f98001f383bb6822b894cc6563804e1a669470b7a37c99ae334fbad3068c2570

Sharing

Copy URL Twitter E-mail

General

Target

f98001f383bb6822b894cc6563804e1a669470b7a37c99ae334fbad3068c2570
Size

3.7MB
MD5

6bcc12650d667a7c94cc6ee990e17acb
SHA1

eb32455604cb3cde4dbdc996c85e4e730cc6b77b
SHA256

f98001f383bb6822b894cc6563804e1a669470b7a37c99ae334fbad3068c2570
SHA512

abe19b13df6b7873ca0559aa3ae1bf2f9972322fdd6f38d68ec45c08574e0f47c9ab515cfc15d5a3f817af04b097f15c052d0a50ed4bdbd1f8288f053323700b
SSDEEP

98304:1+1xtl6DDAmNSItDSQePn3LZCYzIz913/dSWdov9YSvYv0Nu147L+2KLe89ny2Zj:1IHor8vPSz913pielgst/r

Score

1^/10

Malware Config

Signatures

Files

f98001f383bb6822b894cc6563804e1a669470b7a37c99ae334fbad3068c2570
.exe windows:6 windows x86 arch:x86

61daf234b2b2655a89539430880d1a9a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4b:e0:22:19:8e:63:37:22:02:ca:13:a2:b4:1a:cd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/10/2023, 00:00

Not After

08/10/2024, 23:59

Subject

CN=FUKUI COMPUTER HOLDINGS\, Inc.,OU=Developers Division,O=FUKUI COMPUTER HOLDINGS\, Inc.,L=FUKUI-SHI,ST=FUKUI,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:cc:6c:28:cf:a7:c9:1b:f0:ed:ca:a6:0b:de:67:1a:a0:42:61:15:ae:b0:1f:b4:b3:af:d2:71:99:ef:49:78
Signer

Actual PE Digest

b3:cc:6c:28:cf:a7:c9:1b:f0:ed:ca:a6:0b:de:67:1a:a0:42:61:15:ae:b0:1f:b4:b3:af:d2:71:99:ef:49:78

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

msi

ord112

psapi

EnumProcessModules
GetModuleFileNameExA
EnumProcesses

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetDriveTypeW
GetStringTypeW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
SetUnhandledExceptionFilter
ResetEvent
GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
GetFileType
SetStdHandle
GetFullPathNameW
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
TerminateProcess
UnhandledExceptionFilter
CreateEventW
GetUserDefaultLCID
GetProfileIntA
GetTickCount
SearchPathA
FindResourceExW
GetCPInfo
GetOEMCP
VirtualProtect
GetACP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetFileTime
GetFileSizeEx
WaitForSingleObjectEx
GetFileAttributesExA
GetFileAttributesA
LocalAlloc
GetPrivateProfileIntA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
FreeResource
GetThreadLocale
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
CreateFileA
GetCurrentProcessId
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FormatMessageA
MulDiv
GlobalSize
CompareStringA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetCurrentThreadId
GetCurrentThread
SetLastError
OutputDebugStringA
SetEvent
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
ReleaseMutex
CreateMutexA
QueryFullProcessImageNameA
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
GetSystemWow64DirectoryA
VerifyVersionInfoA
VerSetConditionMask
GetVersionExA
MultiByteToWideChar
GetFullPathNameA
SetFileAttributesA
GetTempPathA
DeleteFileA
RemoveDirectoryA
GetEnvironmentVariableA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetCurrentProcess
LocalFree
ExitThread
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateThread
GetSystemDirectoryA
SetThreadExecutionState
GetSystemPowerStatus
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceA
lstrcmpA
FreeLibrary
GetVolumeInformationA
GetDriveTypeA
SetErrorMode
GetLogicalDrives
GetProcAddress
LoadLibraryA
GetModuleHandleA
lstrcpyA
GetPrivateProfileStringA
MoveFileExA
CopyFileA
GetModuleFileNameA
Sleep
lstrcatA
CloseHandle
OpenProcess
WritePrivateProfileStringA
GetDiskFreeSpaceExA
GetComputerNameA
GlobalMemoryStatusEx
FindResourceW
LoadResource
WriteConsoleW
LockResource
SizeofResource
WideCharToMultiByte
GetTempFileNameA
CreateDirectoryA
GetWindowsDirectoryA
lstrlenA
lstrcmpiA
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
GetCurrentDirectoryW

