eeebdcf115527dd0d6357d3ca6c2fff19cf7b00c7af84916a03bbef907b1907b

Sharing

Copy URL Twitter E-mail

General

Target

eeebdcf115527dd0d6357d3ca6c2fff19cf7b00c7af84916a03bbef907b1907b
Size

8.1MB
MD5

a01b91de5c930c8b0f63bb9902f1c51c
SHA1

d7f9ae2c7533f229244f756e0f5801dab8f93b04
SHA256

eeebdcf115527dd0d6357d3ca6c2fff19cf7b00c7af84916a03bbef907b1907b
SHA512

b2d1ca738f55fc1e4516222f8adea0db285112a087ce1701ccbcfc0bcc735fa3a2a4824a896222e040c1002a7f753853da1b55a333553bdbd25f5622073f16fa
SSDEEP

98304:fYoGjnBIHdR4TbnVcB1CFs2DJuCTknMzzzzz8joq:bGjBkR43n6B8JTTknnx

Score

1^/10

Malware Config

Signatures

Files

eeebdcf115527dd0d6357d3ca6c2fff19cf7b00c7af84916a03bbef907b1907b
.exe windows:4 windows x86 arch:x86

362d946425ccf58e6fe69f86a8ab586a

Code Sign

36:02:61:76:36:e7:03:4b:9c:c1:fc:5f:fe:ac:2d:54
Certificate

Issuer

CN=Sectigo Public Code Signing Root E46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA E36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:3f:53:90:7e:18:70:64:c2:73:de:9e:13:cf:18:0c
Certificate

Issuer

CN=Sectigo Public Code Signing CA E36,O=Sectigo Limited,C=GB

Not Before

04/10/2023, 00:00

Not After

03/10/2024, 23:59

Subject

CN=Monika Novotna,O=Monika Novotna,ST=Pardubický kraj,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d5:b3:60:02:89:59:a2:7f:84:65:c9:e6:b1:8d:ba:cb
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

28/02/2023, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root E46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d6:60:a0:8b:86:c9:48:2e:5f:10:da:e5:e6:fa:ed:19:bc:6b:37:21:6a:b4:19:86:6d:58:71:e5:17:61:71:60
Signer

Actual PE Digest

d6:60:a0:8b:86:c9:48:2e:5f:10:da:e5:e6:fa:ed:19:bc:6b:37:21:6a:b4:19:86:6d:58:71:e5:17:61:71:60

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum
WNetOpenEnumW
WNetDisconnectDialog
WNetCancelConnection2W
WNetAddConnection2W
WNetConnectionDialog
WNetEnumResourceW

winmm

mciSendCommandW
timeSetEvent
timeKillEvent
timeGetTime

avifil32

AVIStreamWrite
AVIFileCreateStreamW
AVIMakeCompressedStream
AVISaveOptionsFree
AVIFileOpenW
AVIFileGetStream
AVIStreamInfoW
AVIStreamRelease
AVIFileRelease
AVIStreamGetFrameOpen
AVIStreamStart
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIFileExit
AVIFileInit
AVIStreamSetFormat

msvfw32

ICClose
ICOpen
ICGetInfo
ICInfo
ICSendMessage

racch

?RegisterHook@@YGHHPAUHWND__@@HPAI@Z
?UnRegisterHook@@YGXPAUHWND__@@I@Z

kernel32

GlobalAddAtomW
FreeResource
InterlockedDecrement
GetStringTypeExW
GetThreadLocale
LockFile
UnlockFile
GetFullPathNameW
VirtualProtect
GlobalGetAtomNameW
InterlockedExchange
CompareStringA
LoadLibraryExW
EnumResourceLanguagesW
ConvertDefaultLocale
GetTempFileNameW
GlobalFindAtomW
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
FindResourceExW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
ExitThread
HeapCompact
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
ExitProcess
GetFileType
VirtualAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoA
SetEnvironmentVariableA
GetCurrentDirectoryA
GetDriveTypeA
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetModuleHandleA
GetProfileStringW
SuspendThread
OpenProcess
TerminateProcess
PeekNamedPipe
CreatePipe
SetStdHandle
DuplicateHandle
CompareFileTime
MulDiv
WaitForMultipleObjects
GetACP
VerLanguageNameW
GetCurrentProcess
GetComputerNameW
GetEnvironmentVariableA
GetVolumeInformationW
GetLogicalDriveStringsW
GetDiskFreeSpaceW
PostQueuedCompletionStatus
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
GetTimeZoneInformation
GetVersionExA
GetExitCodeProcess
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetTickCount
CreateThread
GetCPInfo
lstrcmpiW
lstrcmpA
lstrlenA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetFileTime
WritePrivateProfileStringA
LoadLibraryA
FormatMessageA
CreateEventW
LocalAlloc
TerminateThread
ResumeThread
GetCurrentThread
SetThreadPriority
ResetEvent
ReadFile
FlushFileBuffers
QueryPerformanceFrequency
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProfileIntW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
SetEndOfFile
GetStdHandle
WriteConsoleW
FormatMessageW
LocalFree
GetNumberFormatW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WritePrivateProfileStringW
CreateProcessW
GetSystemDirectoryW
GetWindowsDirectoryW
RemoveDirectoryW
GetCurrentProcessId
GetTempPathW
SetCurrentDirectoryW
MoveFileExW
SetFileTime
SetFileAttributesW
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFileTimeToFileTime
SetFilePointer
GetModuleFileNameW
GetDriveTypeW
GetVersion
CreateFileA
DeleteFileW
MoveFileW
CreateDirectoryW
CreateFileW
WriteFile
GlobalReAlloc
GetFileSize
CopyFileW
GlobalAlloc
lstrcpyW
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
lstrcpynW
GetUserDefaultLangID
FindFirstFileW
FindNextFileW
FindClose
GetCurrentDirectoryW
SetLastError
GetModuleHandleW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
SystemTimeToFileTime
GetCurrentThreadId
Sleep
OpenMutexW
CreateMutexW
GetLastError
WaitForSingleObject
ReleaseMutex
CloseHandle
GetVersionExW
QueryPerformanceCounter
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedIncrement

