bb54b68f1edf2e903439b6892f6db2fc81dd344b1ac6d7d15551f8c5e0746505

Sharing

Copy URL Twitter E-mail

General

Target

bb54b68f1edf2e903439b6892f6db2fc81dd344b1ac6d7d15551f8c5e0746505
Size

2.7MB
MD5

3ef31b76268752e80c05e3eb21807331
SHA1

da8f039e96dd78f8700a363588f150a110cd850c
SHA256

bb54b68f1edf2e903439b6892f6db2fc81dd344b1ac6d7d15551f8c5e0746505
SHA512

54e740a9177a1a8ea635a9e76a99d12483333566fb079a69b30ada105aa580afaf5f029dc624bd548da3157b84b72fd94092015728bdd86c0e3ba8ac92dc6c4e
SSDEEP

49152:/+poUDcwupd/dKK+mEnqJmW77bn8K2Vgh5osA4PfhtyjFq61x5t4GRRs1QYSV1N:W6Uw/pH+hqJmW77D8j25os/PfhtyX1rJ

Score

1^/10

Malware Config

Signatures

Files

bb54b68f1edf2e903439b6892f6db2fc81dd344b1ac6d7d15551f8c5e0746505
.exe windows:5 windows x86 arch:x86

eafb023e41ac3c024ec97e56add5b707

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5d
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc ,C=US

Not Before

28/04/2021, 16:00

Not After

28/04/2036, 15:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.+O=DigiCert\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.+O=DigiCert\, Inc.,C=US

Not Before

01/07/2021, 16:00

Not After

10/07/2024, 15:59

Subject

CN=Google LLC ,O=Google LLC ,L=Mountain View,C=US,2.5.4.4=#130a43616c69666f726e6961

Key Usages

KeyUsageDigitalSignature

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5d
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc ,C=US

Not Before

28/04/2021, 16:00

Not After

28/04/2036, 15:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.+O=DigiCert\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.+O=DigiCert\, Inc.,C=US

Not Before

01/07/2021, 16:00

Not After

10/07/2024, 15:59

Subject

CN=Google LLC ,O=Google LLC ,L=Mountain View,C=US,2.5.4.4=#130a43616c69666f726e6961

Key Usages

KeyUsageDigitalSignature

a5:a3:8e:85:a7:db:d7:f5:6b:04:a2:bc:fb:4c:02:c7:ca:98:75:c2:80:dd:75:f8:53:68:76:21:eb:d0:a3:17
Signer

Actual PE Digest

a5:a3:8e:85:a7:db:d7:f5:6b:04:a2:bc:fb:4c:02:c7:ca:98:75:c2:80:dd:75:f8:53:68:76:21:eb:d0:a3:17

Digest Algorithm

sha256

PE Digest Matches

true

f9:05:be:d4:1e:29:20:cd:c3:c8:75:b7:fb:7e:f3:ee:67:da:99:21
Signer

Actual PE Digest

f9:05:be:d4:1e:29:20:cd:c3:c8:75:b7:fb:7e:f3:ee:67:da:99:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
IsBadReadPtr
GetNativeSystemInfo
VirtualAlloc
VirtualFree
OutputDebugStringW
GetStringTypeW
GetConsoleCP
GetTimeZoneInformation
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
FindResourceExW
GetWindowsDirectoryW
SetErrorMode
Sleep
SearchPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GetTempPathW
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GetThreadLocale
FileTimeToSystemTime
VerifyVersionInfoW
VerSetConditionMask
GetCurrentDirectoryW
GlobalReAlloc
GetFileSize
CreateFileW
GlobalGetAtomNameW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GlobalAddAtomW
lstrcpyW
GlobalFree
FreeResource
GetCurrentProcessId
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
SizeofResource
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
InterlockedDecrement
InterlockedIncrement
FindResourceW
LoadResource
LockResource
GetModuleHandleExW

