Find[.]Same[.]Images[.]OK_Installer_x64[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Find.Same.Images.OK_Installer_x64.zip
Size

1.2MB
MD5

7a4c3c17253a8dab3517a2900358c1b5
SHA1

739aa564572c106b8a800616bd106fc8e7374cfa
SHA256

2f93ac7ceb8178429f5e09c9eba052b5ffb4e997fe7bf9d5325ef33384b4b7e3
SHA512

67b93501afec567f6321d72d4ea613315f2ed8ba8da30a05ef7cd81b72dbfd3548cbf8f96d34833b72935cc3e541958190c0f2a8d065ef9f6a4307afe00354ec
SSDEEP

24576:gGOG+14BCICZscI02Uua27gvgKEUT9VNuPf0z0hGJpld/5ByHXZj4LOM7vgSBu45:Qf1sC/2Ta2SgKEkNc04h+p//5ByFi7vb

Score

1^/10

Malware Config

Signatures

Files

Find.Same.Images.OK_Installer_x64.zip
.zip
Find.Same.Images.OK_Installer_x64.exe
.exe windows:5 windows x64 arch:x64

7b5449321048f252555ee15d4c9aba0d

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27/07/2023, 09:33

Not After

27/07/2024, 09:33

Subject

SERIALNUMBER=15.06.2017,CN=Nenad Hrg,O=Nenad Hrg,STREET=Edelweissstrasse 104,L=Taufkirchen,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c16737570706f727440736f6674776172656f6b2e636f6d,1.3.6.1.4.1.311.60.2.1.1=#130b546175666b69726368656e,1.3.6.1.4.1.311.60.2.1.2=#130642617965726e,1.3.6.1.4.1.311.60.2.1.3=#13024445,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

07/11/2023, 17:13

Not After

09/12/2034, 17:13

Subject

CN=Globalsign TSA for CodeSign1 - R6 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

32:1a:4a:20:21:2b:cf:37:1b:5f:ca:07:ea:04:6d:0a:1f:a5:6f:6d:ab:76:fa:92:8b:2b:56:46:76:ff:01:05
Signer

Actual PE Digest

32:1a:4a:20:21:2b:cf:37:1b:5f:ca:07:ea:04:6d:0a:1f:a5:6f:6d:ab:76:fa:92:8b:2b:56:46:76:ff:01:05

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
HeapCreate
HeapSetInformation
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
HeapReAlloc
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetStartupInfoW
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
CompareStringA
SetEnvironmentVariableA
GetTempFileNameW
SetVolumeLabelW
CreateMutexW
LoadLibraryExW
GetTickCount
GetProfileStringW
GetLocaleInfoW
GetNumberFormatW
GetEnvironmentVariableW
GetPrivateProfileIntW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
WritePrivateProfileStringW
GetDiskFreeSpaceW
TerminateProcess
GetSystemDirectoryW
GetUserDefaultLangID
GetUserDefaultLCID
EnumDateFormatsW
EnumTimeFormatsW
GetTimeFormatW
GetDateFormatW
GetShortPathNameW
GetPrivateProfileStringW
FreeResource
GetLocalTime
GetFileSize
SetFilePointer
ReadFile
TerminateThread
GetCurrentProcessId
MoveFileW
SizeofResource
GetTimeZoneInformation
GetLogicalDrives
lstrcpynA
GlobalHandle
MulDiv
DeleteCriticalSection
InitializeCriticalSection
GetLastError
CreateThread
ExitProcess
Sleep
OutputDebugStringA
RemoveDirectoryW
DeleteFileW
GetLogicalDriveStringsW
GetDriveTypeW
GetFileAttributesW
SetFileAttributesW
CopyFileW
CreateDirectoryW
GetTempPathW
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
GetVersionExW
FindFirstFileW
GetFullPathNameW
SetLastError
CompareStringW
FindClose
FindNextFileW
FindResourceW
LoadResource
LockResource
GetCurrentProcess
FlushInstructionCache
lstrcpyW
FreeLibrary
WideCharToMultiByte
lstrcmpiW
lstrcmpW
lstrcatW
OutputDebugStringW
GetProcAddress
GetWindowsDirectoryW
GetModuleHandleW
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
RaiseException
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
lstrcpynW
lstrlenW
LoadLibraryW
GetCommandLineW