user32

InSendMessage
SendNotifyMessageW
CopyAcceleratorTableW
GetDCEx
LockWindowUpdate
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
GetClassInfoExW
GetScrollInfo
SetWindowPlacement
SystemParametersInfoA
GetWindowPlacement
FlashWindow
OemToCharBuffA
CallWindowProcA
SetMenuItemInfoW
IsChild
GetClassInfoW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetCaretPos
GetCapture
GetMenuDefaultItem
RegisterWindowMessageW
MapDialogRect
SetMenuDefaultItem
EndDialog
GetUserObjectInformationA
OpenDesktopW
SetThreadDesktop
OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationW
CloseDesktop
RegisterClassExW
AdjustWindowRect
PostQuitMessage
GrayStringW
DrawTextExW
TabbedTextOutW
GetSysColorBrush
CreateMenu
GetAsyncKeyState
LoadAcceleratorsW
GetClassNameW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsZoomed
PtInRect
GetMessagePos
SetMenu
CheckMenuRadioItem
SetParent
SetCursorPos
GetCursor
DrawMenuBar
GetMessageW
InsertMenuW
GetMenuStringW
InvalidateRgn
AdjustWindowRectEx
ShowScrollBar
ScrollWindowEx
SetScrollInfo
TrackPopupMenu
BeginPaint
EndPaint
RegisterClassW
DestroyWindow
PostThreadMessageW
CreateIconIndirect
RemoveMenu
EqualRect
GetDesktopWindow
UnregisterClassW
DefDlgProcW
DefWindowProcW
GetLastActivePopup
DrawTextW
SetClipboardViewer
GetClipboardOwner
CheckMenuItem
CreatePopupMenu
SystemParametersInfoW
ModifyMenuW
GetMenuItemInfoW
GetMenuState
SendDlgItemMessageA
EnableMenuItem
DrawFrameControl
SetActiveWindow
SetRectEmpty
IsMenu
GetSystemMenu
GetMenuItemID
DeleteMenu
GetKeyboardState
ToAscii
GetKeyboardLayout
GetKeyboardLayoutList
LoadKeyboardLayoutW
ActivateKeyboardLayout
UnloadKeyboardLayout
LoadCursorW
GetFocus
IsWindowEnabled
GetMenuItemCount
AppendMenuW
RedrawWindow
UpdateWindow
GetCursorPos
KillTimer
SetTimer
DrawEdge
CountClipboardFormats
IsClipboardFormatAvailable
EnumClipboardFormats
GetClipboardFormatNameW
PostMessageW
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
CallWindowProcW
IsWindowVisible
SetCapture
GetWindowDC
SetPropW
CreateWindowExW
SetWindowPos
GetDC
ReleaseDC
DrawIconEx
ReleaseCapture
SetWindowLongW
RemovePropW
GetMenu
GetMenuItemRect
GetPropW
GetSystemMetrics
DestroyMenu
LoadMenuW
DestroyCursor
LoadImageW
GetSysColor
GetIconInfo
GetSubMenu
SetCursor
DestroyIcon
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
DrawFocusRect
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
DrawStateW
LoadIconW
GetClientRect
DrawIcon
LoadBitmapW
MoveWindow
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
MessageBoxW
PeekMessageW
TranslateMessage
DispatchMessageW
IsDialogMessageW
IsRectEmpty
GetForegroundWindow
GetWindowThreadProcessId
ShowOwnedPopups
ValidateRect
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetDlgItemTextW
GetDlgItemTextW
AttachThreadInput
SetForegroundWindow
IsIconic
MessageBeep
CreateDialogIndirectParamW
ChangeClipboardChain
SendDlgItemMessageW
FindWindowW
GetParent
GetWindow
GetDlgCtrlID
IsWindow
ClientToScreen
ScreenToClient
GetWindowLongW
SetFocus
ShowWindow
GetDlgItem
EnableWindow
GetWindowRect
SendMessageW
IntersectRect
WinHelpW
SetWindowsHookExW
CallNextHookEx
SetRect
GetClassLongW
GetKeyState
UnregisterClassA

