Roland-Cloud-Manager-Installer-3-1-3[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Roland-Cloud-Manager-Installer-3-1-3.exe
Size

131.3MB
MD5

a4ad69728106717dd8fb23af62acca07
SHA1

8020784305c566810f2fe064ad924887e66fe7c5
SHA256

a07e0062af713a09c2a5ea12b7c0852f237b43eb8fdd4e2fb96c8c887f988a02
SHA512

8d3b6c75a3a26fa25bd48825864922f0e5efbaa3b2f097d992ece4a5568a58eeded756c19b7d45dbe4022036eb504f6f03b5bbe4a52642232427ce31947d313e
SSDEEP

3145728:3N+5amCDj6GQvlLJKOcgJfWhqRN15mWGww/xp/6kN3gJI:3iamjGSKSOhqlId3oUl

Score

1^/10

Malware Config

Signatures

Files

Roland-Cloud-Manager-Installer-3-1-3.exe
.exe windows:6 windows x64 arch:x64

26c1365d08134f8bd2a475f273f1ee30

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a7:be:3b:2d:a5:1a:85:a3:49:c4:98:a0:49:97:b2
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/12/2023, 00:00

Not After

06/01/2025, 23:59

Subject

SERIALNUMBER=465120,CN=Roland Corporation U.S.,OU=Engineering,O=Roland Corporation U.S.,L=Los Angeles,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:2c:32:eb:48:6f:16:95:2d:14:4a:66:e9:67:e9:54:42:dd:44:0a:d0:72:4f:56:6d:39:9d:26:29:8f:71:2d
Signer

Actual PE Digest

3a:2c:32:eb:48:6f:16:95:2d:14:4a:66:e9:67:e9:54:42:dd:44:0a:d0:72:4f:56:6d:39:9d:26:29:8f:71:2d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

uxtheme

DrawThemeBackground
GetCurrentThemeName
IsAppThemed
IsThemeActive
SetWindowTheme
GetThemeBool
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
GetThemeSysFont
CloseThemeData
GetThemeTransitionDuration
GetThemePropertyOrigin
GetThemeMargins
GetThemeEnumValue
GetThemeInt
GetThemeColor
GetThemePartSize
OpenThemeData
SetWindowThemeAttribute
ord47
DrawThemeTextEx

dwmapi

DwmIsCompositionEnabled
DwmDefWindowProc
DwmEnableBlurBehindWindow
DwmExtendFrameIntoClientArea
DwmGetWindowAttribute
DwmSetWindowAttribute

oleaut32

SafeArrayCreateVector
SysAllocString
SafeArrayPutElement
SysFreeString
VariantCopy
VariantClear
SysAllocStringLen

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmAssociateContextEx
ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW

opengl32

glLoadMatrixf
glMatrixMode
glOrtho
glLoadIdentity

gdi32

GetDIBits
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
SetLayout
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
CreateBitmap
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW

iphlpapi

ConvertInterfaceIndexToLuid
GetAdaptersAddresses
ConvertInterfaceNameToLuidW
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToIndex
ConvertInterfaceLuidToGuid

mpr

WNetGetUniversalNameA

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

netapi32

NetApiBufferFree
NetShareEnum

ws2_32

__WSAFDIsSet
bind
closesocket
getpeername
getsockname
getnameinfo
listen
select
setsockopt
WSAGetLastError
WSAAccept
WSAConnect
WSAHtonl
freeaddrinfo
getaddrinfo
ntohl
htonl
htons
WSAIoctl
WSANtohl
WSANtohs
WSARecv
WSARecvFrom
WSASend
WSASendTo
WSASocketW
gethostname
WSAStartup
WSACleanup
WSAAsyncSelect
getsockopt

advapi32

SetSecurityDescriptorGroup
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
DuplicateToken
CopySid
AccessCheck
GetSidSubAuthorityCount
GetSidSubAuthority
SystemFunction036
SetSecurityDescriptorOwner
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
AddAccessAllowedAce
RegNotifyChangeKeyValue
GetFileSecurityW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
LookupPrivilegeValueW
PrivilegeCheck
AdjustTokenPrivileges

