5a41aa8589e61e6aa908c4155a678d9fee43ee5c0b95187a7cca71a2a920991a

Sharing

Copy URL

Twitter E-mail

General

Target

5a41aa8589e61e6aa908c4155a678d9fee43ee5c0b95187a7cca71a2a920991a
Size

495KB
MD5

58486856e21867246324094e980de0a6
SHA1

65e72d2b65720c973c57239ada5f7874b73fdb5e
SHA256

5a41aa8589e61e6aa908c4155a678d9fee43ee5c0b95187a7cca71a2a920991a
SHA512

a423dadd9d4d11407da11648352b3c64910ff3050765c23171c3d0c4673ece72ebfdef788b475866ddd4153c623bdbf8e73c342f428ea4c5dc87b398552ff263
SSDEEP

12288:7PkHrZt5JOwvzwhc9/WNh1L82f5M5wTlAz85m6f3KC8vOsvYyn0563+A6:7sHrn5kwv8hc9Gc2fQzAf3KCfA6

Score

1^/10

Malware Config

Signatures

Files

5a41aa8589e61e6aa908c4155a678d9fee43ee5c0b95187a7cca71a2a920991a
.exe windows:5 windows x86 arch:x86

593e4d50695ac69dad12f705526c523b

Code Sign

fa:a5:70:b3:13:50:51:a2
Certificate

Issuer

CN=comm name ugo,OU=ugo unit name,O=ugogame company,ST=Some-State,C=cn

Not Before

22-05-2024 10:28

Not After

22-05-2025 10:28

Subject

CN=comm name ugo,OU=ugo unit name,O=ugogame company,ST=Some-State,C=cn

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

89:b5:cd:35:bd:eb:df:4c:a3:dd:e9:c6:c1:e0:71:b1:af:a6:6b:27:89:25:9a:2a:3a:f7:86:ee:c4:d3:fb:1b
Signer

Actual PE Digest

89:b5:cd:35:bd:eb:df:4c:a3:dd:e9:c6:c1:e0:71:b1:af:a6:6b:27:89:25:9a:2a:3a:f7:86:ee:c4:d3:fb:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
socket
htons
connect
closesocket

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

wke

wkeCreateWebView
jsBindFunction
jsArg
jsToInt
wkeShutdown
jsUndefined
jsTrue
jsStringW
wkeInit
jsToStringW
wkeUpdate

kernel32

GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GlobalLock
GlobalUnlock
LocalFree
MulDiv
FormatMessageA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateEventA
ResumeThread
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetOEMCP
GetCPInfo
GetThreadLocale
FindClose
FindFirstFileA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetVolumeInformationA
SetErrorMode
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GlobalAddAtomA
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
CreateFileW
DeleteFileW
GetCurrentDirectoryW
CreateDirectoryW
SetStdHandle
FindNextFileA
FindFirstFileExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
SetFileAttributesW
GetFileAttributesExW
GetFileType
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetDriveTypeW
GetStdHandle
ExitProcess
LockResource
LoadResource
SizeofResource
FindResourceW
WideCharToMultiByte
GetFileSize
CloseHandle
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
CreateFileA
OutputDebugStringW
LCMapStringW
GetStringTypeW
RtlUnwind
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
SetLastError
GetACP
GlobalFree
GlobalAlloc
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
CreateProcessA
SetFileTime
GetFileTime
GetCurrentProcess
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
MoveFileA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetVersionExA
GetCurrentDirectoryA
OutputDebugStringA
SetThreadLocale
CreateMutexA
WaitForSingleObject
ReleaseMutex
CopyFileA
DeleteFileA
Sleep
SetEvent
SetFilePointer
ReadFile
WriteFile
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
lstrcmpA
InitializeCriticalSection
VirtualProtect
VirtualAlloc
GetProcAddress
MultiByteToWideChar
DeleteCriticalSection
IsDebuggerPresent

user32

RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
GetCursorPos
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetWindowThreadProcessId
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IntersectRect
ClientToScreen
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
GetWindowTextA
RemovePropA
GetScrollPos
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
IsWindow
PostThreadMessageA
TabbedTextOutA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
RegisterWindowMessageA
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetDC
UnregisterClassA
PtInRect
CopyRect
ReleaseDC
GetCapture
UpdateWindow
KillTimer
LoadIconW
EnumWindows
SetWindowLongA
GetWindowLongA
ScreenToClient
GetPropA
SetPropA
SetForegroundWindow
DrawIcon
GetSystemMetrics
SetTimer
ReleaseCapture
SetCapture
GetFocus
IsIconic
SetWindowPos
UpdateLayeredWindow
ShowWindow
SendMessageA
SetParent
MoveWindow
DispatchMessageA
TranslateMessage
GetMessageA
DestroyWindow
PostQuitMessage
GetWindowRect
LoadStringA
MessageBoxA
GetParent
GetClientRect
InvalidateRect
EnableWindow
PostMessageA
GetWindow

gdi32

Escape
GetClipBox
GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
ExtSelectClipRgn
SetMapMode
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
GetDeviceCaps
SetTextColor
SetBkColor
SaveDC
RestoreDC
TextOutA
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SystemFunction036
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoRegisterMessageFilter
CoCreateGuid
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes

oleaut32

OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
SysAllocStringByteLen

oledlg

ord8

wininet

HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetQueryDataAvailable
InternetReadFile
InternetConnectA
InternetCloseHandle
HttpAddRequestHeadersA
InternetOpenA

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

593e4d50695ac69dad12f705526c523b

Code Sign

fa:a5:70:b3:13:50:51:a2Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

89:b5:cd:35:bd:eb:df:4c:a3:dd:e9:c6:c1:e0:71:b1:af:a6:6b:27:89:25:9a:2a:3a:f7:86:ee:c4:d3:fb:1bSigner

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

winmm

wke

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

wininet

oleacc

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 11KB - Virtual size: 25KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 33KB - Virtual size: 33KB

fa:a5:70:b3:13:50:51:a2
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

89:b5:cd:35:bd:eb:df:4c:a3:dd:e9:c6:c1:e0:71:b1:af:a6:6b:27:89:25:9a:2a:3a:f7:86:ee:c4:d3:fb:1b
Signer

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 11KB - Virtual size: 25KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 33KB - Virtual size: 33KB