9fd59ba40c26b3161642d5ebb85796b4262e5d5aa5d1e5eceb919b52a8f9b00e

Target

9fd59ba40c26b3161642d5ebb85796b4262e5d5aa5d1e5eceb919b52a8f9b00e
Size

1.0MB
MD5

7f9d970c685f7f33aa8a961f2a10173d
SHA1

11f93876dba467125556c04a85c19f4b93ed5e4c
SHA256

9fd59ba40c26b3161642d5ebb85796b4262e5d5aa5d1e5eceb919b52a8f9b00e
SHA512

fb57c9f3caf4d39c8ea3f3cb12536fae6baa874c89c84af5fa08853f56436d269d09c7a45467624009d54dc5af77bef903d1a9dd63502aa147c30cc606acef5e
SSDEEP

12288:3i94bywx1Dj5+h7ZCn0P5T7lHDbIi9dszYjN5HbPiLsptcyx7tbFEujtgw:3Hx13SZW0x5j5dsYnHeYpuyx7tx/tgw

Score

1^/10

Malware Config

Signatures

Files

9fd59ba40c26b3161642d5ebb85796b4262e5d5aa5d1e5eceb919b52a8f9b00e
.exe windows:5 windows x86 arch:x86

a641a3a252ba41dde68c38fe5682820f

Code Sign

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:ca
Certificate

Issuer

CN=XZZOXJSC

Not Before

25-12-2018 12:03

Not After

31-12-2039 23:59

Subject

CN=XZZOXJSC

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f7:94:81:76:fe:05:c5:37:45:e1:df:cf:d3:16:df:35:d3:bf:7e:47:a0:31:5a:93:85:11:84:03:67:eb:b2:17
Signer

Actual PE Digest

f7:94:81:76:fe:05:c5:37:45:e1:df:cf:d3:16:df:35:d3:bf:7e:47:a0:31:5a:93:85:11:84:03:67:eb:b2:17

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTapeParameters
GetThreadPriority
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
GetCurrentThread
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetHandleCount
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualAllocEx
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcpyA
lstrlenA
LoadLibraryW
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
ExitProcess
EnumTimeFormatsA
EnumDateFormatsA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateProcessA
CompareStringW
CompareStringA
IsValidCodePage
CloseHandle

user32

GetWindowTextLengthA
InvalidateRect
InvalidateRgn
IsCharAlphaA
IsCharUpperA
IsCharUpperW
IsDialogMessageA
IsDialogMessageW
IsWindow
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
MapVirtualKeyExA
MessageBeep
MessageBoxA
MonitorFromRect
MoveWindow
OpenDesktopA
PostMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
RemoveMenu
ScreenToClient
SendMessageA
SendNotifyMessageA
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
GetWindowTextA
SetWindowTextA
ShowWindow
ToAsciiEx
TrackPopupMenu
TranslateMessage
UnhookWinEvent
UpdateWindow
VkKeyScanA
wsprintfA
GetMenuItemCount
DestroyWindow
DestroyMenu
DefWindowProcA
DdeDisconnectList
DdeAddData
CreateWindowExW
CreateWindowExA
CreateDialogIndirectParamA
CloseDesktop
ClientToScreen
CheckMenuItem
CharUpperW
CharUpperA
CharToOemW
CharToOemBuffW
CharLowerW
CharLowerA
ChangeDisplaySettingsW
ChangeDisplaySettingsA
CallWindowProcA
BeginPaint
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowInfo
GetWindow
GetUserObjectInformationA
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetMessageA
GetMenuState
GetMenuItemRect
GetMenu
DispatchMessageA
GetIconInfo
GetForegroundWindow
GetDlgItemTextW
GetDlgItemTextA
GetDC
GetCursorPos
GetClipboardViewer
GetClipboardData
GetClientRect
GetClassNameA
EqualRect
ActivateKeyboardLayout
BeginDeferWindowPos
EnumDisplayDevicesW
EndPaint
EnableWindow
EnableMenuItem
DrawEdge
SetWindowPos
DlgDirListComboBoxA
GetKeyboardLayoutNameA

gdi32

CreateMetaFileW
SelectObject
Polyline
GetTextMetricsA
GetStockObject
GetGlyphOutline
FillPath
EndPath
DeleteObject
BeginPath

advapi32

GetUserNameA
RegCreateKeyExA
RegOpenKeyExW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHCreateProcessAsUserW
ShellExecuteEx
ShellExecuteA
SHQueryRecycleBinW
SHPathPrepareForWriteW
SHPathPrepareForWriteA
DoEnvironmentSubstW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconA
ExtractIconEx
ExtractIconExA
SHAddToRecentDocs
ShellExecuteExA
SHEmptyRecycleBinA
SHGetDataFromIDListW
SHGetFileInfo
SHGetFileInfoW
SHGetIconOverlayIndexW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHLoadNonloadedIconOverlayIdentifiers

ole32

CoUninitialize
StgCreateDocfile
StgOpenStorage
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoGetMalloc
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromProgID
CoTaskMemRealloc

shlwapi

StrStrIA
StrStrA
StrRStrIW
StrRChrW
StrChrIA
StrCmpNW

comctl32

CreateToolbarEx
InitCommonControlsEx

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

a641a3a252ba41dde68c38fe5682820f

Code Sign

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:caCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

f7:94:81:76:fe:05:c5:37:45:e1:df:cf:d3:16:df:35:d3:bf:7e:47:a0:31:5a:93:85:11:84:03:67:eb:b2:17Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 4KB - Virtual size: 1.0MB

7e:f3:00:91:52:fb:26:96:43:26:de:50:92:ec:72:ca
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

f7:94:81:76:fe:05:c5:37:45:e1:df:cf:d3:16:df:35:d3:bf:7e:47:a0:31:5a:93:85:11:84:03:67:eb:b2:17
Signer

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 4KB - Virtual size: 1.0MB