884ba88f80bde206896f5ed9ecd452f2ca7a885a5064bcb5d7df4eb0f6269c24[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

884ba88f80bde206896f5ed9ecd452f2ca7a885a5064bcb5d7df4eb0f6269c24.exe
Size

874KB
MD5

64eb5832cbdbc22f6fb677d42641291d
SHA1

c29e096f0005a162632c75884bf2047dd13ce361
SHA256

884ba88f80bde206896f5ed9ecd452f2ca7a885a5064bcb5d7df4eb0f6269c24
SHA512

e0accbfdd083e4b02880ac9a21e1eb52b94f7a8df18ae13f799d667fb0cf3ad8179a2d6b5c6a30ee7090c346b2a33fc4eaa21adfc49c841e5fd6be5f8990c0bb
SSDEEP

12288:9hQWpjqjhO0l8IuoJvzIv9Xmquu9P5hZCzG6O9aGDy0nUR9Bp:9hHjqN3lw1vuIzEGD2V9j

Score

1^/10

Malware Config

Signatures

Files

884ba88f80bde206896f5ed9ecd452f2ca7a885a5064bcb5d7df4eb0f6269c24.exe
.exe windows:4 windows x86 arch:x86

79deb108485263c702fce28883598d47

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27-07-2023 09:33

Not After

27-07-2024 09:33

Subject

SERIALNUMBER=15.06.2017,CN=Nenad Hrg,O=Nenad Hrg,STREET=Edelweissstrasse 104,L=Taufkirchen,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c16737570706f727440736f6674776172656f6b2e636f6d,1.3.6.1.4.1.311.60.2.1.1=#130b546175666b69726368656e,1.3.6.1.4.1.311.60.2.1.2=#130642617965726e,1.3.6.1.4.1.311.60.2.1.3=#13024445,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:d4:ac:53:92:03:cf:58:67:d5:98:68:61:b5:89:b8:77:1e:cb:e5:c4:c9:29:ce:e1:af:c8:5b:6b:d1:55:02
Signer

Actual PE Digest

67:d4:ac:53:92:03:cf:58:67:d5:98:68:61:b5:89:b8:77:1e:cb:e5:c4:c9:29:ce:e1:af:c8:5b:6b:d1:55:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
VirtualAlloc
VirtualFree
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory
CreateProcessW
lstrcpynW
GetExitCodeProcess
ExitProcess
WaitForSingleObject
FindFirstFileW
InterlockedExchange
SetEnvironmentVariableA
GetOEMCP
GetACP
SetEndOfFile
RaiseException
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FormatMessageW
LCMapStringW
LCMapStringA
LoadLibraryA
CompareStringW
CompareStringA
SetFilePointer
HeapSize
IsBadWritePtr
HeapCreate
GetEnvironmentVariableA
GetModuleFileNameA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TerminateProcess
RtlUnwind
GetSystemTime
HeapReAlloc
HeapAlloc
HeapFree
GetVersion
GetStartupInfoW
GetModuleHandleA
LocalFree
GlobalSize
GetCurrentDirectoryW
GetFileAttributesW
GetLogicalDriveStringsW
GetDriveTypeW
RemoveDirectoryW
SetFileAttributesW
GlobalMemoryStatus
lstrcmpiW
OpenProcess
GetWindowsDirectoryW
GetComputerNameW
CreateDirectoryW
GetUserDefaultLangID
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
EnumDateFormatsW
EnumTimeFormatsW
GetLocaleInfoW
SystemTimeToFileTime
FileTimeToSystemTime
DeleteFileW
GetFileSize
ReadFile
lstrcatW
CopyFileW
CreateFileW
WriteFile
WideCharToMultiByte
GetModuleFileNameW
GlobalReAlloc
SizeofResource
FreeLibrary
GetModuleHandleW
GetVersionExA
OutputDebugStringW
HeapDestroy
CreateMutexW
GetLastError
CloseHandle
LoadLibraryW
GetProcAddress
GetLocalTime
CreateThread
Sleep
TerminateThread
GetVersionExW
GetCurrentProcessId
GetCurrentProcess
FlushInstructionCache
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
GetCurrentThreadId
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
FindResourceW
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
lstrcpyW
MultiByteToWideChar
lstrlenA
InterlockedDecrement
lstrlenW
GetTempPathW
InterlockedIncrement
GetCPInfo
GetTimeZoneInformation

