General

Malware Config

Signatures

Files

• tmp

  .exe windows:6 windows x86 arch:x86

  c317b96e1d43b50b611506c8cf7580b6

  
  

  Code Sign

  56:f0:08:e6:9a:7c:4c:3f:eb:38:9c:66:ea:f5:82:59

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Not Before

  26-05-2014 00:00

  Not After

  24-06-2017 23:59

  Subject

  CN=MEDIATEK INC.,O=MEDIATEK INC.,L=HSINCHU,ST=TAIWAN,C=TW

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  01-08-2022 00:00

  Not After

  09-11-2031 23:59

  Subject

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:19:93:e4:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  22-02-2011 19:25

  Not After

  22-02-2021 19:35

  Subject

  CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7

  Certificate

  Issuer

  CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

  Not Before

  08-02-2010 00:00

  Not After

  07-02-2020 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  23-03-2022 00:00

  Not After

  22-03-2037 23:59

  Subject

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16

  Certificate

  Issuer

  CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

  Not Before

  14-07-2023 00:00

  Not After

  13-10-2034 23:59

  Subject

  CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  17:87:ed:77:7e:52:4a:16:00:67:3d:ef:fa:36:a5:4f:77:c5:2f:26

  Signer

  Actual PE Digest

  17:87:ed:77:7e:52:4a:16:00:67:3d:ef:fa:36:a5:4f:77:c5:2f:26

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetStdHandle

  VirtualQuery

  GetSystemInfo

  QueryPerformanceFrequency

  HeapQueryInformation

  GetModuleHandleExW

  FreeLibraryAndExitThread

  ExitThread

  CreateThread

  GetCommandLineW

  GetStdHandle

  RtlUnwind

  GetCPInfo

  GetStringTypeW

  LCMapStringEx

  OutputDebugStringW

  GetFileType

  ExitProcess

  LCMapStringW

  IsValidLocale

  EnumSystemLocalesW

  GetTimeZoneInformation

  GetConsoleOutputCP

  GetConsoleMode

  ReadConsoleW

  SetFilePointerEx

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  GetStartupInfoW

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  WaitForSingleObjectEx

  ResetEvent

  GetUserDefaultLCID

  GetTempFileNameW

  FindResourceExW

  Sleep

  GetProfileIntW

  SearchPathW

  GetWindowsDirectoryW

  GetTempPathW

  GetTickCount

  SystemTimeToTzSpecificLocalTime

  GetFileTime

  GetFileSizeEx

  GetFileAttributesExW

  GetFileAttributesW

  FileTimeToLocalFileTime

  SetErrorMode

  VirtualProtect

  FileTimeToSystemTime

  GlobalGetAtomNameW

  VerifyVersionInfoW

  lstrcpyW

  VerSetConditionMask

  lstrcmpiW

  GetCurrentProcess

  DuplicateHandle

  WriteFile

  UnlockFile

  SetFilePointer

  SetEndOfFile

  ReadFile

  LockFile

  GetVolumeInformationW

  GetFullPathNameW

  GetFileSize

  FlushFileBuffers

  FindFirstFileW

  FindClose

  CreateFileW

  GetThreadLocale

  DeleteFileW

  GlobalFlags