user32

LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
DeleteMenu
CopyImage
IntersectRect
InflateRect
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
MapDialogRect
SetWindowContextHelpId
SystemParametersInfoA
MessageBeep
IsZoomed
SetRectEmpty
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetClassNameA
GetClassLongA
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
DestroyMenu
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsIconic
SetWindowPlacement
GetWindowPlacement
SetWindowPos
LoadAcceleratorsW
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
FillRect
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
GetMenuItemInfoA
TrackMouseEvent
DestroyIcon
LoadImageW
EnumChildWindows
GetSysColor
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
CharUpperA
GetLastActivePopup
IsWindowEnabled
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
LoadCursorW
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
SetParent
MonitorFromPoint
SetLayeredWindowAttributes
GetMenuStringA
PostQuitMessage
CallNextHookEx
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
IsRectEmpty
LoadMenuW
GetSystemMenu
SetWindowRgn
NotifyWinEvent
ModifyMenuA
GetKeyboardLayout
GetKeyboardState
SetForegroundWindow
RegisterClipboardFormatA
LockWindowUpdate
SetClassLongA
InvalidateRgn
SetRect
GetNextDlgGroupItem
GetMenuDefaultItem
DrawFocusRect
GetWindowRgn
DestroyCursor
GetSystemMetrics
GetTopWindow
GetWindowLongA
GetWindowThreadProcessId
IsWindow
GetWindow
GetParent
EnableWindow
LoadIconW
GetWindowRect
SendMessageA
IsWindowVisible
wsprintfA
LoadIconA
KillTimer
SetTimer
CopyRect
InvalidateRect
LoadBitmapW
GetClientRect
GetCursorPos
ScreenToClient
PostMessageA
SetWindowLongA
CallWindowProcA
BeginDeferWindowPos
OffsetRect
DeferWindowPos
EndDeferWindowPos
SetActiveWindow
ExitWindowsEx
GetAsyncKeyState
MessageBoxA
UnregisterClassA
CharNextA
CreateMenu
GetDoubleClickTime
PostThreadMessageA
SetWindowsHookExA
UnhookWindowsHookEx
ToAsciiEx
GetComboBoxInfo
GetUpdateRect
SubtractRect
MapVirtualKeyExA
IsCharLowerA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
IsClipboardFormatAvailable
SetMenuDefaultItem
UpdateLayeredWindow
CharUpperBuffA
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
IsChild
DrawIconEx

gdi32

SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
RestoreDC
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
Rectangle
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceA
SetPixelV
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
DeleteDC
StretchBlt
CreateCompatibleDC
PatBlt
CreateFontIndirectA
GetObjectA
GetTextCharsetInfo
DeleteObject
GetStockObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

FreeSid
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
GetUserNameA
EqualSid
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

SHAppBarMessage
SHGetSpecialFolderPathA
SHGetFolderPathA
ShellExecuteA
SHCreateDirectoryExA
SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
DragQueryFileA
SHBrowseForFolderA
SHGetDesktopFolder
DragFinish

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

UrlUnescapeA
PathCombineA
PathFileExistsA
PathIsDirectoryA
PathFindExtensionA
PathFindFileNameA
PathRemoveBackslashA
PathAppendA
PathIsUNCA
StrFormatKBSizeA
PathRemoveFileSpecW
PathStripToRootA

uxtheme

IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetWindowTheme
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetThemeSysColor

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoInitializeEx

oleaut32

VariantCopy
VarBstrFromDate
LoadTypeLi
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
VariantTimeToSystemTime
VariantInit
SystemTimeToVariantTime
SysStringLen
VariantChangeType
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
VariantClear

oledlg

ord8

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageBounds
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromStreamICM
GdipDisposeImage

crypt32

CryptUnprotectData
CryptProtectData

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionA
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61daf234b2b2655a89539430880d1a9a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:4b:e0:22:19:8e:63:37:22:02:ca:13:a2:b4:1a:cdCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

b3:cc:6c:28:cf:a7:c9:1b:f0:ed:ca:a6:0b:de:67:1a:a0:42:61:15:ae:b0:1f:b4:b3:af:d2:71:99:ef:49:78Signer

Headers

DLL Characteristics

File Characteristics

Imports

version

msi

psapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

crypt32

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 399KB - Virtual size: 399KB

.data Size: 26KB - Virtual size: 43KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 157KB - Virtual size: 157KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:4b:e0:22:19:8e:63:37:22:02:ca:13:a2:b4:1a:cd
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

b3:cc:6c:28:cf:a7:c9:1b:f0:ed:ca:a6:0b:de:67:1a:a0:42:61:15:ae:b0:1f:b4:b3:af:d2:71:99:ef:49:78
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 399KB - Virtual size: 399KB

.data
Size: 26KB - Virtual size: 43KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 157KB - Virtual size: 157KB