69e286e2a9a5b626f973ee3992c7d288d7e0c57b4eae8b66045c90c4a29b2664

Sharing

Copy URL Twitter E-mail

General

Target

69e286e2a9a5b626f973ee3992c7d288d7e0c57b4eae8b66045c90c4a29b2664
Size

1.7MB
MD5

d5b38132c1798ec920931eb6c9ebb3c9
SHA1

f666453b8491206df1bea8bf15c4e68b27e197e8
SHA256

69e286e2a9a5b626f973ee3992c7d288d7e0c57b4eae8b66045c90c4a29b2664
SHA512

2821bdd354886fff1eb972b30b16cb7d11f839192877df8835bc2be96da9d8912f4357ba0d36ff7d729120c623e8553f891e726cf2b5f6df934fe62858f557fa
SSDEEP

24576:FU/SbH69RgwI11111111111111111111111111PPKqacrEH7p:Gb9aQF

Score

1^/10

Malware Config

Signatures

Files

69e286e2a9a5b626f973ee3992c7d288d7e0c57b4eae8b66045c90c4a29b2664
.dll windows:5 windows x86

4a197f005b67a703b574f22b3be4b550

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:80:2b:e2:cc:f3:8c:bd:d2:27:f0:5c:c7:11:40:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

09/01/2023, 00:00

Not After

08/02/2026, 23:59

Subject

CN=Samsung Electronics Co.\, Ltd.,O=Samsung Electronics Co.\, Ltd.,L=Suwon-si,ST=Gyeonggi-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c0:75:3f:f3:b2:86:00:0e:fe:43:80:3c:22:23:f1:f9:47:9d:5a:01:fd:34:bc:29:11:4c:1d:5a:ec:28:2b:cf
Signer

Actual PE Digest

c0:75:3f:f3:b2:86:00:0e:fe:43:80:3c:22:23:f1:f9:47:9d:5a:01:fd:34:bc:29:11:4c:1d:5a:ec:28:2b:cf

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeviceIoControl
lstrcpyW
OutputDebugStringA
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeLibrary
GetUserDefaultLCID
GlobalUnlock
GlobalLock
GlobalAlloc
FlushFileBuffers
WriteFile
FreeResource
CloseHandle
CreateFileW
GetModuleFileNameW
GetVersionExA
GetModuleHandleW
lstrcmpW
SetLastError
GetLastError
CompareStringW
LoadLibraryW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
MulDiv
LocalFree
FormatMessageW
TerminateThread
GetCurrentProcessId
InterlockedDecrement
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
InterlockedExchange
CompareStringA
LoadLibraryExW
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
InterlockedIncrement
lstrlenA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
GetExitCodeThread
GetVersionExW
WideCharToMultiByte
lstrlenW
GetThreadLocale
GetTempPathW
GetLocalTime
Sleep
CreateThread
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
OutputDebugStringW
GlobalFree

user32

SetMenuItemBitmaps
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
BeginPaint
EndPaint
GetWindowThreadProcessId
WindowFromPoint
GetCursorPos
CharUpperW
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageW
SetCursor
UnregisterClassW
DestroyMenu
GetSysColorBrush
LoadCursorW
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
IsDialogMessageW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
GetSubMenu
GetMenuItemID
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
SendMessageW
EnableWindow
IsIconic
GetSystemMetrics
DefWindowProcW
CopyRect
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetClientRect
DrawIcon
SetTimer
KillTimer
GetWindowRect
GetWindowLongW
SetWindowLongW
ReleaseDC
FillRect
LoadIconW
GetDC
PtInRect
IsWindow
InvalidateRect
MessageBoxW
IsWindowEnabled
GetParent
SetCapture
ReleaseCapture
CallWindowProcW
SetWindowTextW
UnhookWindowsHookEx
SetWindowsHookExW
GetDlgItem
CallNextHookEx
GetMenuItemCount

gdi32

CreateSolidBrush
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
CreateFontW
GetStockObject
GetTextExtentPoint32W
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
SelectObject
DeleteObject
DeleteDC
GetObjectW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDW
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
SetupDiGetClassDevsW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListA

ole32

CreateStreamOnHGlobal

gdiplus

GdipCreateBitmapFromStream
GdiplusStartup
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage

uxtheme

SetWindowTheme

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

advapi32

RegQueryValueW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW

oleaut32

VariantClear
VariantChangeType
VariantInit

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

Exports

Exports

KiesCheckConnectedPhone
KiesCheckConnectedPhoneTest
KiesFileInUseDialog
KiesFinishDialog
KiesFinishDialogRenewal
KiesFinishRebootDialog
KiesLanguageDialog
KiesLicenseAndPathDialog
KiesLicenseAndPathDialogEX
KiesMaintenanceDialog
KiesProgressDialog
KiesProgressDialog2
KiesQuestionRemoveDialog
KiesSelectOptionDialog
KiesSimpleMessage
KiesUninstallFinishDialog
ResourceMessageBox

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.npdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a197f005b67a703b574f22b3be4b550

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

08:80:2b:e2:cc:f3:8c:bd:d2:27:f0:5c:c7:11:40:19Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

c0:75:3f:f3:b2:86:00:0e:fe:43:80:3c:22:23:f1:f9:47:9d:5a:01:fd:34:bc:29:11:4c:1d:5a:ec:28:2b:cfSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

setupapi

shell32

ole32

gdiplus

uxtheme

winspool.drv

comdlg32

advapi32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 240KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 9KB - Virtual size: 34KB

.npdata Size: 512B - Virtual size: 20B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 39KB - Virtual size: 38KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

08:80:2b:e2:cc:f3:8c:bd:d2:27:f0:5c:c7:11:40:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

c0:75:3f:f3:b2:86:00:0e:fe:43:80:3c:22:23:f1:f9:47:9d:5a:01:fd:34:bc:29:11:4c:1d:5a:ec:28:2b:cf
Signer

.text
Size: 240KB - Virtual size: 240KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 9KB - Virtual size: 34KB

.npdata
Size: 512B - Virtual size: 20B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 39KB - Virtual size: 38KB