  GetUserDefaultUILanguage

  GetSystemDefaultUILanguage

  GetLocaleInfoW

  GetCurrentDirectoryW

  LocalReAlloc

  LocalAlloc

  GlobalHandle

  GlobalReAlloc

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSection

  InitializeCriticalSectionAndSpinCount

  CompareStringW

  GlobalFindAtomW

  LoadLibraryA

  GetSystemDirectoryW

  EncodePointer

  CopyFileW

  FormatMessageW

  MulDiv

  LocalFree

  GlobalSize

  GlobalUnlock

  GetCurrentProcessId

  GlobalAddAtomW

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  ResumeThread

  SetThreadPriority

  CreateEventW

  WaitForSingleObject

  SetEvent

  CloseHandle

  GlobalFree

  WideCharToMultiByte

  MultiByteToWideChar

  lstrcmpW

  lstrcmpA

  GlobalDeleteAtom

  GlobalLock

  GlobalAlloc

  LoadLibraryW

  LoadLibraryExW

  GetProcAddress

  GetModuleHandleW

  GetModuleHandleA

  GetModuleFileNameW

  FreeLibrary

  GetVersionExW

  GetCurrentThreadId

  GetCurrentThread

  SetLastError

  OutputDebugStringA

  GetProcessHeap

  DeleteCriticalSection

  DecodePointer

  GetLastError

  HeapAlloc

  RaiseException

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionEx

  LeaveCriticalSection

  EnterCriticalSection

  HeapFree

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  VirtualAlloc

  GetCommandLineA

  WriteConsoleW

  user32

  SetRectEmpty

  SetLayeredWindowAttributes

  CharUpperW

  DestroyIcon

  GetSysColorBrush

  MessageBeep

  GetNextDlgGroupItem

  IsRectEmpty

  IntersectRect

  SetRect

  InvalidateRgn

  CopyAcceleratorTableW

  OffsetRect

  CharNextW

  KillTimer

  SetTimer

  RealChildWindowFromPoint

  DeleteMenu

  CopyImage

  LoadCursorW

  WindowFromPoint

  ReleaseCapture

  SetCapture

  WaitMessage

  GetMonitorInfoW

  MonitorFromWindow

  WinHelpW

  GetScrollInfo

  SetScrollInfo

  GetTopWindow

  GetClassLongW

  EqualRect

  MapWindowPoints

  AdjustWindowRectEx

  RemovePropW

  GetPropW

  SetPropW

  ShowScrollBar

  GetScrollRange

  SetScrollRange

  GetScrollPos

  SetScrollPos

  ScrollWindow

  RedrawWindow

  SetForegroundWindow

  GetForegroundWindow

  TrackPopupMenu

  SetMenu

  GetMenu

  GetCapture

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  SetWindowPlacement

  GetWindowPlacement

  IsChild

  IsMenu

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  CallWindowProcW

  DefWindowProcW

  GetMessageTime

  GetMessagePos

  RegisterWindowMessageW

  IsDialogMessageW

  SetWindowLongW

  GetWindowTextLengthW

  GetWindowTextW

  SetWindowTextW

  SetFocus

  GetDlgCtrlID

  CheckDlgButton

  MoveWindow

  ShowWindow

  SystemParametersInfoW

  InflateRect

  CopyRect

  GetMenuItemInfoW

  DestroyMenu

  UnhookWindowsHookEx

  PtInRect

  GetWindowRect

  GetSysColor

  ScreenToClient

  ClientToScreen

  EndPaint

  BeginPaint

  ReleaseDC

  GetWindowDC

  GetDC

  TabbedTextOutW

  GrayStringW

