General

Malware Config

Signatures

Files

• snss1.exe

  .exe windows:5 windows x64 arch:x64

  2638df72ebfb6f25006336800cee64b1

  
  

  Code Sign

  77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed

  Certificate

  Issuer

  CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

  Not Before

  28-07-2020 00:00

  Not After

  28-07-2030 00:00

  Subject

  CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  07:28:cf:12:7e:b4:52:6b:3f:c8:df:87

  Certificate

  Issuer

  CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

  Not Before

  27-07-2023 09:33

  Not After

  27-07-2024 09:33

  Subject

  SERIALNUMBER=15.06.2017,CN=Nenad Hrg,O=Nenad Hrg,STREET=Edelweissstrasse 104,L=Taufkirchen,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c16737570706f727440736f6674776172656f6b2e636f6d,1.3.6.1.4.1.311.60.2.1.1=#130b546175666b69726368656e,1.3.6.1.4.1.311.60.2.1.2=#130642617965726e,1.3.6.1.4.1.311.60.2.1.3=#13024445,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  01:9b:ea:de:c8:4d:6b:8f:f7:6c:3a:9f:2e:01:24:16

  Certificate

  Issuer

  CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

  Not Before

  07-11-2023 17:13

  Not After

  09-12-2034 17:13

  Subject

  CN=Globalsign TSA for CodeSign1 - R6 - 202311,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

  Not Before

  20-06-2018 00:00

  Not After

  10-12-2034 00:00

  Subject

  CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

  Not Before

  10-12-2014 00:00

  Not After

  10-12-2034 00:00

  Subject

  CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  b3:1e:67:0b:bc:87:14:bc:71:97:66:e9:2b:66:14:c6:dd:a3:d5:ad:ce:c5:cd:9a:c7:b7:bf:a0:f0:cc:d3:29

  Signer

  Actual PE Digest

  b3:1e:67:0b:bc:87:14:bc:71:97:66:e9:2b:66:14:c6:dd:a3:d5:ad:ce:c5:cd:9a:c7:b7:bf:a0:f0:cc:d3:29

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  CreateThread

  TerminateThread

  GetModuleHandleW

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  GetUserDefaultLangID

  GetLastError

  CreateMutexW

  CreateDirectoryW

  CloseHandle

  CreateFileW

  GetModuleFileNameW

  WriteFile

  GetTempPathW

  lstrcmpW

  GetModuleHandleA

  GetVersionExW

  lstrcpynW

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingW

  CopyFileW

  GetProcessHeap

  SetEndOfFile

  CreateFileA

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  FlushFileBuffers

  SetStdHandle

  GetLocaleInfoA

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  HeapReAlloc

  GetCurrentProcessId

  GetTickCount

  GetCommandLineW

  GetEnvironmentStringsW

  SetThreadPriority

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  GetStartupInfoA

  GetFileType

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  HeapSize

  ReadFile

  HeapCreate

  HeapSetInformation

  GetModuleFileNameA

  GetStdHandle

  RtlPcToFileHeader

  FlsAlloc

  GetCurrentThreadId

  FlsFree

  FlsSetValue

  FlsGetValue

  DecodePointer

  EncodePointer

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  RtlCaptureContext

  RtlVirtualUnwind

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  HeapFree

  GetStartupInfoW

  ExitProcess

  HeapAlloc

  GetSystemTimeAsFileTime

  RtlUnwindEx

  RtlLookupFunctionEntry

  DeleteCriticalSection

  InitializeCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  RaiseException

  QueryPerformanceCounter

  FindResourceW

  SizeofResource

  LoadResource

  LockResource

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  Sleep

  LoadLibraryW

  GetProcAddress

  OutputDebugStringW

  DebugBreak

  lstrlenA

  SetLastError

  lstrcatW

  lstrcpyW

  MultiByteToWideChar

  WideCharToMultiByte

  lstrlenW

  FreeEnvironmentStringsW

  user32

  GetIconInfo

  DrawIconEx

  GetSysColor

  CopyIcon

  CopyImage

  CreateIconIndirect

  DrawAnimatedRects

  SystemParametersInfoW

  CharNextW

  LoadStringW

  wsprintfW

  wvsprintfW

  SetWindowPos

  SetWindowLongW

  GetWindowLongW

  SetRect

  GetSystemMetrics

  ShowWindow

  IsWindowVisible

  EndPaint

  BeginPaint

  DefWindowProcW

  CreateWindowExW

  RegisterClassW

  LoadIconW

  LoadCursorW

  ReleaseDC

  GetDC

  EqualRect

  IsWindow

  GetParent

  CreateDialogParamW

  SetParent

  DestroyWindow

  DestroyIcon

  EndDialog

  GetMenu

  LoadBitmapW

  GetSysColorBrush

  ScreenToClient

  CheckDlgButton

  SetDlgItemTextW

  SetMenuItemBitmaps

  SetActiveWindow

  CheckMenuItem

  GetAsyncKeyState

  CreatePopupMenu

  AppendMenuW

  ClientToScreen

  TrackPopupMenu

  GetClientRect

  GetCursorPos

  GetWindowRect

  RegisterWindowMessageW

  GetActiveWindow

  MessageBoxW

  LoadAcceleratorsW

  GetMessageW

  IsDialogMessageW

  TranslateMessage

  DispatchMessageW

  RegisterClassExW

  GetDlgItem

  SetWindowTextW

  SetForegroundWindow

  LoadImageW

  PostMessageW

  EnumWindows

  PostQuitMessage

  UpdateWindow

  SendMessageTimeoutW

  SendMessageW

  KillTimer

  SetTimer

  FindWindowA

  FindWindowExW

  gdi32

  CreateDIBSection

  CreateCompatibleDC

  DeleteObject

  DeleteDC

  GetStockObject

  GetTextExtentPointW

  CreatePatternBrush

  CreateFontIndirectW

  GetObjectW

  SetPixel

  GetPixel

  CreateBitmap

  SelectObject

  comdlg32

  GetOpenFileNameW

  advapi32

  RegSetValueExW

  RegOpenKeyW

  RegDeleteValueW

  RegQueryValueExW

  RegCloseKey

  shell32

  ord17

  SHGetSpecialFolderPathW

  ShellExecuteW

  DragFinish

  DragQueryFileW

  Shell_NotifyIconW

  SHAppBarMessage

  SHGetDesktopFolder

  ord16

  ord155

  ord18

  ord190

  ole32

  CreateStreamOnHGlobal

  OleInitialize

  oleaut32

  SysAllocStringLen

  comctl32

  InitCommonControlsEx

  ImageList_ReplaceIcon

  ImageList_Create

  ord17

  gdiplus

  GdipGetImageType

  GdipCloneImage

  GdiplusStartup

  GdipDrawImageRectRectI

  GdipDrawImageRect

  GdipRotateWorldTransform

  GdipTranslateWorldTransform

  GdipResetWorldTransform

  GdipGetImageGraphicsContext

  GdipCreateFromHDC

  GdipSetImageAttributesColorMatrix

  GdipCreateBitmapFromScan0

  GdipCreateBitmapFromStreamICM

  GdipCreateBitmapFromStream

  GdipCreateBitmapFromFile

  GdipGetImageHeight

  GdipGetImageWidth

  GdipDisposeImage

  GdipDeleteGraphics

  GdipDisposeImageAttributes

  GdipCreateImageAttributes

  GdipAlloc

  GdipFree

  Sections

  .text

  Size: 148KB - Virtual size: 148KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 35KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 35KB - Virtual size: 661KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 829KB - Virtual size: 828KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