8cac2e81bce6ddb25b69489af637bad89d68263078a2baaa779f6347d6f6e4c7

Sharing

Copy URL

Twitter E-mail

General

Target

8cac2e81bce6ddb25b69489af637bad89d68263078a2baaa779f6347d6f6e4c7
Size

1.4MB
MD5

ce4af6dd11ccb8a07cad8544adfb632e
SHA1

b3d4d672bd4d6392a8edac5edbb27e56933dafad
SHA256

8cac2e81bce6ddb25b69489af637bad89d68263078a2baaa779f6347d6f6e4c7
SHA512

67bc33f63661ae8a9f3431e2b43c9ef09e53d3cc124e4cad7ba11dad1cf2554b8297f443587c31ac8b712828e7350f2982783d37cc7a16b140c9bbb21f2e81f7
SSDEEP

24576:92d3USn2jekEylUD8QB4dregAZShWKkCALnJTJ95Rf:W3hn2j/vlUgQB4dNCKk1TJ95

Score

1^/10

Malware Config

Signatures

Files

8cac2e81bce6ddb25b69489af637bad89d68263078a2baaa779f6347d6f6e4c7
.exe windows:5 windows x86 arch:x86

25b4d7004331ba653fbd05720d8f38b0

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

16-10-2020 00:00

Not After

20-10-2021 23:59

Subject

CN=Nanchang Xianyang Network Technology Co.\, Ltd.,O=Nanchang Xianyang Network Technology Co.\, Ltd.,L=南昌市,ST=江西省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

16-10-2020 00:00

Not After

20-10-2021 23:59

Subject

CN=Nanchang Xianyang Network Technology Co.\, Ltd.,O=Nanchang Xianyang Network Technology Co.\, Ltd.,L=南昌市,ST=江西省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:c2:a2:64:64:9a:8c:66:a8:85:03:34:87:d9:00:ef:ff:bb:e3:fa:eb:ed:eb:a7:05:ad:05:ae:d8:e8:b4:2f
Signer

Actual PE Digest

c1:c2:a2:64:64:9a:8c:66:a8:85:03:34:87:d9:00:ef:ff:bb:e3:fa:eb:ed:eb:a7:05:ad:05:ae:d8:e8:b4:2f

Digest Algorithm

sha256

PE Digest Matches

false

0a:57:31:1a:d3:da:09:d5:3c:a4:44:6a:c9:8f:06:0a:4c:c1:38:4e
Signer

Actual PE Digest

0a:57:31:1a:d3:da:09:d5:3c:a4:44:6a:c9:8f:06:0a:4c:c1:38:4e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\NewCoseS\trunk\projs\calendar\build\Release\bin\greenlight.pdb

Imports

ws2_32

getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
ioctlsocket
getsockopt
htons
setsockopt
socket
WSAIoctl
WSAStartup
WSACleanup
getaddrinfo
freeaddrinfo
recvfrom
sendto
accept
listen
gethostname
htonl
ntohl
ntohs

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

SetFilePointerEx
FlushFileBuffers
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleA
LoadLibraryW
WaitForMultipleObjects
GetSystemInfo
HeapAlloc
HeapDestroy
HeapCreate
GetFileSizeEx
GetVersionExW
GetModuleHandleExW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
QueryPerformanceFrequency
FileTimeToSystemTime
FindResourceW
GetCurrentDirectoryW
GetFileAttributesExW
ReadFile
CreateThread
RaiseException
Sleep
GetCurrentThreadId
GetCurrentProcess
IsDebuggerPresent
GetUserDefaultLangID
LocalFree
GetCommandLineW
GetTickCount
FormatMessageA
GetCurrentProcessId
CreateFileW
GetModuleFileNameW
WriteFile
WideCharToMultiByte
MultiByteToWideChar
SetCurrentDirectoryW
CloseHandle
CreateMutexW
GetLocalTime
LoadLibraryExW
GetProcAddress
FreeLibrary
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
HeapFree
InitializeCriticalSection
FlushInstructionCache
GetFullPathNameW
FreeResource
LoadResource
LockResource
SetEndOfFile
GetCPInfo
GetStringTypeW
GetLocaleInfoW
SizeofResource
HeapSize
ReadConsoleW
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
WriteConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
GetDriveTypeW
HeapReAlloc
GetACP
SetStdHandle
ExitProcess
GetConsoleMode
GetConsoleCP
RtlUnwind
PeekNamedPipe
GetFileType
LCMapStringW
GetStdHandle
ExpandEnvironmentStringsA
WaitForSingleObjectEx
VerifyVersionInfoW
GetSystemDirectoryW
VerSetConditionMask
SleepEx
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryA
GetVersionExA
MulDiv
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
EncodePointer
DecodePointer
CompareStringW