kernel32

InitializeCriticalSectionEx
InitOnceComplete
InitOnceBeginInitialize
CreateMutexW
EncodePointer
ReleaseMutex
GetUserGeoID
GetGeoInfoW
FindNextChangeNotification
LCMapStringW
CompareStringW
GetModuleHandleExW
FindFirstFileExW
SetFilePointerEx
GetFileType
GetFileInformationByHandleEx
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
CopyFileW
GetLogicalDrives
GetFullPathNameW
GetFileAttributesW
WriteFileEx
SleepEx
CancelIoEx
PeekNamedPipe
ReadFileEx
RegisterWaitForSingleObject
UnregisterWaitEx
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessId
GetExitCodeProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
WaitForSingleObjectEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
DecodePointer
LCMapStringEx
RtlPcToFileHeader
RaiseException
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
RtlUnwindEx
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetStdHandle
HeapFree
HeapAlloc
IsValidLocale
EnumSystemLocalesW
HeapReAlloc
GetFileSizeEx
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
GetProcessHeap
HeapSize
RtlAddFunctionTable
FreeConsole
GetConsoleProcessList
GetCommandLineW
CloseHandle
GetLastError
GetCurrentProcess
CreateProcessW
LocalFree
FormatMessageW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
GetEnvironmentVariableW
OpenProcess
GetLogicalDriveStringsA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDiskFreeSpaceExA
GetDriveTypeA
GetDriveTypeW
GetVolumePathNamesForVolumeNameW
SetErrorMode
WaitForSingleObject
TerminateProcess
FileTimeToSystemTime
CreateFileW
FlushFileBuffers
LockFile
UnlockFile
WriteFile
DeviceIoControl
CompareFileTime
GetProcAddress
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GetTempPathW
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetSystemDirectoryW
GetModuleHandleW
MoveFileW
GetStdHandle
GetFileInformationByHandle
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
GetLogicalDriveStringsW
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
GetSystemTimeAsFileTime
FileTimeToDosDateTime
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
CreateEventW
CreateSemaphoreW
VirtualAlloc
VirtualFree
GetSystemInfo
WaitForMultipleObjects
lstrcmpW
WTSGetActiveConsoleSessionId
ExpandEnvironmentStringsW
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetUserDefaultLangID
GetVolumeInformationW
LocalAlloc
GetConsoleWindow
ExitProcess
GetTimeZoneInformation
VirtualProtect
CreateFileMappingW
WriteConsoleW
RtlDeleteFunctionTable
DisconnectNamedPipe
WaitNamedPipeW
GlobalFree
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
SetHandleInformation
GetNativeSystemInfo
OutputDebugStringW
IsProcessorFeaturePresent
CompareStringEx
GetStartupInfoW
GetSystemTime
GetLocalTime
DuplicateHandle
Sleep
SwitchToThread
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread

ole32

CoGetMalloc
ReleaseStgMedium
DoDragDrop
OleIsCurrentClipboard
StringFromGUID2
OleGetClipboard
OleSetClipboard
CoInitializeEx
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
OleFlushClipboard

shell32

Shell_NotifyIconGetRect
Shell_NotifyIconW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromParsingName
ord155
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHChangeNotify
SHParseDisplayName
CommandLineToArgvW
SHGetKnownFolderPath
SHGetFolderLocation
ShellExecuteExW
SHGetFolderPathW
SHCreateItemFromIDList
SHBrowseForFolderW

user32

EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
RealGetWindowClassW
ChangeWindowMessageFilterEx
DrawIconEx
MessageBoxW
PostThreadMessageW
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
ScreenToClient
PostMessageW
EnumWindows
GetWindowThreadProcessId
SendMessageTimeoutW
CharUpperW
GetSystemMetrics
SystemParametersInfoW
DefWindowProcW
DestroyWindow
GetDC
ReleaseDC
GetSysColor
GetDesktopWindow
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetMenu
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
DestroyCaret
GetWindowLongW
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
SetParent
GetWindow
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret

winmm

PlaySoundW
timeSetEvent
timeKillEvent

Sections

.text
Size: 14.4MB - Virtual size: 14.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 914KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 239B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26c1365d08134f8bd2a475f273f1ee30

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0f:a7:be:3b:2d:a5:1a:85:a3:49:c4:98:a0:49:97:b2Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

3a:2c:32:eb:48:6f:16:95:2d:14:4a:66:e9:67:e9:54:42:dd:44:0a:d0:72:4f:56:6d:39:9d:26:29:8f:71:2dSigner

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

uxtheme

dwmapi

oleaut32

imm32

opengl32

gdi32

iphlpapi

mpr

userenv

version

netapi32

ws2_32

advapi32

kernel32

ole32

shell32

user32

winmm

Sections

.text Size: 14.4MB - Virtual size: 14.4MB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.data Size: 914KB - Virtual size: 1.0MB

.pdata Size: 668KB - Virtual size: 667KB

.qtmetad Size: 512B - Virtual size: 239B

.qtmimed Size: 315KB - Virtual size: 315KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 239KB - Virtual size: 239KB

.reloc Size: 114KB - Virtual size: 114KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0f:a7:be:3b:2d:a5:1a:85:a3:49:c4:98:a0:49:97:b2
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

3a:2c:32:eb:48:6f:16:95:2d:14:4a:66:e9:67:e9:54:42:dd:44:0a:d0:72:4f:56:6d:39:9d:26:29:8f:71:2d
Signer

.text
Size: 14.4MB - Virtual size: 14.4MB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 914KB - Virtual size: 1.0MB

.pdata
Size: 668KB - Virtual size: 667KB

.qtmetad
Size: 512B - Virtual size: 239B

.qtmimed
Size: 315KB - Virtual size: 315KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 239KB - Virtual size: 239KB

.reloc
Size: 114KB - Virtual size: 114KB