Smasher-and-the-Will-o-the-Thiccs_670263[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Smasher-and-the-Will-o-the-Thiccs_670263.exe
Size

10.8MB
MD5

ec7aa367a24d07f500734330b3125c9b
SHA1

b67d97021ed3323c34f5c6ba7ded788bbebf4d1b
SHA256

1d5758e134a24f253b8ee0fe77a14422412ea1056e972d8a89ad84245189d0e2
SHA512

388597d02312db24a64c10fa8ea6ba82c04243604f79ca311488980587eb51daef45bacea3059fede011df1cd7c8cedc24583770d5997961478f2693113bc3b8
SSDEEP

196608:rxgSB5uNufd4pDXTr59KQEQEQQymxlqc+LxvMy6/5WRLRE2D7R1q+B6bfj5mLsIt:Fhd4pDXTr55EQEQQymxlqc+LxHRE2D7M

Score

1^/10

Malware Config

Signatures

Files

Smasher-and-the-Will-o-the-Thiccs_670263.exe
.exe windows:6 windows x86 arch:x86

29f6dea52e299499696edd56a04a2b3c

Code Sign

42:81:90:c7:6b:e1:70:d2:34:31:6f:b3:57:4f:8f:dd
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

15/11/2022, 18:07

Not After

15/11/2023, 18:06

Subject

SERIALNUMBER=L22000439212,CN=Digital Media Pros LLC,O=Digital Media Pros LLC,L=Delray Beach,ST=Florida,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#1307466c6f72696461,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26/03/2019, 17:44

Not After

22/03/2034, 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/12/2022, 18:30

Not After

06/12/2032, 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:88:26:4f:da:c5:dd:ff:8c:7d:86:79:f8:0f:cf:0b:54:42:f4:a6:95:47:3a:e1:89:12:57:92:ce:18:3c:0c
Signer

Actual PE Digest

88:88:26:4f:da:c5:dd:ff:8c:7d:86:79:f8:0f:cf:0b:54:42:f4:a6:95:47:3a:e1:89:12:57:92:ce:18:3c:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
FillConsoleOutputCharacterW
GetFileAttributesW
DeleteFiber
TlsFree
FindNextFileW
LoadResource
CreateProcessW
GetConsoleOutputCP
PeekNamedPipe
FindClose
IsDebuggerPresent
HeapFree
MultiByteToWideChar
SwitchToFiber
SetHandleInformation
LoadLibraryExW
GetProcessHeap
MulDiv
GetCPInfo
GlobalUnlock
ConvertThreadToFiber
SizeofResource
GetFileSizeEx
LoadLibraryW
GetCurrentDirectoryW
lstrcatA
GetModuleHandleExW
LocalFree
HeapSize
AcquireSRWLockExclusive
GetTimeZoneInformation
FindFirstFileExW
InitializeCriticalSection
ReadConsoleW
GetLocaleInfoW
CreateDirectoryW
ExitThread
Sleep
ExitProcess
GetNativeSystemInfo
GlobalFree
GetLogicalDriveStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
CreateFiber
GetVersionExW
GetStartupInfoW
VerSetConditionMask
SetThreadPriority
SetUnhandledExceptionFilter
GetOEMCP
EnterCriticalSection
ReadFile
SetEndOfFile
IsProcessorFeaturePresent
EnumSystemLocalesW
UnhandledExceptionFilter
WriteConsoleW
IsValidCodePage
SetStdHandle
GetFileType
SetCurrentDirectoryW
TerminateProcess
HeapAlloc
AttachConsole
GetTickCount64
GetStdHandle
GetFullPathNameW
SetConsoleCursorPosition
CreateEventW
GetTempFileNameW
TlsAlloc
GetTimeFormatW
GetCurrentThread
SetFilePointerEx
GlobalAlloc
LockResource
SystemTimeToTzSpecificLocalTime
SetEvent
FileTimeToSystemTime
QueryPerformanceCounter
ConvertFiberToThread
TlsGetValue
WaitForMultipleObjects
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
CloseHandle
LCMapStringEx
GetEnvironmentStringsW
GetTempPathW
GetStringTypeW
GetDriveTypeW
GetSystemTime
SetConsoleMode
VerifyVersionInfoW
RaiseException
SetConsoleCtrlHandler
HeapReAlloc
GlobalHandle
GetUserDefaultUILanguage
ResumeThread
GetCurrentProcess
FindResourceW
GetUserDefaultLCID
GetFileAttributesExW
GetCurrentProcessId
LoadLibraryA
SetErrorMode
SystemTimeToFileTime
CreateThread
FindFirstFileW
QueryPerformanceFrequency
GetEnvironmentVariableA
EncodePointer
GetModuleHandleA
lstrlenA
GetCommandLineW
WaitForSingleObject
RtlUnwind
GetCommandLineA
WaitForSingleObjectEx
ExpandEnvironmentStringsW
FreeConsole
OutputDebugStringW
CreatePipe
GetModuleHandleW
GlobalSize
GlobalLock
ReleaseSRWLockExclusive
GetCurrentThreadId
GetConsoleScreenBufferInfo
CompareStringW
FormatMessageW
LCMapStringW
DecodePointer
GetFileInformationByHandle
GetSystemDirectoryW
WriteFile
InitializeCriticalSectionEx
DeleteCriticalSection
ReadConsoleOutputCharacterA
GetConsoleMode
DeleteFileW
GetExitCodeProcess
FreeLibrary
WideCharToMultiByte
SetLastError
SetNamedPipeHandleState
GetTickCount
ReadConsoleA
GetProcAddress
TlsSetValue
GetDateFormatW
GetLongPathNameW
ResetEvent
SetEnvironmentVariableW
CompareFileTime
SleepEx
FreeLibraryAndExitThread
LeaveCriticalSection
IsValidLocale
CopyFileW
WriteConsoleA
GetEnvironmentVariableW
GetLastError
CreateFileW
CreateMutexW
MoveFileExW
InitializeSListHead
FlushFileBuffers

