a8393bd7f49fbbc5cac5e9d01e568045ccf1bd97d2be2789973b23b0e663b4b5

Sharing

Copy URL Twitter E-mail

General

Target

a8393bd7f49fbbc5cac5e9d01e568045ccf1bd97d2be2789973b23b0e663b4b5
Size

150KB
MD5

a11a8c8c3fb63d2f5739c1f18b3cca58
SHA1

f1ce1c5110318508c920eda98fdcece1fa997e32
SHA256

a8393bd7f49fbbc5cac5e9d01e568045ccf1bd97d2be2789973b23b0e663b4b5
SHA512

d745700d55e70de6089ca9c09e241840470b8c483a8afd4754f4ba160f517aa944fdc066525c9800a799ed6bc9e5775f072ed5c6213fe656cb2a9d0b3e0d0699
SSDEEP

1536:76vsXiYpB5atclXQfktmSfLs16WEg/VsxQTc2PzrogExkOi/hiIk/7Sc8xL:76vV+B4GXQsf1WEgtsxCRwgE3b/FW

Score

1^/10

Malware Config

Signatures

Files

a8393bd7f49fbbc5cac5e9d01e568045ccf1bd97d2be2789973b23b0e663b4b5
.dll windows:4 windows x64 arch:x64

e851f360d50d73836e60d9afe605a9ce

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:8f:40:f5:56:60:21:65:75:a7:e0:0e:62:9e:87:04
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/04/2024, 00:00

Not After

25/05/2027, 23:59

Subject

CN=Digiarty Software\, Inc.,O=Digiarty Software\, Inc.,L=Chengdu,ST=Sichuan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:2b:2c:f8:81:89:46:45:70:44:94:62:eb:c1:cc:f6:c3:c2:03:b9:9a:c5:02:86:31:e8:f2:1f:9c:60:60:97
Signer

Actual PE Digest

19:2b:2c:f8:81:89:46:45:70:44:94:62:eb:c1:cc:f6:c3:c2:03:b9:9a:c5:02:86:31:e8:f2:1f:9c:60:60:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

BitBlt
CombineRgn
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
DeleteDC
DeleteObject
GetDIBColorTable
GetDeviceCaps
GetObjectA
GetStockObject
SelectObject

kernel32

CloseHandle
CreateEventA
CreateMutexA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseMutex
ResetEvent
SetEvent
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_strtoi64
_strtoui64
_unlock
_wcsdup
abort
atoi
calloc
fflush
fputs
free
fwrite
getc
isspace
isxdigit
localeconv
malloc
memcpy
memset
realloc
strcmp
strlen
strncmp
strtok
strtol
strtoul
tolower
ungetc
vfprintf
wcscmp
wcscpy

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleSaveToStream

oleaut32

OleCreatePropertyFrame

shlwapi

SHCreateStreamOnFileA

user32

AdjustWindowRectEx
BeginPaint
CopyIcon
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyWindow
DispatchMessageA
DrawIcon
EndPaint
FindWindowW
FrameRect
GetClientRect
GetCursorInfo
GetDC
GetIconInfo
GetSystemMetrics
GetWindowLongPtrA
GetWindowRect
LoadCursorA
PeekMessageA
ReleaseDC
SendMessageA
SetWindowLongPtrA
SetWindowRgn
ShowWindow

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

libxml2-2

DllMain

avcodec-60

av_get_pcm_codec
av_new_packet
av_packet_add_side_data
av_packet_move_ref
av_packet_pack_dictionary
av_packet_unref
avcodec_find_decoder
avpriv_pix_fmt_find

avfilter-9

av_buffersink_get_ch_layout
av_buffersink_get_format
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_get_h
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_sample_rate
av_buffersink_get_time_base
av_buffersink_get_type
av_buffersink_get_w
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_parse_ptr
avfilter_inout_free
avfilter_link
avfilter_pad_get_type

avformat-60

av_codec_get_id
av_find_input_format
avformat_alloc_context
avformat_alloc_output_context2
avformat_free_context
avformat_get_riff_video_tags
avformat_new_stream
avio_closep
avio_open2
avio_read_to_bprint
avpriv_register_devices
avpriv_set_pts_info

avutil-58

av_bprint_finalize
av_bprint_init
av_buffer_create
av_calloc
av_chroma_location_name
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_default_item_name
av_dict_copy
av_dict_free
av_dict_set
av_frame_alloc
av_frame_free
av_frame_get_side_data
av_frame_unref
av_free
av_freep
av_get_bytes_per_sample
av_get_media_type_string
av_get_pix_fmt_name
av_get_sample_fmt_name
av_gettime
av_gettime_relative
av_log
av_malloc
av_malloc_array
av_mallocz
av_opt_set_bin
av_opt_set_defaults
av_opt_set_dict2
av_opt_set_int
av_parse_video_rate
av_parse_video_size
av_reallocp_array
av_rescale_q_rnd
av_strdup
av_usleep
avpriv_report_missing_feature

Exports

Exports

av_device_ffversion
av_input_audio_device_next
av_input_video_device_next
av_output_audio_device_next
av_output_video_device_next
avdevice_app_to_dev_control_message
avdevice_configuration
avdevice_dev_to_app_control_message
avdevice_free_list_devices
avdevice_license
avdevice_list_devices
avdevice_list_input_sources
avdevice_list_output_sinks
avdevice_register_all
avdevice_version

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 591B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e851f360d50d73836e60d9afe605a9ce

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:8f:40:f5:56:60:21:65:75:a7:e0:0e:62:9e:87:04Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

19:2b:2c:f8:81:89:46:45:70:44:94:62:eb:c1:cc:f6:c3:c2:03:b9:9a:c5:02:86:31:e8:f2:1f:9c:60:60:97Signer

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

ole32

oleaut32

shlwapi

user32

avicap32

libxml2-2

avcodec-60

avfilter-9

avformat-60

avutil-58

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 78KB

.data Size: 1024B - Virtual size: 640B

.rdata Size: 42KB - Virtual size: 42KB

.pdata Size: 2KB - Virtual size: 2KB

.xdata Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 2KB

.edata Size: 1024B - Virtual size: 591B

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 864B

.reloc Size: 512B - Virtual size: 476B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:8f:40:f5:56:60:21:65:75:a7:e0:0e:62:9e:87:04
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

19:2b:2c:f8:81:89:46:45:70:44:94:62:eb:c1:cc:f6:c3:c2:03:b9:9a:c5:02:86:31:e8:f2:1f:9c:60:60:97
Signer

.text
Size: 79KB - Virtual size: 78KB

.data
Size: 1024B - Virtual size: 640B

.rdata
Size: 42KB - Virtual size: 42KB

.pdata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 1024B - Virtual size: 591B

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 512B - Virtual size: 476B