b763b94b3c8b81a43774b1dcd29755066b6ecc96391b4685152e97b483f3bb12

Sharing

Copy URL

Twitter E-mail

General

Target

b763b94b3c8b81a43774b1dcd29755066b6ecc96391b4685152e97b483f3bb12
Size

2.5MB
MD5

09793c047cf01b0d7e977693140729c4
SHA1

905407707de3b030c9ba94fe775410fca9deb88e
SHA256

b763b94b3c8b81a43774b1dcd29755066b6ecc96391b4685152e97b483f3bb12
SHA512

55a3ca23ed7474bd7a14af38164ff75b7901dc94df2c0d3f6adef3948f818b7dde6d4b59d077dbf937ce6c9f0c588f49edd0c71d11ed4f70d552f0c31d62f8dd
SSDEEP

49152:p1xaSFbj2EGOvbdDtu1DMs+OGz8xLSS4aZodKGMXiTcbvcQaGBw3/quciHW80BqG:p1nFVGOjdDtu1Dv+OGzA4a+K3iTBQaGR

Score

1^/10

Malware Config

Signatures

Files

b763b94b3c8b81a43774b1dcd29755066b6ecc96391b4685152e97b483f3bb12
.exe windows:5 windows x86 arch:x86

ca99d9e6a6970b8187641a67e4c1fa59

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:7c:fd:fd:f9:e7:5e:fa:00:10:3a:4b:a1:76:0d:9a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05-12-2022 00:00

Not After

07-01-2026 23:59

Subject

SERIALNUMBER=91440300746612636Q,CN=SHENZHEN THUNDER NETWORKING TECHNOLOGIES LTD.,O=SHENZHEN THUNDER NETWORKING TECHNOLOGIES LTD.,L=深圳市,ST=广东省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e6b7b1e59cb3e5b882,1.3.6.1.4.1.311.60.2.1.2=#0c09e5b9bfe4b89ce79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:78:f3:dc:d1:06:dc:e7:38:c3:43:de:5a:23:10:92:52:be:82:c4:a0:ea:72:84:d6:64:af:7c:22:62:94:9c
Signer

Actual PE Digest

25:78:f3:dc:d1:06:dc:e7:38:c3:43:de:5a:23:10:92:52:be:82:c4:a0:ea:72:84:d6:64:af:7c:22:62:94:9c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetTempFileNameA
GlobalHandle
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
InitializeCriticalSectionAndSpinCount
GetACP
GetCPInfo
GetOEMCP
GetTickCount
GetProfileIntA
SearchPathA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
GetUserDefaultLCID
FindResourceExW
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapCreate
GetStdHandle
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
TlsFree
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsProcessorFeaturePresent
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
CompareStringW
GetTimeZoneInformation
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
WaitForSingleObject
ResumeThread
SetThreadPriority
FreeResource
GlobalAddAtomA
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
lstrcmpA
GetModuleHandleW
GetVersionExA
lstrcpyA
FreeLibrary
LoadLibraryW
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
DecodePointer
EncodePointer
InterlockedIncrement
LocalReAlloc
TlsSetValue
FreeEnvironmentStringsW
TlsAlloc
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
Sleep
OpenProcess
WriteFile
GetCurrentThread
Process32First
InterlockedDecrement
lstrlenA
FindResourceA
CreateFileA
GetThreadContext
ExitProcess
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
GetTempPathA
FindResourceW

user32

LoadAcceleratorsW
CreateAcceleratorTableA
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
WaitMessage
DestroyIcon
UnionRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
DestroyMenu
IsMenu
GetMenuItemInfoA
SetMenuDefaultItem
GetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
GetIconInfo
CopyIcon
GetDoubleClickTime
GetNextDlgGroupItem
GetUpdateRect
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
RegisterClipboardFormatA
CharUpperBuffA
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
InvertRect
HideCaret
DrawIcon
DestroyCursor
GetWindowRgn
IsZoomed
IsIconic
RealChildWindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetKeyboardState
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetWindowLongA
GetClassNameA
InvalidateRect
UpdateWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
ValidateRect
GetWindow
MapDialogRect
SetWindowPos
RegisterWindowMessageA
DrawIconEx
RedrawWindow
IsWindowVisible
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
ScreenToClient
ClientToScreen
GetWindowRect
PtInRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
PostMessageA
PostQuitMessage
GetSysColorBrush
LoadCursorA
GetClassInfoA
DefWindowProcA
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
GetSysColor
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
EnableWindow
LoadIconW
wsprintfA
GetKeyboardLayout
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
CharUpperA
MessageBeep
ReleaseCapture
SetCapture
KillTimer
SetTimer
GetSystemMenu
LoadMenuW
DeleteMenu
IntersectRect
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
CreateWindowExA
SetParent
IsChild

gdi32

CopyMetaFileA
CreateDCA
CreateBitmap
CreateDIBitmap
Rectangle
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetStockObject
CreatePen
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
CreateRectRgnIndirect
CreateCompatibleDC
BitBlt
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
DeleteObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
CreateHatchBrush
CreateRectRgn
CreateEllipticRgn
CreatePolygonRgn
CombineRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
PatBlt
ExtTextOutA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
TextOutA
SetTextColor
ScaleViewportExtEx
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
MoveToEx
SetTextAlign
SelectPalette
GetObjectType
CreateDIBSection
CreateRoundRectRgn
OffsetRgn
GetRgnBox
SetRectRgn
DPtoLP
SetPixel
SetDIBColorTable
RealizePalette
StretchBlt
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
SetPixelV
GetTextFaceA
SetMapMode
SetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetROP2
GetDeviceCaps

advapi32

RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA

ole32

DoDragDrop
CoInitializeEx
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipDrawImageI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 935KB - Virtual size: 934KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca99d9e6a6970b8187641a67e4c1fa59

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:7c:fd:fd:f9:e7:5e:fa:00:10:3a:4b:a1:76:0d:9aCertificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

25:78:f3:dc:d1:06:dc:e7:38:c3:43:de:5a:23:10:92:52:be:82:c4:a0:ea:72:84:d6:64:af:7c:22:62:94:9cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 272KB - Virtual size: 272KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 935KB - Virtual size: 934KB

.reloc Size: 168KB - Virtual size: 168KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:7c:fd:fd:f9:e7:5e:fa:00:10:3a:4b:a1:76:0d:9a
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

25:78:f3:dc:d1:06:dc:e7:38:c3:43:de:5a:23:10:92:52:be:82:c4:a0:ea:72:84:d6:64:af:7c:22:62:94:9c
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 272KB - Virtual size: 272KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 935KB - Virtual size: 934KB

.reloc
Size: 168KB - Virtual size: 168KB