wd553exe[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

wd553exe.dll
Size

1.5MB
MD5

60afc9d4585ec9f56db4979f88a99e4f
SHA1

14d5dbe14d96978cef4bfca4023da81bec641dbc
SHA256

6196d18230674ba87f7d11debc52623450ae65f30aef1d4a395e34626748867f
SHA512

8b5e0819e97cf59c420974465815c35e0c84c834e242d1d7fe281b74f4fc148d0bb6d8b397d67805a160278292fbec5ce828d394046470909f89e851f7058cb8
SSDEEP

24576:oRdNxk48fn9Ltu6jxRTRdfTN8zFumbzaeZwhkp:o/pc9RvxZCHp

Score

1^/10

Malware Config

Signatures

Files

wd553exe.dll
.dll windows:4 windows x86 arch:x86

98f83035fdee542de70f4f806b46d11f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7f:b2:86:d4:53:b5:c5:7e:8e:09:c9:c9:94:06:8b:9b
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

05/10/2017, 00:00

Not After

04/12/2019, 23:59

Subject

CN=PC SOFT INFORMATIQUE,OU=Quality Assurance,O=PC SOFT INFORMATIQUE,L=MONTPELLIER,ST=Hérault,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:df:0e:72:22:65:31:20:2a:6b:85:fa:f0:94:42:f4:33:56:c1:6d
Signer

Actual PE Digest

6b:df:0e:72:22:65:31:20:2a:6b:85:fa:f0:94:42:f4:33:56:c1:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

CreateDirectoryA
RemoveDirectoryA
GetDiskFreeSpaceA
CopyFileA
GetFileSize
GetFullPathNameA
SetHandleCount
_llseek
_lopen
GetTickCount
lstrcatA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineA
GetVolumeInformationA
FindClose
_lwrite
GetTempFileNameA
GetTempPathA
IsBadWritePtr
_lread
_hread
_hwrite
GetEnvironmentVariableA
FreeLibrary
LoadLibraryA
SetErrorMode
GetProcAddress
SetStdHandle
CompareStringA
CompareStringW
FindFirstFileA
FindNextFileA
FlushFileBuffers
SetEndOfFile
UnlockFile
LockFile
DeleteFileA
SetFilePointer
WriteFile
ReadFile
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileAttributesA
SetFileAttributesA
GetVersionExA
WriteProfileStringA
SizeofResource
GetWindowsDirectoryA
GlobalCompact
GlobalReAlloc
lstrlenA
OpenFile
_lclose
GetModuleFileNameA
GetDriveTypeA
ExitProcess
FatalAppExitA
GetModuleHandleA
GetLocalTime
FindResourceA
LoadResource
LockResource
FreeResource
CreateMutexA
ReleaseMutex
IsBadReadPtr
GetPrivateProfileIntA
CreateProcessA
GetLastError
WaitForSingleObject
lstrcpyA
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProfileStringA
GetVersion
IsBadCodePtr
HeapReAlloc
HeapAlloc
HeapDestroy
HeapFree
HeapCreate
GlobalHandle
GlobalSize
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
GetPrivateProfileStringA
WinExec
MultiByteToWideChar
WideCharToMultiByte
GetProfileIntA
Sleep
GetCurrentThread
TlsFree
TlsAlloc
SetLastError
GetCurrentThreadId
GetStringTypeW
TlsSetValue
LeaveCriticalSection
EnterCriticalSection
GetStringTypeA
InitializeCriticalSection
SetEnvironmentVariableA
DeleteCriticalSection
RtlUnwind
GetCurrentProcess
MoveFileA
GetStdHandle
RaiseException
TlsGetValue
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetFileType
TerminateProcess
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidLocale
IsValidCodePage
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoA

