UnlockTool-2024-04-18-0[.]exe

Resubmissions

20-04-2024 13:34

240420-qvjmfshg95 8

Sharing

Copy URL

Twitter E-mail

General

Target

UnlockTool-2024-04-18-0.exe
Size

187.8MB
MD5

dbea942d9c61cb392abe5363c953b913
SHA1

caed4d34ca5081aa626abd4c01d26e05eb92ab14
SHA256

761e310c8a155206acb6e2ab101ad4d45b6559b6ff405cc6d13493834891c2cb
SHA512

20d878fd40cf7ceb84c64c842cbe9816b4890b233aae6c86f82c9df20546698d0179cd3e2a318e0d58324cdb6dabdb073347a075e45111c179d7f1f705d76125
SSDEEP

3145728:xTrWiavHOiXJcgg/+Cn33TDBCguZaoDzsuZ95zMQRp3odzhOAZFTL3br4gjKS7Af:xTrW1eg6TDBCgqaoDzsOxMcpSzIALrAf

Score

1^/10

Malware Config

Signatures

Files

UnlockTool-2024-04-18-0.exe
.exe windows:6 windows x86 arch:x86

c82f04178f2641cbb79895c5bae9ac4d

Code Sign

95:20:61:e1:f6:3f:54:58:dc:1c:84:e8:e0:6e:f3:36:83:39:c3:91:f3:25:87:eb:3d:7d:a4:5a:7a:8c:9d:b9
Certificate

Issuer

CN=unlocktool.net,OU=UnlockTool,O=UnlockTool,C=Ha Noi,1.2.840.113549.1.9.1=#0c18756e6c6f636b746f6f6c2e6e657440676d61696c2e636f6d

Not Before

15-11-2021 05:55

Not After

16-11-2031 05:55

Subject

CN=unlocktool.net,OU=UnlockTool,O=UnlockTool,C=Ha Noi,1.2.840.113549.1.9.1=#0c18756e6c6f636b746f6f6c2e6e657440676d61696c2e636f6d

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:34:13:7d:ed:b2:d8:92:dd:d1:ae:5c:c1:74:53:f0:45:11:07:d0:ff:8d:94:39:53:1d:f4:b1:a8:d4:92:98
Signer

Actual PE Digest

ba:34:13:7d:ed:b2:d8:92:dd:d1:ae:5c:c1:74:53:f0:45:11:07:d0:ff:8d:94:39:53:1d:f4:b1:a8:d4:92:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod

oleacc

LresultFromObject

wininet

InternetCloseHandle

winspool.drv

EnumPortsW

comdlg32

FindTextW

comctl32

ImageList_GetImageInfo

shell32

DragQueryFileW

user32

DdeSetUserHandle

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

netapi32

NetWkstaGetInfo

msvcrt

strncmp

advapi32

RegSetValueExW

xmllite

CreateXmlReader

kernel32

GetVersion
GetVersionExW

wsock32

htons

ole32

CreateDataAdviseHolder

gdi32

AddFontMemResourceEx

Sections

3!YbqO;E
Size: - Virtual size: 18.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

)NjidZ(%
Size: - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

^BQ"0kL'
Size: - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

]+KQo)#0
Size: - Virtual size: 809KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%O5t+qND
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

B\$x)(6>
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9^W1FBKq
Size: - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

r,$v]Rsj
Size: - Virtual size: 368B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

atw:99?_
Size: - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0x^31FBY
Size: - Virtual size: 219.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

c?Vb%/GZ
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r/RL1\\P
Size: 187.4MB - Virtual size: 187.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

@)L$q8/I
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

c82f04178f2641cbb79895c5bae9ac4d

Code Sign

95:20:61:e1:f6:3f:54:58:dc:1c:84:e8:e0:6e:f3:36:83:39:c3:91:f3:25:87:eb:3d:7d:a4:5a:7a:8c:9d:b9Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

ba:34:13:7d:ed:b2:d8:92:dd:d1:ae:5c:c1:74:53:f0:45:11:07:d0:ff:8d:94:39:53:1d:f4:b1:a8:d4:92:98Signer

Headers

DLL Characteristics

File Characteristics

Imports

winmm

oleacc

wininet

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

netapi32

msvcrt

advapi32

xmllite

kernel32

wsock32

ole32

gdi32

Sections

3!YbqO;E Size: - Virtual size: 18.8MB

)NjidZ(% Size: - Virtual size: 55KB

^BQ"0kL' Size: - Virtual size: 331KB

]+KQo)#0 Size: - Virtual size: 809KB

%O5t+qND Size: - Virtual size: 24KB

B\$x)(6> Size: - Virtual size: 15KB

9^W1FBKq Size: - Virtual size: 110B

r,$v]Rsj Size: - Virtual size: 368B

atw:99?_ Size: - Virtual size: 93B

0x^31FBY Size: - Virtual size: 219.7MB

c?Vb%/GZ Size: 1024B - Virtual size: 540B

r/RL1\\P Size: 187.4MB - Virtual size: 187.4MB

@)L$q8/I Size: 413KB - Virtual size: 412KB

95:20:61:e1:f6:3f:54:58:dc:1c:84:e8:e0:6e:f3:36:83:39:c3:91:f3:25:87:eb:3d:7d:a4:5a:7a:8c:9d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ba:34:13:7d:ed:b2:d8:92:dd:d1:ae:5c:c1:74:53:f0:45:11:07:d0:ff:8d:94:39:53:1d:f4:b1:a8:d4:92:98
Signer

3!YbqO;E
Size: - Virtual size: 18.8MB

)NjidZ(%
Size: - Virtual size: 55KB

^BQ"0kL'
Size: - Virtual size: 331KB

]+KQo)#0
Size: - Virtual size: 809KB

%O5t+qND
Size: - Virtual size: 24KB

B\$x)(6>
Size: - Virtual size: 15KB

9^W1FBKq
Size: - Virtual size: 110B

r,$v]Rsj
Size: - Virtual size: 368B

atw:99?_
Size: - Virtual size: 93B

0x^31FBY
Size: - Virtual size: 219.7MB

c?Vb%/GZ
Size: 1024B - Virtual size: 540B

r/RL1\\P
Size: 187.4MB - Virtual size: 187.4MB

@)L$q8/I
Size: 413KB - Virtual size: 412KB