user32

SetParent
IsRectEmpty
SetWindowRgn
SetRect
ReuseDDElParam
UnpackDDElParam
DestroyIcon
IntersectRect
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
ReleaseCapture
BringWindowToTop
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
IsWindowVisible
DrawMenuBar
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
WaitMessage
PostThreadMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
CopyImage
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetUpdateRect
LockWindowUpdate
UnionRect
GetKeyNameTextW
MapVirtualKeyW
UpdateWindow
EnableWindow
ClientToScreen
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetClassNameW
DrawStateW
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
TrackMouseEvent
CharUpperW
GetAsyncKeyState
SetCapture
SetTimer
KillTimer
GetSystemMenu
DeleteMenu
WindowFromPoint
LoadCursorW
NotifyWinEvent
CheckDlgButton
GetMenuDefaultItem
SetMenuDefaultItem
DrawIconEx
OpenClipboard
CloseClipboard
SetClipboardData
GetMessageW
EmptyClipboard
GetParent
SetRectEmpty
LoadMenuW
GetSubMenu
GetKeyboardState
SendMessageW
ScreenToClient
GetClientRect
InvalidateRect
GetWindowRect
InflateRect
GetSysColor
LoadBitmapW
IsChild
GetFocus
LoadImageW
GetSystemMetrics
RedrawWindow
IsIconic
UnregisterClassW
PostMessageW
PostQuitMessage
IsZoomed
MessageBeep
OffsetRect
SystemParametersInfoW
RegisterClipboardFormatW
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
RegisterWindowMessageW
IsWindow
GetCursorPos
FillRect
CopyRect
MonitorFromPoint
GetMonitorInfoW
LoadAcceleratorsW
DestroyMenu
ShowWindow
MoveWindow
GetDlgItem
SetDlgItemTextW
GetMenuItemInfoW
GetSysColorBrush
SetClassLongW
DestroyAcceleratorTable
UpdateLayeredWindow
EnableScrollBar
DrawEdge
DrawFrameControl
DrawFocusRect
SetLayeredWindowAttributes
EnumDisplayMonitors
GetIconInfo
ModifyMenuW
CharUpperBuffW
FrameRect
HideCaret
InvertRect
RealChildWindowFromPoint
ToUnicodeEx
GetKeyboardLayout
GetWindowRgn
CreateMenu
GetTabbedTextExtentW
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
SubtractRect
CopyIcon
SetCursorPos
GetDoubleClickTime
IsClipboardFormatAvailable
DrawIcon
DestroyCursor
SendDlgItemMessageA
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EnumChildWindows
CopyAcceleratorTableW
CreateAcceleratorTableW
DrawTextW

gdi32

GetClipBox
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
StartDocW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
EndDoc
StartPage
ExcludeClipRect
AbortDoc
SetAbortProc
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreateRectRgnIndirect
GetTextColor
CombineRgn
GetDIBits
PatBlt
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
GetTextMetricsW
GetMapMode
SetRectRgn
CreateEllipticRgn
Ellipse
GetBkColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
Rectangle
RoundRect
GetRgnBox
OffsetRgn
GetCharWidthW
GetViewportOrgEx
LPtoDP
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
Escape
CreateRectRgn
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateSolidBrush
DeleteDC
CreateFontIndirectW
DeleteObject
GetStockObject
GetTextExtentPoint32W
EndPage
CreatePatternBrush
GetObjectW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegSetValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
SystemFunction036

shell32

SHGetFileInfoW
DragFinish
SHAppBarMessage
SHAddToRecentDocs
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
DragQueryFileW
ExtractIconW
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

DrawThemeBackground
GetThemePartSize
GetWindowTheme
IsAppThemed
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent

ole32

DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoGetClassObject
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop

oleaut32

VariantClear
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eafb023e41ac3c024ec97e56add5b707

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5dCertificate

Key Usages

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5Certificate

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5dCertificate

Key Usages

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5Certificate

Key Usages

a5:a3:8e:85:a7:db:d7:f5:6b:04:a2:bc:fb:4c:02:c7:ca:98:75:c2:80:dd:75:f8:53:68:76:21:eb:d0:a3:17Signer

f9:05:be:d4:1e:29:20:cd:c3:c8:75:b7:fb:7e:f3:ee:67:da:99:21Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 371KB - Virtual size: 371KB

.data Size: 229KB - Virtual size: 254KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 529KB - Virtual size: 532KB

.reloc Size: 136KB - Virtual size: 135KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5d
Certificate

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5d
Certificate

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

a5:a3:8e:85:a7:db:d7:f5:6b:04:a2:bc:fb:4c:02:c7:ca:98:75:c2:80:dd:75:f8:53:68:76:21:eb:d0:a3:17
Signer

f9:05:be:d4:1e:29:20:cd:c3:c8:75:b7:fb:7e:f3:ee:67:da:99:21
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 371KB - Virtual size: 371KB

.data
Size: 229KB - Virtual size: 254KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 529KB - Virtual size: 532KB

.reloc
Size: 136KB - Virtual size: 135KB