db788aa6895989eace1a3f7b11788090b3da5a52c72a64b267ae9bf82b2853c0

Sharing

Copy URL Twitter E-mail

General

Target

db788aa6895989eace1a3f7b11788090b3da5a52c72a64b267ae9bf82b2853c0
Size

1.2MB
MD5

a42377e4af01100af9af7c0fe40eda42
SHA1

3ff85f8a0a2da4ca63db5dfd0e9a25758e08b409
SHA256

db788aa6895989eace1a3f7b11788090b3da5a52c72a64b267ae9bf82b2853c0
SHA512

73b9844ef7e70bd88a0dcde217affff0842cb97f1dbbd1157ca636842df1d460fc414a13535a22cf92fd69fd6b840c3e02b6adfbc05e0bd6b06e3a2983028ffa
SSDEEP

12288:3jbw7dYArrcCeY/2vJuKKTgcEx1TfhvsugvQJUBq9kEhojBjvrEH7U:3jk7dYEgCkJuax9fOLYJUqkEi5rEH7U

Score

1^/10

Malware Config

Signatures

Files

db788aa6895989eace1a3f7b11788090b3da5a52c72a64b267ae9bf82b2853c0
.dll windows:5 windows x86 arch:x86

cd4e57f74adb4b810e0bdba87954dc93

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/08/2022, 00:00

Not After

29/07/2025, 23:59

Subject

SERIALNUMBER=91110108680456115E,CN=Glarysoft Ltd,O=Glarysoft Ltd,ST=Beijing,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13104861696469616e204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13074265696a696e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/08/2022, 00:00

Not After

29/07/2025, 23:59

Subject

SERIALNUMBER=91110108680456115E,CN=Glarysoft Ltd,O=Glarysoft Ltd,ST=Beijing,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13104861696469616e204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13074265696a696e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:d4:c7:8e:87:ed:6f:56:78:7b:b8:06:c1:a1:8f:c2:18:90:4f:3f:cc:96:8e:58:9a:e3:b1:12:fc:56:4b:21
Signer

Actual PE Digest

ba:d4:c7:8e:87:ed:6f:56:78:7b:b8:06:c1:a1:8f:c2:18:90:4f:3f:cc:96:8e:58:9a:e3:b1:12:fc:56:4b:21

Digest Algorithm

sha256

PE Digest Matches

false

c9:1a:cf:0e:06:3a:77:c2:02:00:05:2d:15:06:c5:bb:42:52:85:a0
Signer

Actual PE Digest

c9:1a:cf:0e:06:3a:77:c2:02:00:05:2d:15:06:c5:bb:42:52:85:a0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
VirtualAlloc
VirtualQuery
ExitThread
GetCommandLineA
HeapReAlloc
RtlUnwind
Sleep
ExitProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapCreate
HeapDestroy
VirtualFree
LCMapStringA
LCMapStringW
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
IsDebuggerPresent
GetDateFormatA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
SetUnhandledExceptionFilter
InterlockedCompareExchange
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GlobalFlags
SetErrorMode
TlsFree
GetEnvironmentStrings
HeapFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
lstrlenA
RaiseException
InterlockedIncrement
GetModuleHandleA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetCurrentProcessId
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
lstrcmpW
SetLastError
GetTickCount
GetFileSize
FileTimeToSystemTime
GetCommandLineW
SetFileTime
WriteFile
GetFileAttributesW
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
CreateDirectoryW
GetSystemInfo
GetModuleHandleW
ResetEvent
SetEvent
WaitForSingleObject
MulDiv
CreateEventW
FreeResource
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileSectionW
FindClose
FindFirstFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
lstrlenW
lstrcpyW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
Module32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
GetSystemDirectoryW
GetVersionExW
GetDriveTypeW
GetLogicalDriveStringsW
GetLongPathNameW
ExpandEnvironmentStringsW
ResumeThread
LocalFree
FormatMessageW
GetLastError
InterlockedExchange
CreateThread
CloseHandle
DeleteFileW
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
GetTimeFormatA
SizeofResource

