629491cb1f88530240f9260810ab2abe16b8152900bffae4068a6565a2ac7a70

Resubmissions

29-01-2023 18:20

230129-wy2v4aab6s 10

Sharing

Copy URL

Twitter E-mail

General

Target

629491cb1f88530240f9260810ab2abe16b8152900bffae4068a6565a2ac7a70
Size

1.2MB
MD5

969305f9f01a46e8eee82885d9bde2bd
SHA1

a5cf52711faec6b7ec152ac074496a7a6e825765
SHA256

629491cb1f88530240f9260810ab2abe16b8152900bffae4068a6565a2ac7a70
SHA512

a916a1ef2bc9c77e9cb3476def54747dcf9c6819c9dd436d8e7ec4f9c3046ce850db7727fc97f820aba070015e06975540f5cacbf6e7341a3ffb787560590ba2
SSDEEP

24576:U0Xy5spQBcumH3iA537SEHKa3RoMF/tM7duvJkdV4KL:U0iupecuYSAt2E53WMF/+duvJIV4S

Score

1^/10

Malware Config

Signatures

Files

629491cb1f88530240f9260810ab2abe16b8152900bffae4068a6565a2ac7a70
.exe windows:5 windows x86 arch:x86

b19076b433a6de334b0b90c24f2d2ab2

Code Sign

74:fd:cf:22:3d:d9:a9:a4:4f:26:e6:5b:8f:3b:72:c3
Certificate

Issuer

CN=DOHYMZXI

Not Before

20-03-2019 10:33

Not After

31-12-2039 23:59

Subject

CN=DOHYMZXI

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

64:1c:c1:ef:86:d4:2b:a3:6e:3f:dd:37:af:41:97:db:8b:22:b0:3e:ff:d8:7e:a3:96:9d:27:dd:f2:67:91:11
Signer

Actual PE Digest

64:1c:c1:ef:86:d4:2b:a3:6e:3f:dd:37:af:41:97:db:8b:22:b0:3e:ff:d8:7e:a3:96:9d:27:dd:f2:67:91:11

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleFontSize
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessHeaps
GetProfileIntW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
Heap32ListNext
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadReadPtr
IsDBCSLeadByte
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringA
LCMapStringW
GetCommState
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalLock
LocalReAlloc
LocalSize
LocalUnlock
LockFile
LockResource
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenFile
OpenFileMappingA
OpenMutexW
OpenProcess
OpenSemaphoreA
OpenThread
OutputDebugStringA
OutputDebugStringW
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadDirectoryChangesW
ReadFile
ReleaseActCtx
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ReplaceFileA
ResetEvent
ResumeThread
RtlUnwind
SearchPathW
SetCommState
SetCommTimeouts
SetComputerNameExA
SetConsoleMode
SetConsoleOutputCP
SetConsoleTextAttribute
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeMountPointW
SizeofResource
Sleep
SleepEx
SystemTimeToFileTime
TerminateProcess
TerminateThread
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VerLanguageNameA
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProcessMemory
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcatA
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
EncodePointer
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DecodePointer
DebugBreak
DeactivateActCtx
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateProcessA
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CreateActCtxW
CopyFileW
CopyFileExW
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareFileTime
CloseHandle
LeaveCriticalSection
ActivateActCtx

user32

IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapW
LoadCursorW
LoadIconW
LoadMenuW
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuW
MsgWaitForMultipleObjectsEx
NotifyWinEvent
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageA
PtInRect
RegisterClassW
RegisterWindowMessageW
ReleaseDC
RemovePropW
SendMessageA
SendMessageW
SetCursor
SetForegroundWindow
SetMenu
SetMenuItemBitmaps
SetMessageQueue
SetPropW
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWinEvent
UnhookWindowsHookEx
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
WinHelpW
WindowFromDC
LoadCursorFromFileA
GetClipboardData
InSendMessage
IsMenu
DestroyIcon
CharLowerW
GetMenuContextHelpId
VkKeyScanA
CountClipboardFormats
IsCharAlphaA
IsCharAlphaNumericA
GetProcessWindowStation
IsWindowUnicode
GetKeyboardLayout
VkKeyScanW
GetKBCodePage
GetClipboardOwner
GetAsyncKeyState
DestroyCursor
CloseClipboard
PaintDesktop
GetInputState
GetCursor
CharNextW
CloseDesktop
ReleaseCapture
EnumClipboardFormats
GetWindowContextHelpId
GetWindowTextLengthA
GetClipboardViewer
GetThreadDesktop
IsCharAlphaW
AnyPopup
CharUpperW
IsCharLowerW
IsClipboardFormatAvailable
GetQueueStatus
CloseWindow
GetDialogBaseUnits
OemKeyScan
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetPropW
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
DefWindowProcA
DdeQueryConvInfo
CreateWindowExW
CreateDialogParamW
CopyRect
ClientToScreen
CheckMenuItem
CharLowerA
CallWindowProcW
CallNextHookEx
AdjustWindowRectEx
IsIconic

gdi32

SetWindowExtEx
StartDocW
XFORMOBJ_iGetXform
XLATEOBJ_cGetPalette
GetTextCharset
SwapBuffers
DeleteObject
CreateSolidBrush
SaveDC
FlattenPath
GdiGetBatchLimit
AbortDoc
GetStockObject
GetLayout
GetBkColor
SetTextColor
CreateHalftonePalette
GetSystemPaletteUse
GetObjectType
GetColorSpace
AddFontResourceW
GetPolyFillMode
GetGraphicsMode
AbortPath
DeleteColorSpace
CreateCompatibleDC
UnrealizeObject
GetDCPenColor
UpdateColors
CreatePatternBrush
StrokePath
GetTextColor
GetICMProfileW
GetCharABCWidthsA
GdiStartDocEMF
GdiDllInitialize
EngReleaseSemaphore
EngQueryLocalTime
EngLoadModule
EndDoc
DeleteDC
DPtoLP
CreateDCW
GdiFlush
CopyMetaFileW

advapi32

RegSetValueExA
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
RegSetValueExW

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 954KB - Virtual size: 954KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 917KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b19076b433a6de334b0b90c24f2d2ab2

Code Sign

74:fd:cf:22:3d:d9:a9:a4:4f:26:e6:5b:8f:3b:72:c3Certificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

64:1c:c1:ef:86:d4:2b:a3:6e:3f:dd:37:af:41:97:db:8b:22:b0:3e:ff:d8:7e:a3:96:9d:27:dd:f2:67:91:11Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 954KB - Virtual size: 954KB

.rsrc Size: 101KB - Virtual size: 917KB

74:fd:cf:22:3d:d9:a9:a4:4f:26:e6:5b:8f:3b:72:c3
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

64:1c:c1:ef:86:d4:2b:a3:6e:3f:dd:37:af:41:97:db:8b:22:b0:3e:ff:d8:7e:a3:96:9d:27:dd:f2:67:91:11
Signer

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 954KB - Virtual size: 954KB

.rsrc
Size: 101KB - Virtual size: 917KB