user32

SetScrollPos
GetScrollPos
GetSystemMenu
GetMenuDefaultItem
PeekMessageW
IsMenu
SetWindowsHookExW
GetSysColorBrush
CallNextHookEx
UnhookWindowsHookEx
SendMessageW
wsprintfW
SetWindowTextW
CallWindowProcW
GetWindowLongPtrW
WindowFromPoint
GetWindowThreadProcessId
MessageBeep
TrackPopupMenuEx
SetMenuItemInfoW
InsertMenuW
CheckMenuItem
EnableMenuItem
GetWindowDC
IsDialogMessageW
TranslateAcceleratorW
SetRect
DrawEdge
SendMessageA
TrackMouseEvent
LoadBitmapW
TrackPopupMenu
IntersectRect
GetDoubleClickTime
GetMessagePos
EqualRect
CreatePopupMenu
AppendMenuW
SetClassLongW
PostMessageW
CopyRect
CreateDialogParamW
GetKeyState
wvsprintfW
EnumWindows
SetMenu
SetForegroundWindow
TranslateMDISysAccel
BringWindowToTop
DeleteMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DefMDIChildProcW
LoadAcceleratorsW
LoadStringA
RemoveMenu
SetScrollInfo
GetMenuStringW
DrawMenuBar
LoadIconW
DefFrameProcW
GetClassLongW
CheckDlgButton
IsDlgButtonChecked
CreateDialogIndirectParamW
GetClipboardData
SetPropW
mouse_event
MenuItemFromPoint
SetWindowPlacement
DispatchMessageW
SetWindowLongPtrW
EnumChildWindows
FindWindowExW
EndDialog
GetWindowLongW
SetWindowPos
GetClientRect
ShowWindow
SetTimer
KillTimer
GetParent
GetDlgItem
MapWindowPoints
SystemParametersInfoW
GetWindowRect
GetWindow
SetWindowLongW
RegisterClipboardFormatW
PostQuitMessage
GetFocus
GetAsyncKeyState
CharNextW
LoadImageW
GetSystemMetrics
MessageBoxW
GetDlgCtrlID
GetWindowPlacement
InsertMenuItemW
GetScrollInfo
SetMenuItemBitmaps
keybd_event
MapVirtualKeyW
DrawIcon
ScrollWindowEx
IsZoomed
SendMessageTimeoutW
GetMessageW
RemovePropW
GetMenuItemID
GetPropW
ShowCaret
IsRectEmpty
SetMenuDefaultItem
CharUpperW
GetIconInfo
AdjustWindowRectEx
CopyImage
FrameRect
InflateRect
SetParent
IsWindowVisible
DialogBoxIndirectParamW
RegisterWindowMessageW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
IsChild
InvalidateRgn
ClientToScreen
MoveWindow
SetWindowContextHelpId
MapDialogRect
GetMenuItemInfoW
GetActiveWindow
EnableWindow
GetCapture
ReleaseCapture
EndPaint
TranslateMessage
GetMenuItemCount
DestroyMenu
CreateWindowExW
GetWindowTextW
GetWindowTextLengthW
ScreenToClient
RedrawWindow
SetDlgItemTextW
IsWindow
LoadStringW
DrawTextW
DefWindowProcW
ReleaseDC
GetDC
LoadMenuW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetSubMenu
DestroyCursor
OffsetRect
CharLowerW
CreateCursor
GetClassNameW
SetRectEmpty
DialogBoxParamW
DestroyWindow
UpdateWindow
InvalidateRect
IsWindowEnabled
SetCapture
SetFocus
PtInRect
FillRect
DrawFocusRect
SetCursor
GetCursorPos
GetSysColor
BeginPaint
UnregisterClassA

