InstallGoldWave678[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

InstallGoldWave678.exe
Size

15.7MB
MD5

6f7ed0a5c897e45bd7c07bc59307033a
SHA1

dd9c041386219ec86cfef2f995616b3f0b094c64
SHA256

cc1f6a92dbfb1fa0ecd405935e16ffc8bfd4838937415afb69ad55c4680bd46b
SHA512

274314c71afd2d11e7fda765dac9bb18300afb0c98d822d28fa3d25ad8bee9c03c26c28ccb82787c10681e9ccab4b80e9dfc16e915d1a27b70d24e43e05f845b
SSDEEP

393216:rV12fXPbFvXwy0mora1LdOHb+RzX7V5D2cH+zIqNzf:rV0bmJLUdOHbazXvh+Vdf

Score

1^/10

Malware Config

Signatures

Files

InstallGoldWave678.exe
.exe windows:6 windows x64 arch:x64

Password: 1234

5e2b989d3334c11ac2c8eae421248805

Code Sign

24:dd:d7:0c:ff:b1:26:ff:a6:a7:6c:f2:cd:c5:9e:70
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

24/08/2021, 02:22

Not After

23/08/2024, 02:22

Subject

SERIALNUMBER=44263,CN=GoldWave Inc,O=GoldWave Inc,L=Mount Pearl,ST=Newfoundland and Labrador,C=CA,1.3.6.1.4.1.311.60.2.1.3=#13024341,1.3.6.1.4.1.311.60.2.1.2=#13194e6577666f756e646c616e6420616e64204c61627261646f72,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26/03/2019, 17:44

Not After

22/03/2034, 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/12/2022, 18:30

Not After

06/12/2032, 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5f:15:72:dc:59:86:4f:fc:4c:53:af:9b:00:d4:d3:62:53:b6:c5:78:4b:83:91:0b:eb:a1:70:8e:00:12:32:79
Signer

Actual PE Digest

5f:15:72:dc:59:86:4f:fc:4c:53:af:9b:00:d4:d3:62:53:b6:c5:78:4b:83:91:0b:eb:a1:70:8e:00:12:32:79

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineW
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoEx
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetTempFileNameW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLocaleName
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
MultiByteToWideChar
RaiseException
ReadFile
RemoveDirectoryA
RemoveVectoredExceptionHandler
RtlCaptureContext
SetConsoleCtrlHandler
SetEndOfFile
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetThreadLocale
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
RtlRestoreContext
RtlUnwindEx

version

GetFileVersionInfoW
VerQueryValueW

comctl32

CreatePropertySheetPageW
InitCommonControls
PropertySheetW

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW

shfolder

SHGetFolderPathW

user32

CheckDlgButton
CreateDialogParamW
DestroyWindow
DispatchMessageW
EnumChildWindows
EnumThreadWindows
FindWindowW
GetClassNameW
GetDesktopWindow
GetDlgItem
GetKeyState
GetWindowRect
GetWindowTextW
IsDlgButtonChecked
LoadStringW
MessageBoxA
MessageBoxW
PeekMessageW
PostMessageW
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetWindowPos
SetWindowTextW
ShowWindow
TranslateMessage
SetWindowLongPtrW
wsprintfA
wsprintfW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shlwapi

StrStrNIW

Exports

Exports

__CPPdebugHook
__setRaiseListFuncAddr

Sections

.text
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 61KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 1234

5e2b989d3334c11ac2c8eae421248805

Code Sign

24:dd:d7:0c:ff:b1:26:ff:a6:a7:6c:f2:cd:c5:9e:70Certificate

Extended Key Usages

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

5f:15:72:dc:59:86:4f:fc:4c:53:af:9b:00:d4:d3:62:53:b6:c5:78:4b:83:91:0b:eb:a1:70:8e:00:12:32:79Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

version

comctl32

shell32

shfolder

user32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 343KB - Virtual size: 342KB

.rodata Size: 55KB - Virtual size: 54KB

.data Size: 61KB - Virtual size: 135KB

.tls Size: 1KB - Virtual size: 1KB

.pdata Size: 16KB - Virtual size: 15KB

.xdata Size: 26KB - Virtual size: 25KB

.rdata Size: 512B - Virtual size: 40B

.idata Size: 5KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 110B

.rsrc Size: 114KB - Virtual size: 114KB

.reloc Size: 5KB - Virtual size: 5KB

24:dd:d7:0c:ff:b1:26:ff:a6:a7:6c:f2:cd:c5:9e:70
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

5f:15:72:dc:59:86:4f:fc:4c:53:af:9b:00:d4:d3:62:53:b6:c5:78:4b:83:91:0b:eb:a1:70:8e:00:12:32:79
Signer

.text
Size: 343KB - Virtual size: 342KB

.rodata
Size: 55KB - Virtual size: 54KB

.data
Size: 61KB - Virtual size: 135KB

.tls
Size: 1KB - Virtual size: 1KB

.pdata
Size: 16KB - Virtual size: 15KB

.xdata
Size: 26KB - Virtual size: 25KB

.rdata
Size: 512B - Virtual size: 40B

.idata
Size: 5KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 110B

.rsrc
Size: 114KB - Virtual size: 114KB

.reloc
Size: 5KB - Virtual size: 5KB