user32

keybd_event
DdeFreeStringHandle
GetCursorPos
CreateIconIndirect
SendMessageW
EndDeferWindowPos
SetForegroundWindow
ClientToScreen
DdeNameService
DdeCreateDataHandle
MessageBoxW
IsWindowVisible
MessageBeep
DdeInitializeW
GetFocus
IsRectEmpty
GetMenuItemInfoW
WaitForInputIdle
IsClipboardFormatAvailable
EnableMenuItem
GetParent
GetScrollInfo
WindowFromPoint
ValidateRect
UnhookWindowsHookEx
GetMenuItemCount
UpdateWindow
GetClassNameW
PostThreadMessageW
RegisterHotKey
DestroyCursor
InsertMenuItemW
SetRect
GetClipboardFormatNameW
GetDialogBaseUnits
BeginPaint
GetDoubleClickTime
DdeCreateStringHandleW
TranslateMessage
GetDesktopWindow
GetWindowRect
LoadIconW
GetMessageW
GetWindowTextW
SetParent
EnableWindow
InvalidateRect
IsDialogMessageW
GetMenuState
DdePostAdvise
CreateDialogIndirectParamW
GetActiveWindow
GetCapture
SetFocus
CreateMenu
UnionRect
DrawFocusRect
GetSystemMenu
MoveWindow
TranslateAcceleratorW
GetCaretBlinkTime
DestroyMenu
GetMenuItemID
DdeClientTransaction
GetSystemMetrics
DrawMenuBar
DispatchMessageW
CreateDialogParamW
GetSysColor
GetUserObjectInformationW
SetCursorPos
IsWindow
PeekMessageW
SystemParametersInfoW
FindWindowExW
ModifyMenuW
SetMenuItemInfoW
SetTimer
EnableScrollBar
DrawEdge
MsgWaitForMultipleObjects
LoadBitmapW
MapVirtualKeyW
MapWindowPoints
DrawFrameControl
DdeUninitialize
wsprintfA
SetCapture
GetProcessWindowStation
ReleaseDC
CheckMenuItem
ReleaseCapture
GetWindowTextLengthW
SetWindowsHookExW
DefWindowProcW
KillTimer
DeferWindowPos
VkKeyScanW
GetAsyncKeyState
ShowWindow
BeginDeferWindowPos
DdeGetLastError
SetLayeredWindowAttributes
SetWindowPos
OffsetRect
CreateWindowExW
DrawTextW
UnregisterClassW
CreateAcceleratorTableW
EndPaint
DestroyIcon
ScreenToClient
SetWindowTextW
RegisterClassW
GetDlgItem
CreatePopupMenu
GetComboBoxInfo
GetWindowDC
ScrollWindow
SetWindowRgn
RemoveMenu
InflateRect
SetMenuInfo
FlashWindowEx
AppendMenuW
FillRect
GetDC
DestroyAcceleratorTable
DdeConnect
GetUpdateRgn
SetCursor
DdeFreeDataHandle
DdeDisconnect
PtInRect
DrawStateW
IsWindowEnabled
GetWindowLongW
ChildWindowFromPoint
MonitorFromPoint
IsZoomed
LoadCursorW
IsIconic
GetWindow
DdeQueryStringW
AnimateWindow
GetProcessDefaultLayout
GetIconInfo
SetScrollInfo
DdeGetData
GetSysColorBrush
GetClientRect
DrawIconEx
RegisterWindowMessageW
ValidateRgn
DestroyWindow
SetWindowLongW
GetMessagePos
SetMenu
IsMenu
EnumDisplaySettingsW
EnumDisplayMonitors
RegisterClipboardFormatW
ChildWindowFromPointEx
BringWindowToTop
PostMessageW
CheckMenuRadioItem
RedrawWindow
GetSubMenu
LoadImageW
CallNextHookEx
UnregisterHotKey
GetKeyState
SetRectEmpty
CallWindowProcW
MonitorFromWindow
GetMessageTime
ChangeDisplaySettingsExW
CopyRect
HideCaret
GetMonitorInfoW
TrackPopupMenu
GetWindowPlacement
InsertMenuW
PostQuitMessage