gdi32

SetMapMode
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
ScaleWindowExtEx
RectVisible
CreatePatternBrush
EnumFontFamiliesExW
PtVisible
PatBlt
Rectangle
GetBkMode
GetCharWidthW
SetPixel
CreateFontW
SetBkMode
GetPixel
SetDIBitsToDevice
SetPixelV
ExtTextOutW
UpdateColors
CreateRectRgn
SetROP2
CopyMetaFileW
GetObjectA
SetRectRgn
ExcludeClipRect
EnumFontsW
Pie
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
Escape
StretchDIBits
SelectPalette
RealizePalette
GetDIBits
CreatePalette
GetPaletteEntries
CreateDIBSection
GetDeviceCaps
CreateDCW
CreateFontIndirectW
PtInRegion
CreateRectRgnIndirect
CreateSolidBrush
GetObjectW
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
GetStockObject
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
SetWindowExtEx
GetTextExtentPoint32W
GetClipBox
CombineRgn
SetStretchBltMode
SetBrushOrgEx
SetDIBits
SaveDC
RestoreDC
GetTextColor
GetBkColor
GetTextMetricsW
GetCurrentObject
Ellipse
CreatePen
StretchBlt
TextOutW

comdlg32

GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW

winspool.drv

OpenPrinterW
EnumPrintersW
StartDocPrinterW
WritePrinter
ClosePrinter
DocumentPropertiesW
EndDocPrinter

advapi32

RegQueryValueExW
RegQueryValueExA
RegDeleteValueW
GetFileSecurityW
SetFileSecurityW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueW
RegSetValueExA
InitializeSecurityDescriptor
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyW
GetUserNameW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetMalloc
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
ShellExecuteExW
ExtractIconExW
SHGetFileInfoW
Shell_NotifyIconW
FindExecutableW
SHFileOperationW
ShellExecuteW

comctl32

CreateToolbarEx
ord17

shlwapi

PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW

oledlg

OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIPasteSpecialW
OleUIBusyW
OleUIAddVerbMenuW

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleRegEnumVerbs
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitialize
OleSetMenuDescriptor
OleIsRunning
OleRun
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
StgCreateDocfile
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
GetRunningObjectTable
CoDisconnectObject
CoCreateInstance
OleRegGetMiscStatus
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VarDateFromStr
VarUdateFromDate
SystemTimeToVariantTime
VariantChangeType
VariantTimeToSystemTime

ws2_32

inet_ntoa
recv
WSACleanup
WSAStartup
closesocket
shutdown
bind
htonl
htons
connect
gethostbyname
inet_addr
WSAGetLastError
sendto
gethostname
setsockopt
socket
send
getpeername
gethostbyaddr

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 692KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.2MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

362d946425ccf58e6fe69f86a8ab586a

Code Sign

36:02:61:76:36:e7:03:4b:9c:c1:fc:5f:fe:ac:2d:54Certificate

Extended Key Usages

Key Usages

35:3f:53:90:7e:18:70:64:c2:73:de:9e:13:cf:18:0cCertificate

Extended Key Usages

Key Usages

d5:b3:60:02:89:59:a2:7f:84:65:c9:e6:b1:8d:ba:cbCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

d6:60:a0:8b:86:c9:48:2e:5f:10:da:e5:e6:fa:ed:19:bc:6b:37:21:6a:b4:19:86:6d:58:71:e5:17:61:71:60Signer

Headers

File Characteristics

Imports

mpr

winmm

avifil32

msvfw32

racch

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

version

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 692KB - Virtual size: 688KB

.data Size: 96KB - Virtual size: 128KB

.rsrc Size: 4.2MB - Virtual size: 4.4MB

36:02:61:76:36:e7:03:4b:9c:c1:fc:5f:fe:ac:2d:54
Certificate

35:3f:53:90:7e:18:70:64:c2:73:de:9e:13:cf:18:0c
Certificate

d5:b3:60:02:89:59:a2:7f:84:65:c9:e6:b1:8d:ba:cb
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

d6:60:a0:8b:86:c9:48:2e:5f:10:da:e5:e6:fa:ed:19:bc:6b:37:21:6a:b4:19:86:6d:58:71:e5:17:61:71:60
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 692KB - Virtual size: 688KB

.data
Size: 96KB - Virtual size: 128KB

.rsrc
Size: 4.2MB - Virtual size: 4.4MB