3921368f808f07e8ba41df63aad1f0a6719575203512b74835fbaa2bda4fa22e

Sharing

Copy URL Twitter E-mail

General

Target

3921368f808f07e8ba41df63aad1f0a6719575203512b74835fbaa2bda4fa22e
Size

641KB
MD5

58d329a3e9afe83de2b29308541b7a85
SHA1

4ddf67b5453b725ab9ed0e4703a66f771b323503
SHA256

3921368f808f07e8ba41df63aad1f0a6719575203512b74835fbaa2bda4fa22e
SHA512

b8cc54fd61031e4c989e2d60a86d987410efe0b3fd14faa87f41e5298bcd89035ccedc2b47d40eb7f1c82e1226deca82deeda77705c273d41c57ae40839d5fe1
SSDEEP

6144:tcwSiH0pPIQCMKdQcVtue8nXAU0EzJAsqSlUQOA+cvnD:tcwXU4QAse8nXdzUO+EnD

Score

1^/10

Malware Config

Signatures

Files

3921368f808f07e8ba41df63aad1f0a6719575203512b74835fbaa2bda4fa22e
.exe windows:4 windows x86 arch:x86

0e486797d47c622c6c968bbf5d245f31

Code Sign

bd:f8:8d:e9:84:ac:a8:60
Certificate

Issuer

CN=AN Certification Authority,O=AN,C=CZ

Not Before

08/02/2021, 16:23

Not After

09/02/2121, 16:23

Subject

CN=AN Certification Authority,O=AN,C=CZ

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d
Certificate

Issuer

CN=AN Certification Authority,O=AN,C=CZ

Not Before

01/04/2024, 18:01

Not After

01/04/2026, 18:01

Subject

CN=Ai4rei/AN,O=AN,C=CZ

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b9:78:3a:69:43:84:86:b2:8c:71:ba:b8:05:9f:31:47:fc:be:2c:de
Signer

Actual PE Digest

b9:78:3a:69:43:84:86:b2:8c:71:ba:b8:05:9f:31:47:fc:be:2c:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA
GetAsyncKeyState
GetSysColor
SetDlgItemTextA
TranslateAcceleratorA
GetMessageA
ShowWindow
PostMessageA
DispatchMessageA
TranslateMessage
IsDialogMessageA
SetForegroundWindow
FindWindowExA
IsWindowVisible
OffsetRect
GetWindowThreadProcessId
GetDC
ReleaseDC
SystemParametersInfoW
SystemParametersInfoA
GetDlgItem
IsWindowEnabled
GetSystemMetrics
GetSysColorBrush
GetMenu
AdjustWindowRectEx
SetRect
MapWindowPoints
CallMsgFilterA
WaitMessage
RegisterClassExA
GetClassInfoExA
LoadIconA
LoadCursorA
GetFocus
SetFocus
IsChild
DefWindowProcA
GetWindow
EndDialog
SetWindowPos
DefDlgProcA
SetWindowLongA
DialogBoxParamA
GetParent
GetDlgCtrlID
PeekMessageA
MsgWaitForMultipleObjects
GetNextDlgTabItem
IsDlgButtonChecked
GetWindowRect
MessageBoxIndirectA
EnumChildWindows
GetWindowTextA
CreateWindowExA
EnumDisplaySettingsA
KillTimer
EnableWindow
MessageBoxA
CreateDialogIndirectParamA
GetWindowLongA
LoadImageA
DestroyIcon
DestroyWindow
SendMessageA
SetWindowTextA
SetTimer
PostQuitMessage
FindWindowA
LoadAcceleratorsA

gdi32

CreateFontA
GetDeviceCaps
SetBkColor
GetObjectA
SetTextColor
SaveDC
SelectObject
CreateCompatibleDC
RestoreDC
DeleteDC
BitBlt
DeleteObject

comctl32

ImageList_Destroy
ImageList_Create
ImageList_Add
InitCommonControlsEx

advapi32

OpenProcessToken
RegFlushKey
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHFileOperationA
ShellExecuteExA

kernel32

CreateThread
ResumeThread
Sleep
GetCurrentThreadId
GetSystemDirectoryA
GetStartupInfoA
GetStdHandle
CreateProcessA
DeleteFileA
InterlockedExchange
GetTimeZoneInformation
SetFilePointer
SetEnvironmentVariableA
SetEndOfFile
VirtualAlloc
HeapAlloc
OutputDebugStringA
HeapFree
GetProcessHeap
HeapReAlloc
WriteFile
RtlUnwind
DuplicateHandle
MultiByteToWideChar
ExitProcess
MoveFileA
GetSystemTimeAsFileTime
GetSystemTime
GetVersion
HeapSize
TlsSetValue
TlsAlloc
SetHandleCount
FlushFileBuffers
LCMapStringA
LCMapStringW
TlsGetValue
GetFileType
VirtualFree
IsBadWritePtr
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetStdHandle
CreatePipe
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetLocaleInfoW
GlobalAlloc
GlobalFree
FindResourceA
SizeofResource
EnterCriticalSection
EnumSystemCodePagesA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCPInfo
InterlockedDecrement
InterlockedIncrement
MulDiv
SetErrorMode
LoadLibraryA
FreeLibrary
WritePrivateProfileStringA
FindFirstFileA
FindNextFileA
FindClose
FindResourceExA
LoadResource
LockResource
GetModuleHandleA
GetLastError
GetModuleFileNameA
CloseHandle
GetExitCodeProcess
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
FormatMessageA
GetLocalTime
GetCommandLineA
GlobalMemoryStatus
GetCurrentProcess
GetProcAddress
GetVersionExA
WideCharToMultiByte
GetCurrentProcessId
ReleaseMutex
WaitForSingleObject
CreateMutexA
RaiseException
ReadFile
GetFileSize
OpenProcess
GetTickCount
TerminateProcess
lstrlenA
lstrcpynA
SetLastError
CreateDirectoryA
CreateFileA
FreeResource

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e486797d47c622c6c968bbf5d245f31

Code Sign

bd:f8:8d:e9:84:ac:a8:60Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

b9:78:3a:69:43:84:86:b2:8c:71:ba:b8:05:9f:31:47:fc:be:2c:deSigner

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

advapi32

version

shell32

kernel32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 16KB - Virtual size: 133KB

.shared Size: 4KB - Virtual size: 1KB

.rsrc Size: 364KB - Virtual size: 361KB

bd:f8:8d:e9:84:ac:a8:60
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

b9:78:3a:69:43:84:86:b2:8c:71:ba:b8:05:9f:31:47:fc:be:2c:de
Signer

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 16KB - Virtual size: 133KB

.shared
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 364KB - Virtual size: 361KB