51c5960ccb48fee181f0767f4a4c79a5ba14c6935836d00009f42ff0b4ce6d83

Sharing

Copy URL

Twitter E-mail

General

Target

51c5960ccb48fee181f0767f4a4c79a5ba14c6935836d00009f42ff0b4ce6d83
Size

2.3MB
MD5

1ee296ad6cdc85828cd01581e98e04ec
SHA1

8a541182bb9e7aea3401c004b4ba9e4e10dcb3c5
SHA256

51c5960ccb48fee181f0767f4a4c79a5ba14c6935836d00009f42ff0b4ce6d83
SHA512

6507a527100ea8e4725fef00a112f79b94ad9fc53eb28235f3e58cb05fcf71643e013944f2adb4b37bb46d4b90c30aa14cac3edd1e00d4beb1e2ebe42c7a03c2
SSDEEP

49152:AXIoVL8A9h6xky1tSCfGuL2TEtxwKkcgD5jCL6S3l9:AfVL89xky1tSCfGy2TEtxwKkcgD5jQ19

Score

1^/10

Malware Config

Signatures

Files

51c5960ccb48fee181f0767f4a4c79a5ba14c6935836d00009f42ff0b4ce6d83
.exe windows:6 windows x86 arch:x86

f65b09086a6b9872c23dbdbcef0bfdbe

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:d6:56:33:31:3c:85:b3:e3:81:25:6f:15:32:37:b6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26-10-2022 00:00

Not After

26-10-2023 23:59

Subject

CN=CANON INC.,OU=Digital Printing Business,O=CANON INC.,L=Kawasaki,ST=Kanagawa,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

54:66:36:f1:2d:07:74:9b:26:19:bb:00:37:ed:62:6f:b2:91:79:ff:e4:10:8a:5c:10:1f:a9:16:9f:dd:94:fc
Signer

Actual PE Digest

54:66:36:f1:2d:07:74:9b:26:19:bb:00:37:ed:62:6f:b2:91:79:ff:e4:10:8a:5c:10:1f:a9:16:9f:dd:94:fc

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\temp\Jenkins_tmp\WorkSpace\CNSG2_v2.33\CNSG2_NW\MakePackage\BootStrapper\Win32\Release\setup.pdb

Imports

shell32

SHAppBarMessage
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW

msi

ord160
ord118
ord113
ord159
ord32
ord92
ord8

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
SetFilePointerEx
ExitThread
CreateThread
GetCommandLineA
RtlUnwind
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
InitializeSListHead
GetStartupInfoW
FreeLibraryAndExitThread
SystemTimeToTzSpecificLocalTime
WriteConsoleW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetProfileIntW
GetTickCount
GetTempPathW
SearchPathW
GetWindowsDirectoryW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetFileSize
GetFileAttributesW
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameW
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
IsDebuggerPresent
CreateEventW
SetEvent
CompareStringA
lstrcmpA
GetVersionExW
GetCurrentThread
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetModuleHandleA
FreeResource
OutputDebugStringA
MultiByteToWideChar
WideCharToMultiByte
SetLastError
CopyFileW
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryExW
GetSystemDirectoryW
GetSystemDefaultLangID
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
GetCurrentDirectoryW
Sleep
CloseHandle
WaitForSingleObject
CreateProcessW
OutputDebugStringW
LocalFree
GetCommandLineW
GetModuleFileNameW
GetCurrentProcess
IsWow64Process
GetModuleHandleW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
QueryPerformanceFrequency

user32

GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
IsClipboardFormatAvailable
SetMenuDefaultItem
UpdateLayeredWindow
CharUpperBuffW
SetRect
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
GetKeyNameTextW
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
GetMenuDefaultItem
SetClassLongW
LockWindowUpdate
RegisterClipboardFormatW
EnumChildWindows
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
MapVirtualKeyW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
WaitMessage
PostThreadMessageW
ModifyMenuW
NotifyWinEvent
WindowFromPoint
SetWindowRgn
DeleteMenu
GetSystemMenu
KillTimer
SetTimer
SetCapture
CharUpperW
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
IntersectRect
InsertMenuItemW
CreatePopupMenu
LoadAcceleratorsW
ReleaseCapture
BringWindowToTop
LoadImageW
DestroyIcon
InvalidateRect
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
RealChildWindowFromPoint
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
PostQuitMessage
SystemParametersInfoW
MessageBeep
IsZoomed
OffsetRect
SetRectEmpty
SendDlgItemMessageA
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
GetComboBoxInfo
EnableWindow
SendMessageW
UnregisterClassW
GetMenuStringW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
GetDoubleClickTime
CreateMenu
DestroyCursor
GetWindowRgn
TranslateAcceleratorW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetParent
LoadMenuW
GetWindowRect
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetWindow
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
GetDlgCtrlID
SetFocus
GetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
AdjustWindowRectEx
MessageBoxW
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
PtInRect
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
GetLastActivePopup
SetWindowsHookExW

gdi32

CreateCompatibleBitmap
CreateDIBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
GetTextCharsetInfo
CombineRgn
GetDIBits
PatBlt
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
GetTextMetricsW
Rectangle
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
MoveToEx
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
CreateHatchBrush
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CopyMetaFileW
CreateDCW
GetDeviceCaps
SetBkColor
SetTextColor
GetObjectW
CreateBitmap
DeleteDC
BitBlt
CreateCompatibleDC
TextOutW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
IsThemeBackgroundPartiallyTransparent

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject

oleaut32

VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantCopy
VarBstrFromDate
SysFreeString
VariantInit

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipBitmapUnlockBits
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f65b09086a6b9872c23dbdbcef0bfdbe

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

02:d6:56:33:31:3c:85:b3:e3:81:25:6f:15:32:37:b6Certificate

Extended Key Usages

Key Usages

54:66:36:f1:2d:07:74:9b:26:19:bb:00:37:ed:62:6f:b2:91:79:ff:e4:10:8a:5c:10:1f:a9:16:9f:dd:94:fcSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

msi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 320KB - Virtual size: 320KB

.data Size: 21KB - Virtual size: 38KB

.rsrc Size: 327KB - Virtual size: 327KB

.reloc Size: 134KB - Virtual size: 133KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

02:d6:56:33:31:3c:85:b3:e3:81:25:6f:15:32:37:b6
Certificate

54:66:36:f1:2d:07:74:9b:26:19:bb:00:37:ed:62:6f:b2:91:79:ff:e4:10:8a:5c:10:1f:a9:16:9f:dd:94:fc
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 320KB - Virtual size: 320KB

.data
Size: 21KB - Virtual size: 38KB

.rsrc
Size: 327KB - Virtual size: 327KB

.reloc
Size: 134KB - Virtual size: 133KB