user32

RegisterClassExW
UnregisterClassW
CreateWindowExW
PostMessageW
DispatchMessageW
TranslateMessage
KillTimer
DefWindowProcW
SystemParametersInfoA
PostQuitMessage
DrawIconEx
InvertRect
FillRect
GetForegroundWindow
MsgWaitForMultipleObjects
SetMenuContextHelpId
SetForegroundWindow
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
PtInRect
SetRect
SetCapture
ClientToScreen
CopyRect
GetMonitorInfoW
OffsetRect
GetSystemMetrics
MonitorFromWindow
SetWindowPos
SystemParametersInfoW
SetWindowLongW
wsprintfW
SetTimer
ShowWindow
SendMessageW
DestroyWindow
GetWindowLongW
GetActiveWindow
CallWindowProcW
GetDlgItem
GetClientRect
GetWindowRect
MapWindowPoints
GetParent
GetWindow
LoadCursorW
DestroyCursor
IsWindow
SetFocus
GetFocus
GetKeyState
SetCursor
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
GetCursorPos
ScreenToClient
TrackMouseEvent
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
GetCapture
ReleaseCapture
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
GetClassNameW
DestroyIcon
CharNextW
GetIconInfo
LoadBitmapW
CreateIconFromResource
LoadImageW
GetMessageW
EnableMenuItem
GetSysColor
IsWindowVisible
DrawTextW
AppendMenuW
CharLowerBuffW
MapVirtualKeyA
UpdateLayeredWindow
IsMenu
IsWindowEnabled
CreatePopupMenu
DestroyMenu
GetMenuItemCount
PeekMessageW

advapi32

CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
CryptImportKey

ole32

CreateStreamOnHGlobal
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
OleInitialize
OleUninitialize

shlwapi

StrToIntExW

wldap32

ord216
ord73
ord14
ord41
ord118
ord26
ord27
ord127
ord167
ord46
ord219
ord145
ord208
ord301
ord147
ord133
ord79
ord142

crypt32

CryptStringToBinaryW
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringW
CertAddCertificateContextToStore

winmm

timeGetTime

imm32

ImmReleaseContext
ImmGetContext
ImmAssociateContext

msimg32

GradientFill
AlphaBlend

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectI
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGraphicsClear
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0

gdi32

Rectangle
SetBkMode
GetObjectW
StretchBlt
CreateCompatibleBitmap
SetViewportOrgEx
GetCurrentObject
GetViewportOrgEx
Arc
CombineRgn
CreateEllipticRgnIndirect
GetStockObject
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
Ellipse
ExcludeClipRect
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SetGraphicsMode
GetClipRgn
GetRgnBox
GetTextColor
GetTextExtentPoint32W
IntersectClipRect
OffsetRgn
Pie
PtInRegion
RectInRegion
RestoreDC
SaveDC
ExtSelectClipRgn
SetRectRgn
SetROP2
SetTextColor
GetWorldTransform
SetWorldTransform
CreateDIBSection
ExtCreatePen
Polyline
GetDeviceCaps
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
CreateRoundRectRgn
EnumFontsW
DeleteObject
CreatePen
RoundRect
BitBlt

oleaut32

SysAllocString
SysFreeString

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 879KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25b4d7004331ba653fbd05720d8f38b0

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

c1:c2:a2:64:64:9a:8c:66:a8:85:03:34:87:d9:00:ef:ff:bb:e3:fa:eb:ed:eb:a7:05:ad:05:ae:d8:e8:b4:2fSigner

0a:57:31:1a:d3:da:09:d5:3c:a4:44:6a:c9:8f:06:0a:4c:c1:38:4eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

version

kernel32

user32

advapi32

ole32

shlwapi

wldap32

crypt32

winmm

imm32

msimg32

gdiplus

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 879KB - Virtual size: 879KB

.rdata Size: 201KB - Virtual size: 201KB

.data Size: 12KB - Virtual size: 85KB

.gfids Size: 512B - Virtual size: 464B

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 288KB - Virtual size: 287KB

.reloc Size: 51KB - Virtual size: 50KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

05:7f:c5:c6:ff:86:9f:11:62:80:a9:21:2e:f6:a6:75
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

c1:c2:a2:64:64:9a:8c:66:a8:85:03:34:87:d9:00:ef:ff:bb:e3:fa:eb:ed:eb:a7:05:ad:05:ae:d8:e8:b4:2f
Signer

0a:57:31:1a:d3:da:09:d5:3c:a4:44:6a:c9:8f:06:0a:4c:c1:38:4e
Signer

.text
Size: 879KB - Virtual size: 879KB

.rdata
Size: 201KB - Virtual size: 201KB

.data
Size: 12KB - Virtual size: 85KB

.gfids
Size: 512B - Virtual size: 464B

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 288KB - Virtual size: 287KB

.reloc
Size: 51KB - Virtual size: 50KB