user32

GetMenu
GetWindow
DrawMenuBar
GetMenuItemID
GetSubMenu
SetMenu
CreateMenu
RemoveMenu
InsertMenuA
GetMenuItemInfoA
GetMenuItemCount
LoadBitmapA
DestroyCursor
IntersectRect
TranslateMDISysAccel
GetScrollRange
FlashWindow
PostQuitMessage
DdeQueryStringA
AdjustWindowRect
AdjustWindowRectEx
ShowScrollBar
ScrollWindow
SetActiveWindow
BringWindowToTop
LoadCursorFromFileA
GetClassLongA
CreateIcon
ShowCaret
HideCaret
GetCaretPos
LoadImageA
LoadIconA
GetDlgItem
DestroyIcon
GetCursorPos
UpdateWindow
SetCursorPos
IsRectEmpty
IsWindowVisible
PeekMessageA
TranslateMessage
DispatchMessageA
GetCursor
ReleaseCapture
GetCapture
GetActiveWindow
SetCursor
ShowCursor
GetClassInfoA
GetPropA
SetPropA
RemovePropA
DdeFreeDataHandle
CheckMenuItem
GetSystemMenu
GetMenuState
DdeInitializeA
DdeCreateStringHandleA
DdeClientTransaction
DdeGetData
DdeFreeStringHandle
DdeUninitialize
DdeDisconnect
BeginDeferWindowPos
EndDeferWindowPos
GetMenuItemRect
DdeConnect
IsWindowEnabled
OffsetRect
SetRect
RegisterClipboardFormatA
LoadCursorA
ShowWindow
MoveWindow
InflateRect
SetFocus
GetKeyState
CallWindowProcA
GetFocus
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wvsprintfA
DestroyWindow
FindWindowA
RegisterClassA
PostMessageA
IsWindow
DefWindowProcA
FillRect
DrawTextA
GetClientRect
EnumChildWindows
GetWindowRect
GetParent
ScreenToClient
SetWindowPos
GetSystemMetrics
SetScrollRange
SetScrollPos
SetWindowTextA
SendMessageA
GetDC
EnumWindows
WindowFromPoint
ChildWindowFromPoint
GetMessageA
ReleaseDC
GetSysColor
CreateWindowExA
wsprintfA
MessageBoxA
GetWindowLongA
SetWindowLongA
DdeGetLastError
DdeAccessData
FindWindowExA
GetDlgItemTextA
WinHelpA
FrameRect
CopyRect
EnableWindow
DeferWindowPos
DestroyMenu
CreatePopupMenu
AppendMenuA
TrackPopupMenu
ModifyMenuA
EnableMenuItem
SetTimer
KillTimer
IsClipboardFormatAvailable
GetClipboardData
SystemParametersInfoA
PtInRect
BeginPaint
DdePostAdvise
DdeCreateDataHandle
DdeNameService
DdeUnaccessData
CharUpperA
UnregisterClassA
SetCapture
IsZoomed
DrawIcon
EndPaint
MessageBeep
SetClassLongA
WaitMessage
CharToOemA
LoadStringA
OemToCharA
DefMDIChildProcA
RegisterWindowMessageA
DefFrameProcA
IsIconic
GetClassNameA
GetScrollPos
DrawFocusRect
GetWindowDC
InvalidateRect
ClientToScreen
GetWindowTextA

gdi32

SetTextColor
GetTextMetricsA
DeleteObject
CreateSolidBrush
GetStockObject
CreateFontIndirectA
GetTextFaceA
CreateBrushIndirect
CreatePenIndirect
CreateCompatibleBitmap
DeleteDC
SetBkColor
LineTo
MoveToEx
Rectangle
GetTextExtentPointA
GetTextExtentPoint32A
SetViewportOrgEx
GetViewportOrgEx
SetViewportExtEx
SetMetaFileBitsEx
SetWindowExtEx
SetWindowOrgEx
GetWindowOrgEx
CreatePatternBrush
CreateBitmap
Arc
Ellipse
Polygon
GetDeviceCaps
CreateDIBitmap
GetObjectA
SetPixel
GetPixel
CreateCompatibleDC
BitBlt
SetPolyFillMode
Polyline
CreatePen
SetMapMode
DPtoLP
LPtoDP
ExtTextOutA
CreatePalette
SetStretchBltMode
SelectPalette
StretchDIBits
StretchBlt
PatBlt
RealizePalette
SetMapperFlags
PlayMetaFile
GetDIBits
GetNearestColor
DeleteMetaFile
RestoreDC
SaveDC
SelectClipRgn
CreateRectRgn
ExtFloodFill
TextOutA
GetTextColor
Pie
Chord
ExcludeClipRect
GetObjectType
GetBitmapBits
CreateRectRgnIndirect
GetClipBox
SelectObject
SetBkMode

