c3d32445bf720a7da4c1be1f78adbdb8faac8f7a36d3c1024775fbca900d53e0

Sharing

Copy URL Twitter E-mail

General

Target

c3d32445bf720a7da4c1be1f78adbdb8faac8f7a36d3c1024775fbca900d53e0
Size

2.5MB
MD5

b18e1ec2c387b0ac7967d665b988a1e4
SHA1

cf768852c9c80e3d1cf3067027ecd8c2bf383c17
SHA256

c3d32445bf720a7da4c1be1f78adbdb8faac8f7a36d3c1024775fbca900d53e0
SHA512

2edf55083691707b88058edfe2889b526f62c6f6b90f0400a02f2ff5527b130a7c72ba09599e91874c1a11345d4e270b4011e54a523d2fdb5e95d8c86060ff56
SSDEEP

49152:K+S6t9SO1rGrshIh6w7u+jZ1/vSPW/5a3V4nC+dD17dvfYWTTXzigz:S67L1qrOIh6w7vjZxSew3V4nC+dD17d/

Score

1^/10

Malware Config

Signatures

Files

c3d32445bf720a7da4c1be1f78adbdb8faac8f7a36d3c1024775fbca900d53e0
.exe windows:6 windows x86 arch:x86

7a469fd6a787677b4950efa665569144

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:78:c8:e2:85:9c:24:18:0e:aa:16:a2:ef:5d:de:1c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/09/2020, 00:00

Not After

23/10/2023, 12:00

Subject

CN=NetEase Youdao Information Technology (Beijing) Co.\, Ltd.,O=NetEase Youdao Information Technology (Beijing) Co.\, Ltd.,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5a:a8:84:ab:a6:1f:7e:4e:ce:8d:2c:00:6b:a1:9f:a4:3d:cd:3e:62:99:d0:ed:b9:91:e2:49:05:8d:b2:e8:2b
Signer

Actual PE Digest

5a:a8:84:ab:a6:1f:7e:4e:ce:8d:2c:00:6b:a1:9f:a4:3d:cd:3e:62:99:d0:ed:b9:91:e2:49:05:8d:b2:e8:2b

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\TeamCity\workspace\YDProject\dict-pc\src\bin\Release\uninst.pdb

Imports

winmm

PlaySoundW
timeGetTime

kernel32

GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
ExitProcess
GetStdHandle
GetOEMCP
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ReadConsoleW
GetCommandLineA
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
RaiseException
OutputDebugStringW
GetConsoleOutputCP
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetConsoleMode
SetStdHandle
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetLocalTime
ReleaseSRWLockShared
AcquireSRWLockShared
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetACP
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameW
Sleep
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
GetWindowsDirectoryW
GetTickCount64
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
VirtualProtect
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
GlobalGetAtomNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetVersionExW
GetCurrentThread
OutputDebugStringA
SetLastError
FormatMessageW
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FreeLibrary
DeviceIoControl
LoadLibraryW
InitializeCriticalSectionEx
MultiByteToWideChar
MulDiv
GetCurrentProcess
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
GetCurrentThreadId
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesW
GetModuleHandleW
MoveFileExW
DeleteFileW
RemoveDirectoryW
WaitForSingleObject
FindClose
GetCommandLineW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetLastError
WriteFile
CreateFileW
CopyFileW
CreateDirectoryW
GetTempPathW
FindNextFileW
FindFirstFileW
GetModuleFileNameW
CloseHandle
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
LCMapStringEx
VirtualQuery

user32

CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
LoadCursorW
GetSysColorBrush
MapVirtualKeyW
GetKeyNameTextW
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
OffsetRect
RegisterWindowMessageW
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
UnregisterClassW
MessageBoxW
LoadIconW
SendMessageW
DrawTextExW
IsDialogMessageW
OpenClipboard
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
CheckDlgButton
GetAsyncKeyState
MoveWindow
UnhookWindowsHookEx
GetLastActivePopup
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
LoadMenuW
BringWindowToTop
HideCaret
CreatePopupMenu
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
GetMenuDefaultItem
TrackMouseEvent
UnionRect
SetParent
PostThreadMessageW
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
SendDlgItemMessageA
SetRectEmpty
DestroyIcon
GetMessagePos
CharUpperW
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
LoadAcceleratorsW
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
PostMessageW
TranslateAcceleratorW
EnableWindow
GetSystemMenu
EnableMenuItem
FillRect
LoadBitmapW
InvalidateRect
UpdateWindow
GetWindowRect
IsWindow
IsWindowVisible
GetDC
ReleaseDC
DrawTextW
GetWindow
LoadImageW
GetForegroundWindow
GetWindowThreadProcessId
ShowWindow
GetWindowLongW
SetWindowPos
SetForegroundWindow
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PostQuitMessage
SetWindowContextHelpId
GetParent
MapDialogRect
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetDesktopWindow
GetFocus
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyState
ValidateRect
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
DestroyCursor
GetWindowRgn
CreateMenu
SetWindowLongW

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
DeleteDC
DPtoLP
CreateCompatibleBitmap
EnumFontFamiliesExW
CreatePalette
LineTo
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetViewportExtEx
GetWindowExtEx
GetTextExtentPoint32W
DeleteObject
IntersectClipRect
GetPixel
GetObjectType
ExcludeClipRect
GetNearestPaletteIndex
Escape
GetTextMetricsW
SelectObject
CreateFontIndirectW
GetStockObject
BitBlt
CreateCompatibleDC
GetObjectW
SetRectRgn
GetClipBox
RemoveFontResourceW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW
ShellExecuteW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
SHDeleteKeyW
PathIsDirectoryW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
GetThemeColor
GetThemeSysColor
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
CloseThemeData

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateGuid

oleaut32

SysStringLen
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
VariantClear
VarBstrFromDate
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SafeArrayDestroy
LoadTypeLi
VariantCopy

oledlg

OleUIBusyW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersInfo

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a469fd6a787677b4950efa665569144

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

07:78:c8:e2:85:9c:24:18:0e:aa:16:a2:ef:5d:de:1cCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

5a:a8:84:ab:a6:1f:7e:4e:ce:8d:2c:00:6b:a1:9f:a4:3d:cd:3e:62:99:d0:ed:b9:91:e2:49:05:8d:b2:e8:2bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

version

iphlpapi

gdiplus

oleacc

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 390KB - Virtual size: 390KB

.data Size: 25KB - Virtual size: 44KB

.rsrc Size: 220KB - Virtual size: 220KB

Size: 177KB - Virtual size: 177KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

07:78:c8:e2:85:9c:24:18:0e:aa:16:a2:ef:5d:de:1c
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

5a:a8:84:ab:a6:1f:7e:4e:ce:8d:2c:00:6b:a1:9f:a4:3d:cd:3e:62:99:d0:ed:b9:91:e2:49:05:8d:b2:e8:2b
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 390KB - Virtual size: 390KB

.data
Size: 25KB - Virtual size: 44KB

.rsrc
Size: 220KB - Virtual size: 220KB