d82288d680f26b9119ca148c7af679f2ec4dd473ccde1a6546d77d2e407056d2

Sharing

Copy URL

Twitter E-mail

General

Target

d82288d680f26b9119ca148c7af679f2ec4dd473ccde1a6546d77d2e407056d2
Size

647KB
MD5

9502534f46933d8bc8091843fefcfdac
SHA1

93c295188d2e7631b99ff67e214d5c4e876728f9
SHA256

d82288d680f26b9119ca148c7af679f2ec4dd473ccde1a6546d77d2e407056d2
SHA512

0f9be58fd7e8f97b397383657eb313eafac3277a500becb76c4c090a0184b8440b9720e301333e5ba30ebc9d3d7c782716dcb1e61a389f35ece4510ab40d23fa
SSDEEP

12288:DoioVKkHKAxBKiXP5ghx9XuIF4MRGn/usTs8Ijfdn:sXVgAxBbuznF8usTNIjVn

Score

1^/10

Malware Config

Signatures

Files

d82288d680f26b9119ca148c7af679f2ec4dd473ccde1a6546d77d2e407056d2
.exe windows:4 windows x86 arch:x86

f3edf686b0a858072e92e6c35a98b372

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:fd:65:e8:81:21:d8:9d:03:41:86:08:36:1d:31:6a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12-08-2022 00:00

Not After

06-11-2024 23:59

Subject

CN=EUROFLUXO - SUPORTE A NOVAS TECNOLOGIAS\, UNIPESSOAL LDA,O=EUROFLUXO - SUPORTE A NOVAS TECNOLOGIAS\, UNIPESSOAL LDA,L=Vila Nova de Gaia,ST=Porto,C=PT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:f1:ec:1e:51:f5:91:9b:32:ac:e9:8c:dc:70:e1:4d:18:54:c4:74:a8:df:63:c1:5d:68:a8:e5:d4:7c:31:19
Signer

Actual PE Digest

39:f1:ec:1e:51:f5:91:9b:32:ac:e9:8c:dc:70:e1:4d:18:54:c4:74:a8:df:63:c1:5d:68:a8:e5:d4:7c:31:19

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringA
FileTimeToLocalFileTime
FindNextFileA
GetCPInfo
GetOEMCP
FindResourceExA
SetErrorMode
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnlockFile
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
SetEnvironmentVariableA
HeapSize
GetACP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
WaitForSingleObject
VirtualProtect
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcmpW
RaiseException
LocalAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
SetVolumeLabelA
GetDiskFreeSpaceExA
GetDriveTypeA
MoveFileA
FindFirstFileA
FindClose
SetFileTime
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
DeleteFileA
LocalFree
DeleteTimerQueueEx
CreateTimerQueueTimer
CreateTimerQueue
DeleteTimerQueueTimer
GetSystemDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
CreateThread
Sleep
SetLastError
GetTickCount
ReadFile
GetFileSize
FreeResource
LoadLibraryExA
GetLocaleInfoA
GetCurrentThread
GetProcAddress
FreeLibrary
lstrcmpA
ConvertDefaultLocale
GlobalDeleteAtom
EnumResourceLanguagesA
GetVersionExA
GetFileTime
FormatMessageA
LeaveCriticalSection
GlobalLock
FileTimeToSystemTime
CloseHandle
GlobalFree
VirtualQuery
GlobalAlloc
GetModuleHandleA
EnterCriticalSection
CreateFileA
InitializeCriticalSection
GlobalUnlock
GetModuleFileNameA
SetFilePointer
GetCurrentThreadId
WriteFile
DeleteCriticalSection
GetTempPathA
LoadLibraryA
MulDiv
WideCharToMultiByte
CompareStringA
InterlockedExchange
SizeofResource
LoadResource
FindResourceA
GetVersion
lstrlenA
MultiByteToWideChar
CompareStringW
LockResource
GetLastError
UnhandledExceptionFilter