user32

GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
GetDlgCtrlID
DefWindowProcW
GetMenu
GetWindowLongW
IsChild
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CharUpperW
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuItemCount
GetDesktopWindow
LoadBitmapW
wsprintfW
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
GetMenuItemID
PostMessageW
TrackPopupMenu
SetForegroundWindow
SetMenuDefaultItem
GetSubMenu
LoadMenuW
RegisterWindowMessageW
LoadIconW
CallWindowProcW
UpdateWindow
SetWindowLongW
DrawTextW
GetAsyncKeyState
GetCursorPos
LoadCursorW
SetCursor
ReleaseCapture
FillRect
PtInRect
KillTimer
SetWindowRgn
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
EndDialog
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamW
GetActiveWindow
OffsetRect
SetTimer
CheckMenuItem
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
TranslateMessage
GetMessageW
IntersectRect
GetWindowThreadProcessId
EnableWindow
GetSysColor
GetParent
GetWindowRect
GetClientRect
InvalidateRect
IsWindow
SendMessageW
CopyRect
GetDC
IsDialogMessageW
SetWindowTextW
ReleaseDC
SetRect
MoveWindow
ShowWindow
PostThreadMessageW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
CharNextW
GetSysColorBrush
UnregisterClassW
DestroyMenu
WindowFromPoint
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
UnhookWindowsHookEx
TabbedTextOutW
DrawTextExW

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetClipBox
ExtSelectClipRgn
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetMapMode
StretchBlt
SetTextColor
GetBkMode
GetTextExtentPoint32W
CreateSolidBrush
GetDeviceCaps
CreateRoundRectRgn
GetTextExtentPointW
GetStockObject
CreateCompatibleBitmap
CreateFontIndirectW
CreateFontW
GetObjectW
SetDIBColorTable
SelectObject
DeleteObject
CreateDIBSection
BitBlt
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
ScaleWindowExtEx
DeleteDC

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextW

shell32

ShellExecuteW
Shell_NotifyIconW

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameW
StrFormatByteSizeW
PathIsURLW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize

oleaut32

DispCallFunc
VariantCopy
SafeArrayDestroy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
OleLoadPicture
SysAllocString
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate

urlmon

URLDownloadToFileW

gdiplus

GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette

wininet

DeleteUrlCacheEntryW

iphlpapi

GetAdaptersInfo

languages

ord4
ord2
ord1

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

zlib1

uncompress

config

ord19
ord1
GUCIsSeparate
ord12
ord10
ord20

Exports

Exports

CheckIsNewVersion
CheckUpdate
CheckUpdateTipDlg
GetModuleUpdateInfo
GetNewVersionTipsByReg
ModuleCheckUpdate
ShowUpdateDlg
_CheckUpdateEnableProLimiting@4
_ShowModuleUpdateDlg@28

Sections

.text
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd4e57f74adb4b810e0bdba87954dc93

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

ba:d4:c7:8e:87:ed:6f:56:78:7b:b8:06:c1:a1:8f:c2:18:90:4f:3f:cc:96:8e:58:9a:e3:b1:12:fc:56:4b:21Signer

c9:1a:cf:0e:06:3a:77:c2:02:00:05:2d:15:06:c5:bb:42:52:85:a0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

wininet

iphlpapi

languages

version

zlib1

config

Exports

Exports

Sections

.text Size: 430KB - Virtual size: 429KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 13KB - Virtual size: 32KB

.rsrc Size: 503KB - Virtual size: 503KB

.reloc Size: 49KB - Virtual size: 48KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:b5:7e:e8:07:45:95:de:33:f1:ea:d7:df:b3:dd:43
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

ba:d4:c7:8e:87:ed:6f:56:78:7b:b8:06:c1:a1:8f:c2:18:90:4f:3f:cc:96:8e:58:9a:e3:b1:12:fc:56:4b:21
Signer

c9:1a:cf:0e:06:3a:77:c2:02:00:05:2d:15:06:c5:bb:42:52:85:a0
Signer

.text
Size: 430KB - Virtual size: 429KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 13KB - Virtual size: 32KB

.rsrc
Size: 503KB - Virtual size: 503KB

.reloc
Size: 49KB - Virtual size: 48KB