comctl32

ImageList_Replace
ImageList_Add
ImageList_SetBkColor
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetImageInfo
ord16
ord17
ImageList_Draw

oleacc

LresultFromObject

uxtheme

DrawThemeParentBackground
IsThemeActive
GetCurrentThemeName
GetThemePartSize
GetThemeSysColor
GetThemeInt
DrawThemeBackground
GetThemeSysFont
IsThemeBackgroundPartiallyTransparent
GetThemeMargins
OpenThemeData
GetThemeBackgroundContentRect
CloseThemeData
GetThemeBackgroundExtent
IsAppThemed
GetThemeFont
GetThemeColor
IsThemePartDefined

ws2_32

WSAResetEvent
WSACleanup
__WSAFDIsSet
select
accept
WSAEventSelect
listen
WSACreateEvent
WSAIoctl
recvfrom
sendto
ioctlsocket
gethostname
shutdown
WSAWaitForMultipleEvents
getaddrinfo
WSACloseEvent
freeaddrinfo
getnameinfo
closesocket
WSAGetLastError
recv
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
send
WSASetLastError
WSAEnumNetworkEvents
htonl
WSAStartup

wldap32

ord127
ord27
ord26
ord117
ord301
ord142
ord147
ord79
ord133
ord167
ord208
ord46
ord219
ord145
ord41
ord216
ord14

crypt32

CertCloseStore
CertFreeCertificateContext
CertFindCertificateInStore
CertGetEnhancedKeyUsage
CertOpenStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertGetIntendedKeyUsage
CertGetCertificateContextProperty
CertOpenSystemStoreW