  DrawTextExW

  SendDlgItemMessageA

  TrackMouseEvent

  SetClassLongW

  LoadIconW

  GetSystemMenu

  AppendMenuW

  SendMessageW

  DrawTextW

  RemoveMenu

  InsertMenuW

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  GetMenuState

  GetMenuStringW

  GetDesktopWindow

  SetActiveWindow

  GetNextDlgTabItem

  GetDlgItem

  EndDialog

  CreateDialogIndirectParamW

  DestroyWindow

  IsZoomed

  GetAsyncKeyState

  LoadMenuW

  SetWindowRgn

  NotifyWinEvent

  CreatePopupMenu

  GetMenuDefaultItem

  SetMenuDefaultItem

  UpdateLayeredWindow

  EnableScrollBar

  UnionRect

  MonitorFromPoint

  BringWindowToTop

  LoadAcceleratorsW

  IsWindow

  GetClassNameW

  TranslateAcceleratorW

  InsertMenuItemW

  LoadImageW

  UnpackDDElParam

  ReuseDDElParam

  RegisterClipboardFormatW

  EnumDisplayMonitors

  IsIconic

  GetSystemMetrics

  GetClientRect

  DrawIcon

  EnableWindow

  UnregisterClassW

  PostMessageW

  PostQuitMessage

  SetWindowPos

  SetWindowContextHelpId

  GetParent

  GetWindow

  MapDialogRect

  GetFocus

  CheckMenuItem

  EnableMenuItem

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  SetMenuItemInfoW

  LoadBitmapW

  GetMessageW

  TranslateMessage

  DispatchMessageW

  PeekMessageW

  IsWindowVisible

  GetActiveWindow

  GetKeyState

  ValidateRect

  GetCursorPos

  SetWindowsHookExW

  CallNextHookEx

  ShowOwnedPopups

  SetCursor

  IsWindowEnabled

  MessageBoxW

  LockWindowUpdate

  GetWindowLongW

  GetWindowThreadProcessId

  GetLastActivePopup

  DrawStateW

  UpdateWindow

  InvalidateRect

  FillRect

  OpenClipboard

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  CharUpperBuffW

  ModifyMenuW

  CopyIcon

  FrameRect

  PostThreadMessageW

  GetKeyNameTextW

  GetDoubleClickTime

  GetIconInfo

  IsCharLowerW

  MapVirtualKeyExW

  DrawMenuBar

  DefFrameProcW

  DefMDIChildProcW

  TranslateMDISysAccel

  IsClipboardFormatAvailable

  GetUpdateRect

  SubtractRect

  CreateMenu

  HideCaret

  InvertRect

  DestroyCursor

  GetComboBoxInfo

  GetWindowRgn

  SetParent

  SetCursorPos

  DestroyAcceleratorTable

  CreateAcceleratorTableW

  MapVirtualKeyW

  GetKeyboardState

  GetKeyboardLayout

  ToUnicodeEx

  DrawIconEx

  DrawFocusRect

  DrawFrameControl

  DrawEdge

  gdi32

  GetClipBox

  GetObjectType

  GetPixel

  GetViewportExtEx

  GetWindowExtEx

  IntersectClipRect

  LineTo

  PtVisible

  RectVisible

  RestoreDC

  SaveDC

  SelectClipRgn

  ExtSelectClipRgn

  SelectObject

  SelectPalette

  SetBkColor

  SetBkMode

  SetMapMode

  SetLayout

  GetLayout

  SetPolyFillMode

  SetROP2

  SetTextColor

  SetTextAlign

  MoveToEx

  TextOutW

  ExtTextOutW

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  SetWindowOrgEx

  OffsetViewportOrgEx

  OffsetWindowOrgEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  CreateFontIndirectW

