c75bb2fc5266a50399de6a4bbe4cb006c7a84d5067ab346ae4df53ec4e67f5d1

Sharing

Copy URL Twitter E-mail

General

Target

c75bb2fc5266a50399de6a4bbe4cb006c7a84d5067ab346ae4df53ec4e67f5d1
Size

1.9MB
MD5

7f345064c0ca0f7b4845cdc8eca85b42
SHA1

1b0e7e2e4f0f695cf85ef0d6e4e76324e002adbe
SHA256

c75bb2fc5266a50399de6a4bbe4cb006c7a84d5067ab346ae4df53ec4e67f5d1
SHA512

459a9251778928df34aa1bdf8e7b77fab92563f6933134634546fe03430da1db2f93013af961fba2aeac405a40d6190812229b5da7d515e11266e8cb0ffcfbe6
SSDEEP

49152:OROZoc49+JBioCNuIWiQGW7Z6+4stfS5q5LRGJCsTvoqxRp+:Xoc49+JgodIWiQGWrjtfSWLRGJE

Score

1^/10

Malware Config

Signatures

Files

c75bb2fc5266a50399de6a4bbe4cb006c7a84d5067ab346ae4df53ec4e67f5d1
.exe windows:6 windows x86 arch:x86

84fb1c3542888fcd8095dc80b79de750

Code Sign

23:a0:8f:03:5a:44:d8:d9:88:ff:5b:df:62:fc:c9:fb:3f:73:72:ec
Certificate

Issuer

CN=北京志翔科技股份有限公司,OU=北京志翔科技股份有限公司,O=北京志翔科技股份有限公司,L=北京,ST=北京,C=CN

Not Before

19/09/2022, 08:50

Not After

18/06/2032, 08:50

Subject

CN=北京志翔科技股份有限公司,OU=北京志翔科技股份有限公司,O=北京志翔科技股份有限公司,L=北京,ST=北京,C=CN

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ca:60:1b:67:63:e4:1f:b6:54:dd:dd:1c:2b:c8:87:d6:f0:e0:02:2c
Signer

Actual PE Digest

ca:60:1b:67:63:e4:1f:b6:54:dd:dd:1c:2b:c8:87:d6:f0:e0:02:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionEx
HeapReAlloc
GetSystemInfo
GetPrivateProfileStringW
CreateDirectoryW
GetFileAttributesW
VirtualQuery
LocalAlloc
UnmapViewOfFile
OpenFileMappingW
MapViewOfFile
CreateFileMappingW
GetTickCount64
OpenEventW
GetCurrentThreadId
GetCurrentProcess
CreateSemaphoreW
GetStartupInfoW
TerminateProcess
OpenProcess
HeapFree
GetProcessHeap
HeapAlloc
CreateThread
GetModuleFileNameW
LocalFree
FormatMessageW
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
SetEvent
OutputDebugStringA
CreateEventW
GetCurrentProcessId
WaitForSingleObject
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSize
FlushFileBuffers
GetFileAttributesExW
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetLastError
LoadLibraryW
GetModuleHandleW
ReadFile
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
WriteFile
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
SetEnvironmentVariableA
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
ReadConsoleW
CreateFileW
DeleteFileW
CloseHandle
GetTickCount
GetStdHandle
GetConsoleMode
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
CopyFileW
SetLastError
LoadLibraryExW
EncodePointer
GetSystemDirectoryW
FreeResource
GetModuleHandleA
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
GlobalAddAtomW
GlobalFindAtomW
FindClose
FindFirstFileW
GetVersionExW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrcmpA
GlobalGetAtomNameW
GetFileTime
GetFullPathNameW
GetVolumeInformationW
LockFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
SetThreadPriority
ResumeThread
CompareStringW
GetLocaleInfoW
GetUserDefaultUILanguage
GlobalFlags
GetCurrentDirectoryW
lstrcpyW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
MoveFileExW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ExitThread
GetCommandLineA
RtlUnwind
SetStdHandle
GetFileType
HeapQueryInformation
VirtualAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
GetConsoleCP

user32

SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
PtInRect
GetClassLongW
GetTopWindow
GetLastActivePopup
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
FillRect
GetCursorPos
WindowFromPoint
GetSysColorBrush
LoadCursorW
CharUpperW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyImage
SendDlgItemMessageA
GetMessageW
TranslateMessage
GetActiveWindow
PostQuitMessage
RealChildWindowFromPoint
IntersectRect
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
DestroyIcon
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
KillTimer
InvalidateRect
IsIconic
GetNextDlgGroupItem
SetCapture
ReleaseCapture
DrawFocusRect
SetRectEmpty
OffsetRect
IsRectEmpty
LoadImageW
GetCapture
GetIconInfo
MessageBeep
GetAsyncKeyState
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
ScrollWindow
MapVirtualKeyW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextW
TrackMouseEvent
GetComboBoxInfo
IsZoomed
GetSystemMenu
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongW
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDesktopWindow
GetClientRect
GetWindowRect
SystemParametersInfoW
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
RedrawWindow
ValidateRect
SetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenuDefaultItem
GetMenu
PostMessageW
GetWindowThreadProcessId
GetParent
GetWindow
GetMessageTime
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
SetWindowLongW
GetWindowLongW
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
EnableWindow
GetFocus
SetFocus
GetDlgCtrlID
CheckDlgButton
GetDlgItem
MoveWindow
ShowWindow
IsWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
FindWindowA
GetSystemMetrics
GetForegroundWindow
MessageBoxW
SetWindowPos
GetClassNameW
SendMessageW
DrawIconEx
GetMessagePos
GetWindowTextW

gdi32

SetTextAlign
SetROP2
MoveToEx
TextOutW
ExtTextOutW
SetPolyFillMode
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetLayout
SetLayout
SetMapMode
SetBkMode
GetTextFaceW
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
CreatePen
DeleteDC
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
BitBlt
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
SetViewportExtEx
GetBkColor
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetNearestPaletteIndex

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
SHAppBarMessage
DragFinish
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoUninitialize
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysAllocString
VariantCopy
VarBstrFromDate
VariantInit
SysStringLen
SysFreeString

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

gdiplus

GdiplusShutdown
GdipFree
GdiplusStartup
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84fb1c3542888fcd8095dc80b79de750

Code Sign

23:a0:8f:03:5a:44:d8:d9:88:ff:5b:df:62:fc:c9:fb:3f:73:72:ecCertificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

ca:60:1b:67:63:e4:1f:b6:54:dd:dd:1c:2b:c8:87:d6:f0:e0:02:2cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

uxtheme

gdiplus

wtsapi32

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 355KB - Virtual size: 355KB

.data Size: 26KB - Virtual size: 57KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 121KB - Virtual size: 120KB

23:a0:8f:03:5a:44:d8:d9:88:ff:5b:df:62:fc:c9:fb:3f:73:72:ec
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

ca:60:1b:67:63:e4:1f:b6:54:dd:dd:1c:2b:c8:87:d6:f0:e0:02:2c
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 355KB - Virtual size: 355KB

.data
Size: 26KB - Virtual size: 57KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 121KB - Virtual size: 120KB