shlwapi

SHAutoComplete

msimg32

AlphaBlend
GradientFill

bcrypt

BCryptGenRandom

gdi32

CreateDCW
SetAbortProc
SetStretchBltMode
ExcludeClipRect
GetSystemPaletteEntries
GetTextMetricsW
GetRegionData
GetBkColor
Ellipse
CreateRectRgnIndirect
EnumFontFamiliesExW
CreateCompatibleBitmap
LPtoDP
SetTextColor
CreateICW
DeleteEnhMetaFile
PolyBezier
SetPixel
SelectClipRgn
CreateHatchBrush
GetTextExtentPoint32W
SelectObject
GetClipBox
PlayEnhMetaFile
ModifyWorldTransform
StretchDIBits
GetViewportExtEx
SetROP2
ExtSelectClipRgn
GetObjectType
ExtCreateRegion
ExtFloodFill
GetPixel
CreateCompatibleDC
SetBkMode
EqualRgn
SetGraphicsMode
GetStockObject
ExtCreatePen
DPtoLP
OffsetRgn
Arc
CreateSolidBrush
CreatePen
PtInRegion
GetCharABCWidthsW
CreateBitmap
GetDIBits
CreateBitmapIndirect
CreateEnhMetaFileW
SetWorldTransform
Polyline
RoundRect
Pie
EndDoc
GdiFlush
BitBlt
GetNearestPaletteIndex
EndPage
SetBrushOrgEx
GetObjectW
CreateDIBitmap
CreateDIBSection
SetWindowExtEx
GetDIBColorTable
MoveToEx
GetLayout
GetRgnBox
MaskBlt
SetPolyFillMode
RectInRegion
SetViewportExtEx
ExtTextOutW
CreatePatternBrush
DeleteObject
SelectPalette
GetWorldTransform
SetWindowOrgEx
GetPaletteEntries
SetLayout
DeleteDC
StartPage
GetTextExtentExPointW
Polygon
StretchBlt
Rectangle
GetEnhMetaFileHeader
CreatePalette
CreateRectRgn
SetBkColor
GetOutlineTextMetricsW
StartDocW
PolyPolygon
SetMapMode
RealizePalette
GetGraphicsMode
GetDeviceCaps
CloseEnhMetaFile
SetDIBColorTable
CombineRgn
LineTo
GetWindowExtEx
GetEnhMetaFileW
SetViewportOrgEx
CreateFontIndirectW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

comdlg32

CommDlgExtendedError
PageSetupDlgW
PrintDlgW
ChooseFontW

advapi32

CryptSignHashW
RegCloseKey
CryptSetHashParam
RegSetValueExW
ReportEventW
CryptDecrypt
CryptGetUserKey
RegDeleteValueW
DeregisterEventSource
CryptAcquireContextW
CryptEnumProvidersW
CryptCreateHash
RegEnumValueW
CryptDestroyKey
RegDeleteKeyW
RegisterEventSourceW
RegCreateKeyExW
RegEnumKeyW
CryptExportKey
RegOpenKeyExW
CryptGetProvParam
CryptDestroyHash
GetUserNameW
CryptReleaseContext
RegQueryValueExW

shell32

CommandLineToArgvW
ExtractIconExW
ExtractIconW
SHGetFileInfoW
SHGetFolderPathW
DragQueryFileW
DragFinish
DragQueryPoint
ord6
DragAcceptFiles

ole32

CoTaskMemAlloc
CoTaskMemFree
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
OleInitialize
CoCreateInstance
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CoLockObjectExternal
RegisterDragDrop

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29f6dea52e299499696edd56a04a2b3c

Code Sign

42:81:90:c7:6b:e1:70:d2:34:31:6f:b3:57:4f:8f:ddCertificate

Extended Key Usages

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

88:88:26:4f:da:c5:dd:ff:8c:7d:86:79:f8:0f:cf:0b:54:42:f4:a6:95:47:3a:e1:89:12:57:92:ce:18:3c:0cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

oleacc

uxtheme

ws2_32

wldap32

crypt32

shlwapi

msimg32

bcrypt

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 9.1MB - Virtual size: 9.1MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 346KB - Virtual size: 415KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 244KB - Virtual size: 244KB

42:81:90:c7:6b:e1:70:d2:34:31:6f:b3:57:4f:8f:dd
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

88:88:26:4f:da:c5:dd:ff:8c:7d:86:79:f8:0f:cf:0b:54:42:f4:a6:95:47:3a:e1:89:12:57:92:ce:18:3c:0c
Signer

.text
Size: 9.1MB - Virtual size: 9.1MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 346KB - Virtual size: 415KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 244KB - Virtual size: 244KB