e5379ed6dfd3130a49dcddcdddec6b21c7f90d7dee15fc9219e7ccaa0fad87d4

Resubmissions

29-01-2023 18:07

230129-wqck8sgd68 10

Sharing

Copy URL

Twitter E-mail

General

Target

e5379ed6dfd3130a49dcddcdddec6b21c7f90d7dee15fc9219e7ccaa0fad87d4
Size

1.1MB
MD5

7e921e11caeb6f9594fa286d217af62e
SHA1

9253c2e0c30b7279fe6cf6a052b55b2b43ee2f84
SHA256

e5379ed6dfd3130a49dcddcdddec6b21c7f90d7dee15fc9219e7ccaa0fad87d4
SHA512

8d5af1af21e4a24d5546515d9f2af5a51598de7e5e335e139c38f5f426fdb0359dabb00ea6e0d0b84846781be553a8ab234b1b6c9cdf429100569101ba055fcc
SSDEEP

12288:n0FWRGqrviIa4un1WnkOJz2CFBsZX/STM3f7rUuWe+UmXELXSLbFUhNl7T7R+UtU:MunKIaNAnkOEKBslQU8ELitm/DtVy

Score

1^/10

Malware Config

Signatures

Files

e5379ed6dfd3130a49dcddcdddec6b21c7f90d7dee15fc9219e7ccaa0fad87d4
.exe windows:5 windows x86 arch:x86

9f4e31a71cafa6bf42a7ff1e9adb914b

Code Sign

2d:aa:95:67:3f:0b:a5:a0:45:35:8c:c6:50:d7:e6:fc
Certificate

Issuer

CN=LFXNVNLK

Not Before

25-03-2019 11:37

Not After

31-12-2039 23:59

Subject

CN=LFXNVNLK

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fb:b2:3c:b7:6d:dc:ec:09:19:1d:01:24:64:15:2e:d0:ea:17:c0:6b:ce:3b:5d:b7:cc:e5:e8:a3:91:b9:d9:d1
Signer

Actual PE Digest

fb:b2:3c:b7:6d:dc:ec:09:19:1d:01:24:64:15:2e:d0:ea:17:c0:6b:ce:3b:5d:b7:cc:e5:e8:a3:91:b9:d9:d1

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessHeaps
GetProfileIntW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
Heap32ListNext
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadReadPtr
IsDBCSLeadByte
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
GetCurrentThread
LocalFileTimeToFileTime
LocalFree
LocalLock
LocalReAlloc
LocalSize
LocalUnlock
LockFile
LockResource
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenFile
OpenFileMappingA
OpenMutexW
OpenProcess
OpenSemaphoreA
OpenThread
OutputDebugStringA
OutputDebugStringW
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadDirectoryChangesW
ReadFile
ReleaseActCtx
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ReplaceFileA
ResetEvent
ResumeThread
RtlUnwind
SearchPathW
SetCommState
SetCommTimeouts
SetComputerNameExA
SetConsoleCursorPosition
SetConsoleMode
SetConsoleOutputCP
SetConsoleTextAttribute
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetThreadExecutionState
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeMountPointW
SizeofResource
Sleep
SleepEx
SystemTimeToFileTime
TerminateProcess
TerminateThread
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VerLanguageNameA
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProcessMemory
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcatA
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleScreenBufferInfo
GetConsoleOutputCP
GetConsoleMode
GetConsoleFontSize
GetConsoleCP
GetComputerNameW
GetComputerNameExW
GetComputerNameA
GetCommandLineW
GetCommandLineA
GetCommState
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceW
FindResourceExW
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
EncodePointer
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DecodePointer
DebugBreak
DeactivateActCtx
CreateToolhelp32Snapshot
CreateThread
CreateProcessW
CreateProcessA
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CreateActCtxW
CopyFileW
CopyFileExW
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareFileTime
CloseHandle
LocalAlloc
ActivateActCtx

