bb8fce33b3478355c5a6c4f52f6ff83b

Resubmissions

08-03-2024 15:04

240308-sfnzqsaa47 10

Sharing

Copy URL

Twitter E-mail

General

Target

bb8fce33b3478355c5a6c4f52f6ff83b
Size

1.1MB
MD5

bb8fce33b3478355c5a6c4f52f6ff83b
SHA1

81ed80cb69b5c6e65bff71b8c53160a467099475
SHA256

6192163bbb9343a274904093b94d6b12111a88bf24b58cbf9ed2c1463503e022
SHA512

a1f9bad36ff0a866db0aaf918cd70ed235c1bf1679dbadea8a5e2746686e2736833e7fe10d6caec459106e90ad9efdd55ca2b66afb1b2f7c507cd46363cbed69
SSDEEP

24576:UlTshPoDiXbNSXIN6L/Y1ja1zwdY4k2A/QaFcEYZFj:UshPjNSXGic+FwTbA4SR2

Score

1^/10

Malware Config

Signatures

Files

bb8fce33b3478355c5a6c4f52f6ff83b
.exe windows:5 windows x86 arch:x86

d06d9fcfee6847d7784c8b5dcf5f0e1c

Code Sign

41:ec:d1:e9:0b:16:6e:bb:4f:99:62:ad:07:43:df:67
Certificate

Issuer

CN=AGNVGONZ

Not Before

18-12-2018 11:40

Not After

31-12-2039 23:59

Subject

CN=AGNVGONZ

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1e:9c:2f:dd:e2:d8:b0:c7:1f:06:8e:17:36:79:0b:b8:91:5d:48:ce:1f:b6:8f:b9:a2:66:b9:ec:fa:73:9a:1f
Signer

Actual PE Digest

1e:9c:2f:dd:e2:d8:b0:c7:1f:06:8e:17:36:79:0b:b8:91:5d:48:ce:1f:b6:8f:b9:a2:66:b9:ec:fa:73:9a:1f

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
LocalReAlloc
MoveFileA
MulDiv
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
RaiseException
ReadFile
RtlUnwind
SearchPathW
SetConsoleTitleA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
LoadLibraryW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerLanguageNameW
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
_lclose
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
VirtualAllocEx
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
IsBadCodePtr
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalLock
GlobalGetAtomNameW
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetTimeZoneInformation
GetTickCount
GetTempFileNameA
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProfileStringW
GetProfileIntW
GetProfileIntA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLogicalDriveStringsA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFileType
GetFileInformationByHandle
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FileTimeToSystemTime
CallNamedPipeW
FileTimeToLocalFileTime
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateFileW
CreateFileA
CreateEventW
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
TerminateProcess

user32

SetParent
SetRect
SetRectEmpty
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
SetWindowsHookW
ShowCursor
ShowWindow
SystemParametersInfoW
ToUnicodeEx
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHook
UnregisterDeviceNotification
UpdateWindow
ValidateRect
WinHelpW
wsprintfA
wsprintfW
CountClipboardFormats
CharNextW
EndMenu
GetWindowTextLengthW
IsCharLowerW
IsCharUpperA
OpenIcon
CharUpperW
IsCharUpperW
LoadImageW
LoadIconW
LoadCursorW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDlgButtonChecked
IsCharAlphaW
IsCharAlphaNumericW
InvertRect
InvalidateRect
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
SetMenu
GetSysColor
GetSubMenu
GetParent
GetMessageW
GetMessagePos
GetMenuItemCount
GetMenu
GetKeyState
GetFocus
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetClientRect
GetClassNameW
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FillRect
EqualRect
EnumDisplaySettingsW
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawMenuBar
DrawIcon
DrawAnimatedRects
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DeferWindowPos
DefWindowProcW
CreateWindowExW
CreateMenu
CreateCursor
CopyRect
CopyAcceleratorTableW
ClientToScreen
CheckRadioButton
CheckMenuItem
CheckDlgButton
CharPrevW
CharLowerBuffW
CallWindowProcW
BringWindowToTop
BeginPaint
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemInt
SetDebugErrorLevel
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterDeviceNotificationW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MsgWaitForMultipleObjects
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
LoadStringW
GetSystemMetrics
LoadMenuW
BeginDeferWindowPos
AdjustWindowRect
IntersectRect

gdi32

CreatePen
CreateSolidBrush
DeleteDC
DeleteMetaFile
DeleteObject
EngCreatePalette
EngMultiByteToUnicodeN
EngQueryLocalTime
ExcludeClipRect
FillRgn
GdiGetCharDimensions
GetBitmapDimensionEx
GetBkMode
GetCharABCWidthsW
GetCharWidthA
GetDIBits
GetDeviceCaps
GetFontResourceInfoW
GetObjectW
GetPaletteEntries
GetROP2
GetStockObject
GetSystemPaletteEntries
GetSystemPaletteUse
GetTextExtentPoint32W
LineTo
MoveToEx
PatBlt
CreatePatternBrush
Polygon
RealizePalette
Rectangle
ResetDCA
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDeviceGammaRamp
SetMapMode
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
bInitSystemAndFontsDirectoriesW
GetPolyFillMode
GetBkColor
BeginPath
CreatePalette
CreateMetaFileW
CreateHalftonePalette
CreateFontIndirectW
CreateEllipticRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileW
CopyEnhMetaFileA
CloseMetaFile
PolyBezier
AddFontMemResourceEx

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueW
RegCreateKeyW

shell32

ExtractIconW
ShellExecuteEx
ShellAboutW
SHPathPrepareForWriteW
CommandLineToArgvW
DoEnvironmentSubstA
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconExW
ExtractIconExA
ExtractIconExW
WOWShellExecute
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateProcessAsUserW
SHFileOperationA
SHFileOperationW
SHGetDataFromIDListA
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderPathA
SHInvokePrinterCommandW
SHLoadNonloadedIconOverlayIdentifiers

shlwapi

StrCmpNIW
StrRStrIA
StrChrIW
StrStrIA

comctl32

CreateStatusWindowW
CreateToolbarEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 996KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

d06d9fcfee6847d7784c8b5dcf5f0e1c

Code Sign

41:ec:d1:e9:0b:16:6e:bb:4f:99:62:ad:07:43:df:67Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

1e:9c:2f:dd:e2:d8:b0:c7:1f:06:8e:17:36:79:0b:b8:91:5d:48:ce:1f:b6:8f:b9:a2:66:b9:ec:fa:73:9a:1fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 1024B - Virtual size: 996KB

41:ec:d1:e9:0b:16:6e:bb:4f:99:62:ad:07:43:df:67
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

1e:9c:2f:dd:e2:d8:b0:c7:1f:06:8e:17:36:79:0b:b8:91:5d:48:ce:1f:b6:8f:b9:a2:66:b9:ec:fa:73:9a:1f
Signer

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 1024B - Virtual size: 996KB