user32

TranslateMessage
GetMessageA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
WindowFromPoint
GetSysColorBrush
UnregisterClassA
TabbedTextOutA
GetMenuState
GetMenuStringA
DestroyMenu
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetPropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
GetMenu
GetSubMenu
GetMenuItemID
CreateWindowExA
GetClassInfoExA
ValidateRect
RegisterClassA
AdjustWindowRectEx
ScreenToClient
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
SetWindowPos
IsIconic
GetWindowPlacement
GetWindow
GetMonitorInfoA
PeekMessageA
MonitorFromWindow
SetActiveWindow
DrawMenuBar
GetKeyState
RemoveMenu
InsertMenuA
ModifyMenuA
LoadIconA
GetSystemMenu
CheckMenuItem
CreatePopupMenu
AppendMenuA
UpdateWindow
DrawEdge
GetCursorPos
TrackMouseEvent
SetWindowTextA
SetPropA
RemovePropA
EnumWindows
ReleaseDC
GetDesktopWindow
LoadBitmapA
GetDC
GetClassNameA
IsWindowVisible
GetWindowLongA
PostMessageA
PostQuitMessage
wvsprintfA
MessageBoxA
SetWindowLongA
ShowCaret
SetTimer
HideCaret
KillTimer
RedrawWindow
LoadCursorA
GetParent
InvalidateRect
InflateRect
MessageBeep
SetCapture
GetWindowRect
GetActiveWindow
MapDialogRect
GetAsyncKeyState
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
GetWindowThreadProcessId
EndPaint
IsWindow
SendMessageW
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
GetClassInfoA
DrawTextExA
GetClientRect
PtInRect
DestroyIcon
EnableWindow
DrawTextA
GetFocus
ReleaseCapture
SetCursor
OffsetRect
DrawIconEx
CopyRect
FillRect
SystemParametersInfoA
GetSystemMetrics
GetDlgItem
GetSysColor
SendMessageA
EnumChildWindows
GetMenuItemCount
CharUpperA
CallWindowProcA

gdi32

LineTo
MoveToEx
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ExcludeClipRect
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
EnumFontFamiliesExA
GetDeviceCaps
ExtTextOutA
SetTextColor
GetClipBox
SetBkMode
RestoreDC
SaveDC
SetBkColor
CreateCompatibleBitmap
DeleteObject
DPtoLP
SelectObject
BitBlt
GetTextExtentPoint32A
GetPixel
GetDIBits
SetDIBits
SelectClipRgn
GdiFlush
SetStretchBltMode
CreateRectRgnIndirect
StretchBlt
RoundRect
CreateSolidBrush
Rectangle
CreatePen
CreateFontIndirectA
GetBkMode
CreateCompatibleDC
CreateBitmap
PatBlt
CreateDIBitmap
SetMapMode
DeleteDC
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetMalloc
SHFileOperationA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoInitializeEx
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VarUdateFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear

gdiplus

GdiplusShutdown

Sections

.text
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3edf686b0a858072e92e6c35a98b372

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:fd:65:e8:81:21:d8:9d:03:41:86:08:36:1d:31:6aCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

39:f1:ec:1e:51:f5:91:9b:32:ac:e9:8c:dc:70:e1:4d:18:54:c4:74:a8:df:63:c1:5d:68:a8:e5:d4:7c:31:19Signer

Headers

File Characteristics

Imports

winmm

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

Sections

.text Size: 432KB - Virtual size: 428KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 28KB - Virtual size: 63KB

.rsrc Size: 72KB - Virtual size: 69KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:fd:65:e8:81:21:d8:9d:03:41:86:08:36:1d:31:6a
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

39:f1:ec:1e:51:f5:91:9b:32:ac:e9:8c:dc:70:e1:4d:18:54:c4:74:a8:df:63:c1:5d:68:a8:e5:d4:7c:31:19
Signer

.text
Size: 432KB - Virtual size: 428KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 28KB - Virtual size: 63KB

.rsrc
Size: 72KB - Virtual size: 69KB