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegEnumValueA
RegOpenKeyExA

shell32

DragFinish

ole32

OleCreateStaticFromData
CLSIDFromProgID
OleCreate
OleCreateFromFile
OleDraw
OleCreateFromData
OleSetClipboard
OleSave
CreateBindCtx
CoGetMalloc
OleUninitialize
OleInitialize
OleQueryCreateFromData
OleGetClipboard
OleConvertIStorageToOLESTREAM
OleLoad
OleConvertOLESTREAMToIStorage
OleSetContainedObject
StgCreateDocfile

oleaut32

SysStringLen
SysFreeString
VariantChangeType
SysAllocStringLen
VariantInit

mpr

WNetAddConnectionA
WNetCancelConnectionA

Exports

Exports

?MessageHook@CChamp@@KGJPAUHWND__@@IIJ@Z
?MessageHook@CEuroChamp@@KGJPAUHWND__@@IIJ@Z
?MessageHook@CFen@@KGJPAUHWND__@@IIJ@Z
?MessageHook@COmbreFloue@@KGJPAUHWND__@@IIJ@Z
?MessageHook@CPotar@@KGJPAUHWND__@@IIJ@Z
?MessageHook@CPotarRotatif@@KGJPAUHWND__@@IIJ@Z
?MessageHook@CSpin@@KGJPAUHWND__@@IIJ@Z
?WindowProc@CFen@@KGJPAUHWND__@@IIJ@Z
ARBOR_nRelationFenetre
ARBOR_pstGetContexteFromName
AffTexteLongC
AffTexteLongP
BMP_bOpenExport
BMX_bDelBitmap
BMX_bDrawBitmap
BMX_bGetBitmap
BMX_bSethBitmap
DLL_bCommande
EDI_bGereCont
EDI_pCreChamp
EXE_AppelFonc
EXE_ArretBrutal
EXE_Commande
EXE_Ouvre
EXE_Projet
EXE_SetMessage
EXE_nFormatReconnu
EXE_nTypeImage
EXE_pszGetNom
EXE_pszGetNomDLL
EXE_wGetIdent
FinInstance
JAUGE_Dessin
JAUGE_bTermineJauge
JAUGE_pInitJauge
SQL_bCommande
SetWDWEBFunc2
SetonIDLECallBack
WD4InitInstance
WDCALLC
WDCALLP
WDCALLVB
WDInitInstance
WDRecupDirect
WDRecupDirect2
WLINTERF_bIsChamp
WRBIB3_bCommande
WRINTERF_AddLibrary
WRSTD_bCommande
WSIPPARTAGE
bEXE_AfficheImage
bEXE_ChargeImage
bEXE_FinImage
bEXE_GetInfoImage
bEXE_GetWinDevName
bEXE_GetWinDevName2
bEXE_RemplitInfos
bSauveImage
bSauveImageBouton
bSetFormatAffichage
bTermineInstance
hEXE_GetHandleFromWinDevName
lRUN_TraiteAscenseur
lRUN_TraiteBaricon
lRUN_TraiteBarmess
lRUN_TraiteBouton
lRUN_TraiteCombo
lRUN_TraiteEdit
lRUN_TraiteEditCombo
lRUN_TraiteEditTableau
lRUN_TraiteGroupIcon
lRUN_TraiteListe
lRUN_TraiteSelecteur
lRUN_TraiteStatic
lRUN_TraiteWindow
pGetTauxDeChangeInDLLEXE
pstGetProcheContexte
pszEXE_GetMessage
wRUN_TimerImage

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98f83035fdee542de70f4f806b46d11f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

7f:b2:86:d4:53:b5:c5:7e:8e:09:c9:c9:94:06:8b:9bCertificate

Extended Key Usages

Key Usages

6b:df:0e:72:22:65:31:20:2a:6b:85:fa:f0:94:42:f4:33:56:c1:6dSigner

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

mpr

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 105KB - Virtual size: 123KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 91KB - Virtual size: 91KB

.reloc Size: 48KB - Virtual size: 47KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

7f:b2:86:d4:53:b5:c5:7e:8e:09:c9:c9:94:06:8b:9b
Certificate

6b:df:0e:72:22:65:31:20:2a:6b:85:fa:f0:94:42:f4:33:56:c1:6d
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 105KB - Virtual size: 123KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 91KB - Virtual size: 91KB

.reloc
Size: 48KB - Virtual size: 47KB