  GetTextExtentPoint32W

  GetBkColor

  ExcludeClipRect

  CreateRectRgnIndirect

  GetRgnBox

  CreateCompatibleBitmap

  CreateDIBitmap

  EnumFontFamiliesW

  GetTextCharsetInfo

  GetTextMetricsW

  CombineRgn

  GetMapMode

  PatBlt

  SetRectRgn

  DPtoLP

  CreateRoundRectRgn

  CreateDIBSection

  CreateEllipticRgn

  Ellipse

  CreatePolygonRgn

  Polygon

  Polyline

  RealizePalette

  SetPixel

  StretchBlt

  SetDIBColorTable

  OffsetRgn

  Rectangle

  EnumFontFamiliesExW

  RoundRect

  CreatePalette

  GetPaletteEntries

  GetNearestPaletteIndex

  GetSystemPaletteEntries

  LPtoDP

  ExtFloodFill

  SetPaletteEntries

  FillRgn

  FrameRgn

  GetBoundsRect

  PtInRegion

  GetWindowOrgEx

  GetViewportOrgEx

  SetPixelV

  GetTextFaceW

  Escape

  CreateRectRgn

  CreatePen

  CreateHatchBrush

  CreateCompatibleDC

  BitBlt

  GetDeviceCaps

  CreateDCW

  CopyMetaFileW

  GetObjectW

  GetStockObject

  DeleteObject

  CreateSolidBrush

  CreateBitmap

  GetTextColor

  CreatePatternBrush

  DeleteDC

  msimg32

  TransparentBlt

  AlphaBlend

  winspool.drv

  OpenPrinterW

  DocumentPropertiesW

  ClosePrinter

  advapi32

  RegEnumKeyW

  RegOpenKeyExW

  RegEnumKeyExW

  RegEnumValueW

  RegQueryValueW

  RegCloseKey

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegQueryValueExW

  shell32

  SHGetFileInfoW

  DragQueryFileW

  DragFinish

  SHBrowseForFolderW

  SHAppBarMessage

  SHGetDesktopFolder

  SHGetSpecialFolderLocation

  SHGetPathFromIDListW

  ShellExecuteW

  comctl32

  InitCommonControlsEx

  shlwapi

  PathFindFileNameW

  PathIsUNCW

  StrFormatKBSizeW

  PathStripToRootW

  PathRemoveFileSpecW

  PathFindExtensionW

  uxtheme

  GetThemePartSize

  GetThemeSysColor

  IsAppThemed

  DrawThemeText

  DrawThemeParentBackground

  OpenThemeData

  CloseThemeData

  DrawThemeBackground

  GetThemeColor

  GetCurrentThemeName

  IsThemeBackgroundPartiallyTransparent

  GetWindowTheme

  ole32

  CoRevokeClassObject

  CoRegisterMessageFilter

  OleLockRunning

  OleDestroyMenuDescriptor

  OleTranslateAccelerator

  IsAccelerator

  OleGetClipboard

  CoLockObjectExternal

  RegisterDragDrop

  OleCreateMenuDescriptor

  RevokeDragDrop

  DoDragDrop

  OleIsCurrentClipboard

  OleFlushClipboard

  CoInitializeEx

  OleUninitialize

  OleInitialize

  CoFreeUnusedLibraries

  CoDisconnectObject

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CoGetClassObject

  ReleaseStgMedium

  OleDuplicateData

  CoTaskMemFree

  CoTaskMemAlloc

  CoInitialize

  CoCreateInstance

  CLSIDFromProgID

  CLSIDFromString

  CoCreateGuid

  CoUninitialize

  CreateStreamOnHGlobal

  CreateILockBytesOnHGlobal

  oleaut32

  VarBstrFromDate

  VariantCopy

  LoadTypeLi

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SysStringLen

  OleCreateFontIndirect

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocStringLen

  SysFreeString

  SysAllocString

  SafeArrayDestroy

  oledlg

  OleUIBusyW

  gdiplus

  GdipBitmapLockBits

  GdipCreateBitmapFromScan0

  GdipCreateBitmapFromStream

  GdipGetImagePaletteSize

  GdipGetImagePalette

  GdipGetImagePixelFormat

  GdipBitmapUnlockBits

  GdipGetImageWidth

  GdipGetImageGraphicsContext

  GdipDrawImageRectI

  GdipSetInterpolationMode

  GdipDeleteGraphics

  GdipCreateFromHDC

  GdipCreateBitmapFromHBITMAP

  GdipDisposeImage

  GdipCloneImage

  GdipGetImageHeight

  GdipDrawImageI

  GdiplusShutdown

  GdipAlloc

  GdipFree

  GdiplusStartup

  wininet

  InternetCloseHandle

  HttpQueryInfoW

  InternetOpenUrlA

  InternetReadFile

  InternetOpenW

  oleacc

  LresultFromObject

  CreateStdAccessibleObject

  AccessibleObjectFromWindow

  imm32

  ImmReleaseContext

  ImmGetOpenStatus

  ImmGetContext

  winmm

  PlaySoundW

  Sections

  .text

  Size: 1.5MB - Virtual size: 1.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 350KB - Virtual size: 350KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 24KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1.4MB - Virtual size: 1.4MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 139KB - Virtual size: 138KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