gdi32

OffsetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
SetViewportExtEx
SetWindowExtEx
GetEnhMetaFileHeader
ResetDCW
StartPage
EndPage
SetMapMode
EndDoc
AbortDoc
StartDocW
SetStretchBltMode
StretchBlt
GetCurrentObject
GetPixel
SetDIBitsToDevice
Rectangle
SetPixel
LPtoDP
GetBkColor
DPtoLP
CreateEnhMetaFileW
CloseEnhMetaFile
CreateDCW
GetDIBits
SetViewportOrgEx
GetBitmapBits
CreateBitmap
CreatePatternBrush
PatBlt
SelectClipRgn
GetClipBox
GetTextExtentPoint32W
LineTo
MoveToEx
CreatePen
IntersectClipRect
OffsetWindowOrgEx
ExcludeClipRect
SetWindowOrgEx
RestoreDC
SaveDC
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
SetBkMode
CreateFontIndirectW
DeleteDC
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
CreateSolidBrush
SetTextColor
SetBkColor
GetStockObject
DeleteEnhMetaFile
ExtTextOutW
GetObjectW

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter

comdlg32

PrintDlgW
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
GetUserNameW
RegOpenKeyW
OpenProcessToken
CryptDestroyHash
CryptReleaseContext
CryptCreateHash
CryptAcquireContextW
CryptHashData
CryptGetHashParam
RegQueryInfoKeyW
GetTokenInformation
RegDeleteKeyW

shell32

DragAcceptFiles
ord21
DragFinish
SHBrowseForFolderW
ord88
ord68
SHGetSettings
ord25
DragQueryFileW
ord17
ord16
SHGetFileInfoW
SHGetSpecialFolderLocation
SHFileOperationW
ord155
ord18
SHGetDesktopFolder
ord4
ord2
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW
SHGetPathFromIDListW
ord190
SHGetMalloc

ole32

CoUninitialize
CoInitialize
OleDuplicateData
DoDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
PropVariantClear
CoCreateInstance
ReleaseStgMedium
OleGetClipboard
RevokeDragDrop
CoSetProxyBlanket
CoTaskMemRealloc
OleSetClipboard

oleaut32

VarUI4FromStr
VariantChangeType
OleCreatePictureIndirect
DispCallFunc
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
LoadRegTypeLi

shlwapi

PathRelativePathToW
StrCpyW

comctl32

ImageList_LoadImageW
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIconSize
InitCommonControlsEx
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetImageCount
ImageList_SetIconSize
ImageList_Remove
ord17
ImageList_Destroy
ImageList_Draw
ImageList_AddMasked
ImageList_GetImageInfo
CreateStatusWindowW

msimg32

AlphaBlend

gdiplus

GdipSetCompositingMode
GdipImageSelectActiveFrame
GdipImageRotateFlip
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipGetPropertyItemSize
GdipGetImagePixelFormat
GdipGetImageType
GdipLoadImageFromFile
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipFillPath
GdipSetSmoothingMode
GdipSetImageAttributesGamma
GdipCreateFromHDC
GdipAddPathArcI
GdipAddPathLineI
GdipClosePathFigure
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdiplusStartup
GdipCreateHICONFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipGetImageThumbnail
GdipSetPixelOffsetMode
GdipSetCompositingQuality
GdipGetImageGraphicsContext
GdipSetInterpolationMode

winmm

PlaySoundW
timeGetTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 306KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 631KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b5449321048f252555ee15d4c9aba0d

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87Certificate

Extended Key Usages

Key Usages

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

32:1a:4a:20:21:2b:cf:37:1b:5f:ca:07:ea:04:6d:0a:1f:a5:6f:6d:ab:76:fa:92:8b:2b:56:46:76:ff:01:05Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 306KB - Virtual size: 306KB

.data Size: 35KB - Virtual size: 119KB

.pdata Size: 83KB - Virtual size: 83KB

.tls Size: 512B - Virtual size: 18B

.rsrc Size: 631KB - Virtual size: 631KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

07:28:cf:12:7e:b4:52:6b:3f:c8:df:87
Certificate

01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

32:1a:4a:20:21:2b:cf:37:1b:5f:ca:07:ea:04:6d:0a:1f:a5:6f:6d:ab:76:fa:92:8b:2b:56:46:76:ff:01:05
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 306KB - Virtual size: 306KB

.data
Size: 35KB - Virtual size: 119KB

.pdata
Size: 83KB - Virtual size: 83KB

.tls
Size: 512B - Virtual size: 18B

.rsrc
Size: 631KB - Virtual size: 631KB