7a52f7220ef393ef94758569e370901674991d0e0ae5c14e8523bf841d3c76c1

Sharing

Copy URL Twitter E-mail

General

Target

7a52f7220ef393ef94758569e370901674991d0e0ae5c14e8523bf841d3c76c1
Size

2.2MB
MD5

1e2a5cce26830f2709d376a54607e179
SHA1

0a7a59f7c5e30a89a4e8f570873047ce7e6b6e6f
SHA256

7a52f7220ef393ef94758569e370901674991d0e0ae5c14e8523bf841d3c76c1
SHA512

4f22ca73473e085fb21f5e157f8c15de12bd7121eb5886fc032a7a82c005a7f7f71451d578172fc5015eda405b3ef7975053b2b354289278b6d582b6fc962dc0
SSDEEP

49152:RngQqy/F/+qrE5jeeHmN4lugCX7QCP/91+zaz:RngQqyN2qrEJeeHK4lugw7QCPlsG

Score

1^/10

Malware Config

Signatures

Files

7a52f7220ef393ef94758569e370901674991d0e0ae5c14e8523bf841d3c76c1
.exe windows:6 windows x86 arch:x86

8ce1cf49390bd9f80cdcbfd5d5f115dc

Code Sign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:3b:6a:c0:1e:2b:21:e6:15:dc:00:00:00:00:00:3b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:47

Not After

04/06/2025, 17:47

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:d6:2e:ee:fb:84:6f:2b:96:ed:a0:c1
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

11/03/2020, 05:04

Not After

12/03/2023, 05:04

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=NO.69\, LI-DE ST.\, ZHONGHE DIST.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:84:d3:a8:ce:37:81:eb:57:f4:fd:87:7b:83:ae:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 10:00

Not After

28/06/2032, 10:00

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a7:32:71:a2:d9:ee:07:50:f5:eb:93:af:78:37:07:f8:74:46:86:e2:fb:fa:b0:08:1d:8c:9b:62:b4:69:4d:d3
Signer

Actual PE Digest

a7:32:71:a2:d9:ee:07:50:f5:eb:93:af:78:37:07:f8:74:46:86:e2:fb:fa:b0:08:1d:8c:9b:62:b4:69:4d:d3

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Open_DevNode_Key
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetFileAttributesExW
LCMapStringW
CompareStringW
GetStringTypeW
GetStdHandle
QueryPerformanceFrequency
GetCommandLineW
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
HeapQueryInformation
GetFullPathNameW
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
RtlUnwind
OutputDebugStringW
ReadConsoleW
GetDriveTypeW
FindFirstFileExW
GetCommandLineA
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
IsValidCodePage
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameA
SetCurrentDirectoryA
WaitForSingleObject
CopyFileA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
FreeLibrary
Sleep
CloseHandle
GetLastError
HeapAlloc
GetProcessHeap
HeapFree
CreateFileA
FindFirstFileA
FindClose
GetVersionExA
DeleteFileA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetTempPathA
CreateDirectoryA
SetFileAttributesA
CreateToolhelp32Snapshot
Process32First
Process32Next
WinExec
ExpandEnvironmentStringsA
GetLocalTime
GetPrivateProfileStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WritePrivateProfileStringA
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameA
SearchPathA
GetProfileIntA
GetTickCount
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
lstrcpyA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetProcessId
lstrcmpiA
OpenProcess
FindNextFileW
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
SetThreadPriority
GetCurrentThreadId
SetEvent
GlobalAddAtomA
GlobalFlags
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CompareStringA
GlobalGetAtomNameA
lstrcmpA
InitializeCriticalSectionAndSpinCount
GetVolumeInformationA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FileTimeToLocalFileTime
SetLastError
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
ResumeThread
CreateThread
ExitProcess
DeleteCriticalSection
DecodePointer
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
GetCurrentProcess
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
Module32First

user32

MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextA
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetKeyboardState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoA
MonitorFromWindow
WinHelpA
SetScrollInfo
LoadIconW
LoadIconA
GetWindowRgn
DestroyCursor
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
GetClassInfoExA
GetClassInfoA
CallWindowProcA
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
GetAsyncKeyState
CreateMenu
MessageBoxA
wsprintfA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
ExitWindowsEx
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMessageTime
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CharUpperA
GetSystemMetrics
GetWindowTextA
GetWindowTextLengthA
UnhookWindowsHookEx
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorA
SendMessageA
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
SetFocus
SetScrollPos
GetScrollPos
GetWindow
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
GetScrollInfo
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
GetFocus
SetWindowTextA
SetWindowLongA
IsDialogMessageA
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameA
RealChildWindowFromPoint
DestroyIcon
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ScreenToClient
FillRect
RegisterWindowMessageA
GetMessagePos
PostMessageA

gdi32

SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
SetBkColor
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteObject
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
RealizePalette
GetWindowExtEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegEnumKeyExA
CreateProcessAsUserA
AdjustTokenPrivileges
SetTokenInformation
DuplicateTokenEx
LookupPrivilegeValueA
OpenProcessToken
StartServiceCtrlDispatcherA
QueryServiceStatus
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
SetServiceStatus
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ControlService
StartServiceA
DeleteService
OpenServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
ShellExecuteExA

shlwapi

PathStripToRootA
PathFindExtensionA
SHDeleteKeyA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindFileNameA
PathIsUNCA

uxtheme

GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitialize
CoInitializeEx

oleaut32

VariantInit
VariantClear
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
SysFreeString
SysAllocString
SysAllocStringLen

userenv

CreateEnvironmentBlock

wtsapi32

WTSQueryUserToken

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateFromHDC
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageI
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDeleteGraphics
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipCreateBitmapFromStream

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ce1cf49390bd9f80cdcbfd5d5f115dc

Code Sign

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

33:00:00:00:3b:6a:c0:1e:2b:21:e6:15:dc:00:00:00:00:00:3bCertificate

Extended Key Usages

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

10:d6:2e:ee:fb:84:6f:2b:96:ed:a0:c1Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:84:d3:a8:ce:37:81:eb:57:f4:fd:87:7b:83:ae:b2Certificate

Extended Key Usages

Key Usages

a7:32:71:a2:d9:ee:07:50:f5:eb:93:af:78:37:07:f8:74:46:86:e2:fb:fa:b0:08:1d:8c:9b:62:b4:69:4d:d3Signer

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

userenv

wtsapi32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 348KB - Virtual size: 347KB

.data Size: 20KB - Virtual size: 37KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 142KB - Virtual size: 141KB

04:00:00:00:00:01:21:58:53:08:a2
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

33:00:00:00:3b:6a:c0:1e:2b:21:e6:15:dc:00:00:00:00:00:3b
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

10:d6:2e:ee:fb:84:6f:2b:96:ed:a0:c1
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:84:d3:a8:ce:37:81:eb:57:f4:fd:87:7b:83:ae:b2
Certificate

a7:32:71:a2:d9:ee:07:50:f5:eb:93:af:78:37:07:f8:74:46:86:e2:fb:fa:b0:08:1d:8c:9b:62:b4:69:4d:d3
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 348KB - Virtual size: 347KB

.data
Size: 20KB - Virtual size: 37KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 142KB - Virtual size: 141KB