user32

MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuW
MsgWaitForMultipleObjectsEx
NotifyWinEvent
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageA
PtInRect
RegisterClassW
RegisterWindowMessageW
ReleaseDC
RemovePropW
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageA
SendMessageW
SetClassLongA
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetMenu
SetMenuItemBitmaps
SetMessageQueue
SetPropW
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWinEvent
UnhookWindowsHookEx
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
WinHelpW
mouse_event
WindowFromDC
LoadCursorFromFileA
GetClipboardData
InSendMessage
IsMenu
DestroyIcon
CharLowerW
GetMenuContextHelpId
VkKeyScanA
CountClipboardFormats
IsCharAlphaA
IsCharAlphaNumericA
IsWindowUnicode
GetKeyboardLayout
VkKeyScanW
GetKBCodePage
GetClipboardOwner
GetAsyncKeyState
DestroyCursor
CloseClipboard
PaintDesktop
GetInputState
GetCursor
CharNextW
CloseDesktop
ReleaseCapture
EnumClipboardFormats
GetWindowContextHelpId
GetWindowTextLengthA
GetClipboardViewer
GetThreadDesktop
IsCharAlphaW
AnyPopup
CharUpperW
IsCharLowerW
IsClipboardFormatAvailable
GetQueueStatus
CloseWindow
GetDialogBaseUnits
OemKeyScan
LoadMenuW
LoadIconW
LoadIconA
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDlgButtonChecked
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetUserObjectInformationW
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetPropW
GetProcessWindowStation
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DefWindowProcW
DefWindowProcA
DdeQueryConvInfo
CreateWindowExW
CreateDialogParamW
CopyRect
CloseWindowStation
ClientToScreen
CheckMenuItem
CharLowerA
CallWindowProcW
CallNextHookEx
AdjustWindowRectEx
LoadStringW

gdi32

GdiFlush
CreateHalftonePalette
GetSystemPaletteUse
GetObjectType
GetColorSpace
AddFontResourceW
GetPolyFillMode
GetGraphicsMode
GetBkColor
DeleteColorSpace
CreateCompatibleDC
UnrealizeObject
GetDCPenColor
UpdateColors
CreatePatternBrush
StrokePath
GetLayout
GetStockObject
AbortDoc
GdiGetBatchLimit
FlattenPath
SaveDC
CreateSolidBrush
DeleteObject
SwapBuffers
GetTextCharset
XLATEOBJ_cGetPalette
XFORMOBJ_iGetXform
StartDocW
SetWindowExtEx
SetTextColor
GetTextColor
GetICMProfileW
GetCharABCWidthsA
GdiStartDocEMF
GdiDllInitialize
EngReleaseSemaphore
EngQueryLocalTime
EngLoadModule
EndDoc
DeleteDC
DPtoLP
CreateDCW
AbortPath
CopyMetaFileW

advapi32

RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegSetValueExA
RegSetValueExW
RegCloseKey

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_Duplicate
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Remove
ImageList_ReplaceIcon
InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 1017KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9f4e31a71cafa6bf42a7ff1e9adb914b

Code Sign

2d:aa:95:67:3f:0b:a5:a0:45:35:8c:c6:50:d7:e6:fcCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

fb:b2:3c:b7:6d:dc:ec:09:19:1d:01:24:64:15:2e:d0:ea:17:c0:6b:ce:3b:5d:b7:cc:e5:e8:a3:91:b9:d9:d1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 792B

.rsrc Size: 37KB - Virtual size: 1017KB

2d:aa:95:67:3f:0b:a5:a0:45:35:8c:c6:50:d7:e6:fc
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

fb:b2:3c:b7:6d:dc:ec:09:19:1d:01:24:64:15:2e:d0:ea:17:c0:6b:ce:3b:5d:b7:cc:e5:e8:a3:91:b9:d9:d1
Signer

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 792B

.rsrc
Size: 37KB - Virtual size: 1017KB