user32

SetDlgItemInt
RegisterClipboardFormatW
EmptyClipboard
MoveWindow
LoadIconW
GetForegroundWindow
IsZoomed
SetWindowPlacement
EnableMenuItem
DrawIconEx
GetClassLongW
GetSystemMenu
InsertMenuW
DeleteMenu
CheckMenuItem
EnableWindow
SetActiveWindow
SetForegroundWindow
CascadeWindows
TileWindows
GetCursor
GetAsyncKeyState
DialogBoxParamW
LoadMenuW
EnumDisplaySettingsW
FindWindowW
CopyIcon
SetCursor
keybd_event
SendDlgItemMessageW
SetDlgItemTextW
EnumDisplayMonitors
CopyRect
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
ClientToScreen
GetDlgItem
GetParent
EndDialog
SetWindowPos
MapWindowPoints
GetWindowPlacement
FindWindowExW
EnumChildWindows
CreatePopupMenu
AppendMenuW
GetCursorPos
TrackPopupMenu
CreateDialogParamW
EnumWindows
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
SetRect
SendMessageTimeoutW
LoadStringW
SwitchDesktop
CreateDesktopW
OpenDesktopW
GetUserObjectInformationW
GetDlgItemInt
GetDlgItemTextW
DrawAnimatedRects
GetKeyboardState
SetCursorPos
SetPropW
GetThreadDesktop
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
GetWindowLongW
SendMessageW
ReleaseDC
GetDC
LoadBitmapW
ShowWindow
KillTimer
IsRectEmpty
RedrawWindow
SetTimer
SetWindowLongW
SetParent
SetWindowTextW
MonitorFromPoint
GetMonitorInfoW
TrackPopupMenuEx
ModifyMenuW
OffsetRect
GetSysColorBrush
GetSubMenu
PeekMessageW
PtInRect
CallNextHookEx
GetSystemMetrics
GetWindowDC
DrawTextW
GetMessagePos
WindowFromPoint
ScreenToClient
UpdateWindow
GetKeyState
GetActiveWindow
GetWindowThreadProcessId
CharLowerW
LoadImageW
PostQuitMessage
IsDialogMessageW
IsChild
GetFocus
CreateDialogIndirectParamW
RegisterClassExW
LoadCursorW
GetClassInfoExW
RegisterWindowMessageW
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW
GetSysColor
SetFocus
CallWindowProcW
EndPaint
FillRect
BeginPaint
IsWindow
GetDesktopWindow
CreateAcceleratorTableW
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
DestroyWindow
GetClassNameW
wsprintfW
CreateWindowExW
CharNextW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
MessageBeep
PostMessageW
UnhookWindowsHookEx
SetWindowsHookExW
IsWindowVisible
DestroyMenu

gdi32

SetDIBitsToDevice
SetStretchBltMode
StretchBlt
Rectangle
GetCurrentObject
GetPixel
CreatePen
SetROP2
RestoreDC
SaveDC
GetTextExtentPointW
Ellipse
OffsetWindowOrgEx
MoveToEx
LineTo
CreateBitmap
CreatePatternBrush
SetTextColor
SetBkMode
GetStockObject
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
GetObjectW
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkColor
ExtTextOutW
CreateDCW
CreateEnhMetaFileW
CloseEnhMetaFile
SelectPalette
RealizePalette
GetClipBox
GetDIBits
SetPixel
DeleteObject
PatBlt
CreateFontIndirectW
BitBlt
DeleteDC

comdlg32

ChooseColorW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegDeleteValueW
CryptCreateHash
CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptGetHashParam
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyW
GetTokenInformation
RegEnumKeyExW
RegDeleteKeyW
GetUserNameW
OpenProcessToken
RegQueryValueExW

shell32

SHGetMalloc
SHGetFileInfoW
ord25
SHFileOperationW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ord155
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetSettings
ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage

ole32

CoSetProxyBlanket
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
ReleaseStgMedium
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SysAllocStringLen
SysAllocString
VariantClear
SysStringLen
OleCreateFontIndirect
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantInit
SafeArrayDestroy
DispCallFunc
VarRound
SysFreeString

comctl32

ImageList_GetImageCount
ImageList_Draw
InitCommonControlsEx
ord17
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_LoadImageW

gdiplus

GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateHICONFromBitmap
GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromScan0
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGetImageHeight

winmm

mixerClose
mixerGetNumDevs
waveOutOpen
mixerGetID
waveOutClose
PlaySoundW
timeGetTime
mixerOpen
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
mixerSetControlDetails

Sections

.text
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79deb108485263c702fce28883598d47

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87Certificate

Extended Key Usages

Key Usages

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

67:d4:ac:53:92:03:cf:58:67:d5:98:68:61:b5:89:b8:77:1e:cb:e5:c4:c9:29:ce:e1:af:c8:5b:6b:d1:55:02Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

winmm

Sections

.text Size: 328KB - Virtual size: 324KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 292KB - Virtual size: 477KB

.rsrc Size: 220KB - Virtual size: 217KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87
Certificate

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

67:d4:ac:53:92:03:cf:58:67:d5:98:68:61:b5:89:b8:77:1e:cb:e5:c4:c9:29:ce:e1:af:c8:5b:6b:d1:55:02
Signer

.text
Size: 328KB - Virtual size: 324KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 292KB - Virtual size: 477KB

.rsrc
Size: 220KB - Virtual size: 217KB