cbfe12a12e6dcd2f7b3054b92771c5a9

Sharing

Copy URL Twitter E-mail

General

Target

cbfe12a12e6dcd2f7b3054b92771c5a9
Size

888KB
MD5

cbfe12a12e6dcd2f7b3054b92771c5a9
SHA1

b7170c754fe114326f5d420b429a84ead3c8c39f
SHA256

4fd20651a8c3b7f9bf7f5439f3f909fb1de4d395e6a819ad0799ff72d5b6627a
SHA512

21db2499b894a11e9deb3febb5dc5a259b13788a2b374f07c458b1388679e69447ef79b27be983740c0b87675d86c3788cee20647622c6472f705d82cc4d6b1c
SSDEEP

24576:mcyzX0JMFJzvQFbtTyIDFDl9eHVmTLj9q5oORBke:m9oJsgfDPqWLs7b

Score

1^/10

Malware Config

Signatures

Files

cbfe12a12e6dcd2f7b3054b92771c5a9
.exe windows:5 windows x86 arch:x86

8ad5b7eae88cb494d89cdd32ca65f4f5

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:7c:05:e0:31:bd:c2:77:9e:6a:c0:51:39:0d:fb:82:6a:b2:37:22:f3:2d:d0:80:cd:b1:85:b3:ce:15:d2:9c
Signer

Actual PE Digest

7b:7c:05:e0:31:bd:c2:77:9e:6a:c0:51:39:0d:fb:82:6a:b2:37:22:f3:2d:d0:80:cd:b1:85:b3:ce:15:d2:9c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup

winmm

mixerSetControlDetails
waveOutGetVolume
joyGetPosEx
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineControlsA
waveOutSetVolume
mixerClose
mciSendStringA
joyGetDevCapsA
mixerGetLineInfoA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_Create
ord6
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Destroy
ImageList_AddMasked

psapi

GetModuleBaseNameA
GetModuleFileNameExA

kernel32

FindClose
FileTimeToLocalFileTime
SetEnvironmentVariableA
Beep
MoveFileA
OutputDebugStringA
CreateProcessA
GetFileAttributesA
MultiByteToWideChar
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetDiskFreeSpaceA
SetVolumeLabelA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
CreateDirectoryA
ReadFile
GetACP
WriteFile
DeleteFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameA
GetWindowsDirectoryA
GetTempPathA
GetFullPathNameA
GetShortPathNameA
LoadLibraryA
FreeLibrary
FindNextFileA
LeaveCriticalSection
VirtualProtect
QueryDosDeviceA
CompareStringA
RemoveDirectoryA
CopyFileA
GetCurrentProcess
FormatMessageA
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WritePrivateProfileSectionA
SetEndOfFile
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesA
LoadLibraryExA
GlobalSize
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapQueryInformation
HeapSize
HeapReAlloc
ExitProcess
GetModuleHandleW
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
FindFirstFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
GetCPInfo
GetVersionExW
GetModuleHandleA
GetProcAddress
GetLastError
CreateMutexA
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
lstrcmpiA
WideCharToMultiByte
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentDirectoryA
SetErrorMode
InitializeCriticalSection
SetCurrentDirectoryA
Sleep
GetTickCount
MulDiv
TlsSetValue
TlsFree
LoadLibraryW
SetHandleCount
IsProcessorFeaturePresent
GetStringTypeW
RaiseException
RtlUnwind
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetFilePointer
LCMapStringW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetProcessHeap
CreateFileW
EnterCriticalSection
VirtualQuery

user32

SetMenu
FlashWindow
GetPropA
SetPropA
RemovePropA
MapWindowPoints
RedrawWindow
SetParent
GetClassInfoExA
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongA
DefDlgProcA
CallWindowProcA
CheckRadioButton
IntersectRect
PtInRect
CreateDialogIndirectParamA
CreateAcceleratorTableA
DestroyAcceleratorTable
InsertMenuItemA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
GetMenuItemInfoA
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuA
DestroyMenu
TrackPopupMenuEx
CreateIconIndirect
GetDesktopWindow
CopyImage
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetTopWindow
SystemParametersInfoA
AdjustWindowRectEx
DrawTextA
SetRect
GetIconInfo
SetWindowTextA
IsWindowVisible
CheckMenuItem
ExitWindowsEx
LoadImageA
ChangeClipboardChain
LoadAcceleratorsA
EnableMenuItem
GetMenu
CreateWindowExA
RegisterClassExA
LoadCursorA
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
SetForegroundWindow
VkKeyScanExA
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
PostMessageW
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameA
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
GetMenuStringA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetLastInputInfo
GetCursor
ClientToScreen
MessageBeep
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
MessageBoxA
DialogBoxParamA
EndDialog
IsWindow
DispatchMessageA
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
DefWindowProcA
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageA
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthA
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
GetGUIThreadInfo
SetActiveWindow
EnumChildWindows
MoveWindow
GetQueueStatus
IsWindowEnabled
GetWindowLongA
GetKeyState
TranslateAcceleratorA
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
CharUpperA
IsClipboardFormatAvailable
GetWindowRect
MapVirtualKeyExA
GetClientRect
SetClipboardViewer

gdi32

GetPixel
GetClipRgn
GetCharABCWidthsA
SetBkMode
CreatePatternBrush
SetBrushOrgEx
EnumFontFamiliesExA
CreateDIBSection
GdiFlush
SetBkColor
ExcludeClipRect
SetTextColor
GetClipBox
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
CreateSolidBrush
CreateFontA
FillRgn
GetDeviceCaps
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegConnectRegistryA
RegDeleteValueA

shell32

DragQueryPoint
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathA
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ExtractIconA

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SafeArrayGetLBound
GetActiveObject
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayDestroy
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysFreeString
SysStringLen

Sections

.text
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ad5b7eae88cb494d89cdd32ca65f4f5

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2fCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

7b:7c:05:e0:31:bd:c2:77:9e:6a:c0:51:39:0d:fb:82:6a:b2:37:22:f3:2d:d0:80:cd:b1:85:b3:ce:15:d2:9cSigner

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 596KB - Virtual size: 595KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 37KB

.rsrc Size: 213KB - Virtual size: 213KB

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

7b:7c:05:e0:31:bd:c2:77:9e:6a:c0:51:39:0d:fb:82:6a:b2:37:22:f3:2d:d0:80:cd:b1:85:b3:ce:15:d2:9c
Signer

.text
Size: 596KB - Virtual size: 595KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 37KB

.rsrc
Size: 213KB - Virtual size: 213KB