7c8b509126d0ea82dab217fe3ca189be

Sharing

Copy URL

Twitter E-mail

General

Target

7c8b509126d0ea82dab217fe3ca189be
Size

830KB
MD5

7c8b509126d0ea82dab217fe3ca189be
SHA1

c383e872ce7e826cf1c7473a380ddd0ee2267d59
SHA256

4dd194d5f8fb499deaa1294d5872b4076df6260a29284a17fe11032d094856c4
SHA512

90acfec7d2af5153b04e8f755474d168b6bfd95569a819b05eac5a7766cdd706f08d172b496a307b93c23f4f0950ad9b40a38ef734116b622fde9fceede76121
SSDEEP

12288:7k9s+gHyrgAGYJNf8uIXL9eL2ISZSQ4Yfd75:7kmyrTt8uIXJeLHU9

Score

1^/10

Malware Config

Signatures

Files

7c8b509126d0ea82dab217fe3ca189be
.dll regsvr32 windows:4 windows x64 arch:x64

96983fda4c49886ce5e114f80abacf33

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:0d:94:e2:cc:ae:84:53:66:54:d9:da:f3:9f:ef:1e
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/08/2021, 00:00

Not After

02/08/2022, 23:59

Subject

SERIALNUMBER=42554863,CN=HasCred ApS,O=HasCred ApS,L=Copenhagen,C=DK,1.3.6.1.4.1.311.60.2.1.3=#1302444b,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:e1:91:70:37:32:ce:4e:0e:95:f5:72:ff:32:fa:ed:8a:ad:3b:ac
Signer

Actual PE Digest

f6:e1:91:70:37:32:ce:4e:0e:95:f5:72:ff:32:fa:ed:8a:ad:3b:ac

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

k:\gdi\x64\release\GDI.pdb

Imports

kernel32

GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
LCMapStringA
GetOEMCP
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetACP
GlobalSize
GetCPInfo
Sleep
FlsAlloc
FlsFree
FlsGetValue
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
ExitProcess
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
GetProcessHeap
HeapFree
GetCommandLineA
FlsSetValue
HeapAlloc
GetTickCount
GetVersionExW
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
MoveFileW
GetCurrentDirectoryW
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
FormatMessageW
LocalFree
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalGetAtomNameW
lstrlenA
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
CloseHandle
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
WideCharToMultiByte
CompareStringA
lstrlenW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
CompareStringW
LoadLibraryA
GetLastError
lstrcmpW
MultiByteToWideChar
GetVersionExA
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleA
GetProcAddress
SetLastError
MulDiv
LoadLibraryExA
GetCurrentProcess
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
LCMapStringW

user32

CopyAcceleratorTableW
CharUpperW
DestroyIcon
LockWindowUpdate
GetDCEx
GetMenuItemInfoW
GetMenuStringW
InsertMenuW
RemoveMenu
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
SetMenu
TranslateAcceleratorW
IsZoomed
SetParent
GetSystemMenu
AppendMenuW
DeleteMenu
SetRectEmpty
SetWindowRgn
DrawIcon
IsRectEmpty
FindWindowW
SystemParametersInfoW
DestroyCursor
GetMessageW
TranslateMessage
ValidateRect
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
WindowFromPoint
KillTimer
SetTimer
SetRect
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
CallNextHookEx
GetClassNameW
GetClassLongPtrW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetClientRect
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
RegisterClipboardFormatW
GetTabbedTextExtentA
PostThreadMessageW
SetWindowsHookExW
CreateMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetDC
ReleaseDC
IntersectRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
ShowWindow
SetCursor
SetCapture
LoadCursorW
GetCursorPos
LoadBitmapW
ReleaseCapture
UpdateWindow
GetWindowRect
PtInRect
InvalidateRect
DrawEdge
InflateRect
EnableWindow
CopyRect
SetPropW
UnregisterClassA

gdi32

GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
SetMapMode
DeleteDC
GetStockObject
SelectPalette
GetBkColor
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateDCW
CreateEllipticRgn
LPtoDP
Ellipse
GetTextMetricsW
GetTextExtentPoint32W
GetCharWidthW
CreateFontW
StretchDIBits
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetViewportOrgEx
CreateSolidBrush
SetBkMode
RestoreDC
SaveDC
DPtoLP
DeleteObject
GetDeviceCaps
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreateFontIndirectW
SetBkColor
ExtTextOutW
CreateBitmap
BitBlt
PatBlt
CreateDIBSection
StretchBlt
SetBrushOrgEx
SetPixel
UnrealizeObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
CreatePatternBrush
CreatePen
CreatePalette
SetPaletteEntries
Rectangle
RealizePalette
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW

shell32

DragQueryFileW
ExtractIconW
SHGetFileInfoW
DragFinish

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantClear
SysAllocStringLen
VariantChangeType
VariantInit

Exports

Exports

DllRegisterServer

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96983fda4c49886ce5e114f80abacf33

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:0d:94:e2:cc:ae:84:53:66:54:d9:da:f3:9f:ef:1eCertificate

Extended Key Usages

Key Usages

f6:e1:91:70:37:32:ce:4e:0e:95:f5:72:ff:32:fa:ed:8a:ad:3b:acSigner

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 13KB - Virtual size: 36KB

.pdata Size: 27KB - Virtual size: 26KB

.rsrc Size: 289KB - Virtual size: 289KB

.reloc Size: 17KB - Virtual size: 16KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:0d:94:e2:cc:ae:84:53:66:54:d9:da:f3:9f:ef:1e
Certificate

f6:e1:91:70:37:32:ce:4e:0e:95:f5:72:ff:32:fa:ed:8a:ad:3b:ac
Signer

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 13KB - Virtual size: 36KB

.pdata
Size: 27KB - Virtual size: 26KB

.rsrc
Size: 289KB - Virtual size: 289KB

.reloc
Size: 17KB - Virtual size: 16KB