Signatures

Files

700dcfe5b23e56829c2c625ce9651e916582cb3e4a7d7ddb09eecdbabd1ac7a3
.exe windows:5 windows x86

18847fd5ec2a4fec862eea659987da37

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29-10-2015 11:30

Not After

09-06-2027 11:30

Subject

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:1a:d7:f3:8c:1e:fa:c6:01:be:a4:3a:b2:a2:ef:aa
Certificate

Issuer

CN=Certum Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

08-12-2020 08:08

Not After

08-12-2023 08:08

Subject

CN=Xing Wang,O=Xing Wang,L=Shanghai,C=CN,1.2.840.113549.1.9.1=#0c1277786865726540686f746d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

19-05-2021 05:42

Not After

18-05-2032 05:42

Subject

CN=Certum Timestamp 2021,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:9d:4d:39:2f:9d:40:0a:b2:2b:c9:4e:55:96:a6:4d:40:81:d4:75:da:7d:e7:d0:66:3f:3f:a8:04:a0:a2:0c
Signer

Actual PE Digest

60:9d:4d:39:2f:9d:40:0a:b2:2b:c9:4e:55:96:a6:4d:40:81:d4:75:da:7d:e7:d0:66:3f:3f:a8:04:a0:a2:0c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetModuleHandleW
GetLastError
CreateMutexW
GetProcAddress
LoadLibraryW
GetSystemDefaultLangID
GetCommandLineW
WriteConsoleW
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
CreateEventA
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetFileType
SetConsoleCtrlHandler
GetACP
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
InterlockedPushEntrySList
RtlUnwind
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
WritePrivateProfileStringW
GetPrivateProfileStringW
MulDiv
GlobalFree
CloseHandle
GlobalAlloc
FindFirstFileExW
SetEvent
OutputDebugStringW
CreateProcessW
lstrlenA
InitializeCriticalSection
DebugBreak
CreateThread
GetExitCodeProcess
InterlockedIncrement
lstrlenW
RaiseException
InterlockedDecrement
GetStartupInfoW
GetVersionExW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObjectEx
GetFileAttributesW
SetLastError
GetShortPathNameW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
LocalFree
FormatMessageW
FormatMessageA
GetProcessHeap
HeapFree
HeapAlloc
FreeLibrary
GetSystemInfo
GlobalMemoryStatus
GetCurrentProcess
WaitForSingleObject
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
ReleaseSemaphore
CreateFileW
ReadFile
WriteFile
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileSize
GetFileInformationByHandle
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc
VirtualFree
GetCurrentThread
SetThreadPriority
Sleep
TerminateProcess
IsDebuggerPresent
GetModuleHandleA
GetCurrentProcessId
GetStringTypeW
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
CreateDirectoryW
DeleteFileW
GetFileAttributesExW
RemoveDirectoryW
SetFilePointerEx
DeviceIoControl
FindClose
FindNextFileW
AreFileApisANSI
ResetEvent
WaitForMultipleObjectsEx
OpenEventA
SetWaitableTimer
ResumeThread
CreateWaitableTimerA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead

user32

MessageBoxW
RegisterWindowMessageW
PostMessageW
MessageBoxExW
KillTimer
SetWindowLongW
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect
SetTimer
GetWindow
MoveWindow
PostQuitMessage
DestroyMenu
TrackPopupMenu
GetMessagePos
SetForegroundWindow
AppendMenuW
CreatePopupMenu
UnhookWindowsHookEx
SetWindowsHookExW
SendMessageW
CallNextHookEx
DefWindowProcW
ShowWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
DispatchMessageW
TranslateMessage
DestroyWindow
GetMessageW
LoadIconW
GetDC
LoadStringW
CharNextW
GetActiveWindow

shell32

SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteExW
Shell_NotifyIconW

urlmon

ObtainUserAgentString

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetConnectA

winmm

timeGetTime

gdi32

GetDeviceCaps
SetLayout

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

rpcrt4

UuidToStringA
RpcStringFreeA

advapi32

RegOpenKeyExW
AdjustTokenPrivileges
RegQueryValueExW
OpenProcessToken
RegCloseKey

ole32

CoCreateGuid

Sections

.text
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18847fd5ec2a4fec862eea659987da37

Code Sign

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2Certificate

Extended Key Usages

Key Usages

0b:1a:d7:f3:8c:1e:fa:c6:01:be:a4:3a:b2:a2:ef:aaCertificate

Extended Key Usages

Key Usages

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

60:9d:4d:39:2f:9d:40:0a:b2:2b:c9:4e:55:96:a6:4d:40:81:d4:75:da:7d:e7:d0:66:3f:3f:a8:04:a0:a2:0cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

urlmon

wininet

winmm

gdi32

version

rpcrt4

advapi32

ole32

Sections

.text Size: 521KB - Virtual size: 521KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 14KB - Virtual size: 19KB

.rsrc Size: 26KB - Virtual size: 26KB

6b:32:6a:0f:03:28:d3:7a:1d:53:0b:fd:23:bd:48:e2
Certificate

0b:1a:d7:f3:8c:1e:fa:c6:01:be:a4:3a:b2:a2:ef:aa
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

60:9d:4d:39:2f:9d:40:0a:b2:2b:c9:4e:55:96:a6:4d:40:81:d4:75:da:7d:e7:d0:66:3f:3f:a8:04:a0:a2:0c
Signer

.text
Size: 521KB - Virtual size: 521KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 14KB - Virtual size: 19KB

.rsrc
Size: 26KB - Virtual size: 26KB