MicTray64[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

MicTray64.exe
Size

2.8MB
MD5

b8732427fca69c3e71f4364efdd4e432
SHA1

c43d2d4dfbc710974d1fae912f6bd19687934e6d
SHA256

cbf7b3a4733b741f0143b9a9ee9878ed741c68085432fd2b05c25d4090ee31ed
SHA512

2fa03e0c815f717ec36c38a992a3f9e4a79655844c7966d3f4820083c3e63f6c482a6a9822836bb05dcd407180382067b6f6e4d73993634317286e0d07ee38c4
SSDEEP

49152:Vab4McME2xIOeuWST8q9khECVewgrARVxgdpzUaSL/lz3SHnwF8u:li0hpgrAxm1UaSLN3SHnfu

Score

1^/10

Malware Config

Signatures

Files

MicTray64.exe
.exe windows:6 windows x64 arch:x64

bcfaad62923d784e164ddbf5869051c0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5d:79:70:5f:bf:30:6c:85:64:2b:b8:6f:3f:c8:20:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

09/06/2017, 00:00

Not After

10/07/2019, 23:59

Subject

CN=Conexant Systems LLC,O=Conexant Systems LLC,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:2e:bc:53:34:24:c3:3e:8f:3b:80:3e:3f:b6:a9:fb:22:44:3b:ad
Signer

Actual PE Digest

59:2e:bc:53:34:24:c3:3e:8f:3b:80:3e:3f:b6:a9:fb:22:44:3b:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW

hid

HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetInputReport
HidD_GetHidGuid
HidP_GetCaps
HidD_GetAttributes

kernel32

IsDebuggerPresent
GetStartupInfoW
GetUserDefaultLCID
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetACP
GetSystemTimeAsFileTime
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
LCMapStringW
SwitchToThread
GetStringTypeW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
FindResourceExW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
GetCurrentDirectoryW
FileTimeToSystemTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
TerminateProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
GlobalGetAtomNameW
GetCurrentProcessId
WideCharToMultiByte
CopyFileW
FormatMessageW
GlobalFree
GlobalSize
GlobalAlloc
CompareStringW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
SetUnhandledExceptionFilter
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetModuleHandleExW
FreeResource
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
MulDiv
GlobalUnlock
GlobalLock
K32GetModuleBaseNameW
K32EnumProcessModules
K32EnumProcesses
OpenProcess
MultiByteToWideChar
lstrcmpiW
LoadLibraryExW
GetTickCount
GetPriorityClass
GetCurrentProcess
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
GetCurrentThreadId
SetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetVersion
CreateThread
WaitForMultipleObjects
Sleep
CreateMutexW
ReleaseMutex
SetEvent
InitializeCriticalSectionEx
RaiseException
LocalFree
LocalAlloc
ResetEvent
CancelIo
GetOverlappedResult
WriteFile
ReadFile
FindResourceW
SizeofResource
LockResource
LoadResource
CreateEventW
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
CreateFileW
lstrcpyW
GetModuleFileNameW
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GetLastError
CloseHandle
DeleteFileW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GlobalReAlloc
WriteConsoleW
GetConsoleCP
RtlUnwind

user32

ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
DrawIcon
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowRgn
SetClassLongPtrW
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
LockWindowUpdate
SetCapture
SetRect
WindowFromPoint
TrackMouseEvent
CharUpperW
SetParent
DeleteMenu
GetSystemMenu
IsRectEmpty
UnionRect
MapVirtualKeyW
GetKeyNameTextW
MapDialogRect
GetAsyncKeyState
SendDlgItemMessageA
CopyImage
GetSysColorBrush
RealChildWindowFromPoint
ShowOwnedPopups
TranslateMessage
GetMessageW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
ReuseDDElParam
GetKeyboardState
OffsetRect
IntersectRect
SetRectEmpty
SetCursor
InvalidateRect
InsertMenuItemW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
GetActiveWindow
BringWindowToTop
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
CreateAcceleratorTableW
EnableWindow
LoadCursorW
MessageBoxW
RegisterDeviceNotificationW
SetScrollInfo
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
DestroyAcceleratorTable
CopyAcceleratorTableW
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
UnpackDDElParam
UnregisterDeviceNotification
IsWindow
EnumDisplaySettingsW
RegisterHotKey
UnregisterHotKey
SendMessageW
PostMessageW
PostQuitMessage
UnregisterClassW
SetTimer
KillTimer
CopyRect
FindWindowW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterWindowMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
ScrollWindow
GetSystemMetrics
LoadMenuW
GetSubMenu
TrackPopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
SetForegroundWindow
GetDC
ReleaseDC
GetCursorPos
GetWindowLongPtrW
SetWindowLongPtrW
GetDesktopWindow
LoadIconW
DestroyIcon
LoadImageW
AttachThreadInput
SetWindowPos
CharNextW
SetFocus
UpdateWindow
SetActiveWindow
GetForegroundWindow
GetWindowThreadProcessId
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
RegisterClassW
GetClassInfoW
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
GetKeyState
GetCapture
GetMenu
SetMenu
GetMenuItemID
GetMenuItemCount
ValidateRect
RedrawWindow

gdi32

CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
GetBkColor
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDCW
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
CreateRoundRectRgn
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
StartServiceW
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
GetUserNameW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumKeyExW
RegEnumValueW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

shell32

SHAppBarMessage
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

GetThemePartSize
GetWindowTheme
GetCurrentThemeName
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
IsAppThemed
GetThemeSysColor

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoTaskMemRealloc
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
StringFromGUID2
CoTaskMemAlloc
PropVariantClear
CLSIDFromString
StringFromCLSID
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
SysFreeString
VariantInit
VariantCopy
VarBstrFromDate
VariantChangeType
SysAllocStringLen
VarUI4FromStr

winmm

PlaySoundW
timeGetTime

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI
GdipCreateFromHDC
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromScan0

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 724KB - Virtual size: 723KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcfaad62923d784e164ddbf5869051c0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

5d:79:70:5f:bf:30:6c:85:64:2b:b8:6f:3f:c8:20:31Certificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

59:2e:bc:53:34:24:c3:3e:8f:3b:80:3e:3f:b6:a9:fb:22:44:3b:adSigner

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

winmm

oleacc

gdiplus

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 724KB - Virtual size: 723KB

.data Size: 30KB - Virtual size: 85KB

.pdata Size: 89KB - Virtual size: 89KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 60KB - Virtual size: 60KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

5d:79:70:5f:bf:30:6c:85:64:2b:b8:6f:3f:c8:20:31
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

59:2e:bc:53:34:24:c3:3e:8f:3b:80:3e:3f:b6:a9:fb:22:44:3b:ad
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 724KB - Virtual size: 723KB

.data
Size: 30KB - Virtual size: 85KB

.pdata
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 60KB - Virtual size: 60KB