Chrome_install[.]exe[.]v

Sharing

Copy URL Twitter E-mail

General

Target

Chrome_install.exe.v
Size

132.1MB
MD5

83fe68996120dab77764758eba0b7484
SHA1

c4ab90438b9939d5a12a7935e5677fe3bc498782
SHA256

e632d0dc6a323b933b020d189b1531af479f3272cc20ffe95073c56491c71fe0
SHA512

b31d40fbbf3371417b85136f659d130f3c7cf3f0085e05402be720ef5c2c789cc52cb0084412a50dcf9993aa2b45551f39a0a00770529b857d573a0a5883dc8c
SSDEEP

3145728:FSKp1UM+fPmplhYjklygMDK1qJCd0sFwb7ImJcVToUmKLlDB576QKer:FSKp1UMEPmprYgcBDK1P0pHImaTxF8QX

Score

1^/10

Malware Config

Signatures

Files

Chrome_install.exe.v
.exe windows:6 windows x86 arch:x86

eef648675b15e6fd7df3ab2d83a6ff0a

Code Sign

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/01/2004, 00:00

Not After

31/12/2028, 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c7:8e:19:8d:1e:06:17:e2:d3:29:a0:41:81:5a:4e:fd
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

07/06/2024, 00:00

Not After

07/06/2025, 23:59

Subject

SERIALNUMBER=91430111MADLUFGM6M,CN=Hunan Jialiang Network Technology Co.\, Ltd.,O=Hunan Jialiang Network Technology Co.\, Ltd.,ST=Hunan Sheng,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:09:53:b4:9d:22:6e:66:1a:e7:a9:3d:d6:0a:61:ed:5a:69:7f:a7:c9:b0:56:4d:94:ba:f0:36:40:e9:8a:c0
Signer

Actual PE Digest

0c:09:53:b4:9d:22:6e:66:1a:e7:a9:3d:d6:0a:61:ed:5a:69:7f:a7:c9:b0:56:4d:94:ba:f0:36:40:e9:8a:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
SetEvent
GetEnvironmentVariableW
RemoveDirectoryW
FindResourceW
GetTickCount
GetLocalTime
UnmapViewOfFile
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetFileAttributesW
SetFileTime
TerminateThread
ResumeThread
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GetFileSize
LocalFree
GlobalLock
LoadLibraryW
GlobalAlloc
OutputDebugStringW
lstrcmpiW
CreateFileW
FindClose
SetFilePointer
GetModuleFileNameW
WriteFile
ReadFile
GetStartupInfoW
CreateDirectoryW
GetModuleHandleW
DeleteCriticalSection
GetProcAddress
WriteConsoleW
FlushFileBuffers
ReadConsoleW
HeapReAlloc
HeapSize
WaitForSingleObjectEx
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
ExitProcess
GetNativeSystemInfo
DeleteFileW
Sleep
DecodePointer
LoadResource
RaiseException
Process32FirstW
LockResource
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
FreeResource
GetSystemDirectoryW
InitializeCriticalSectionEx
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
LCMapStringW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
GetFileType
GetStringTypeW
HeapAlloc
HeapFree
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
CreateSemaphoreA
CloseHandle
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetACP
MulDiv
InitializeCriticalSectionAndSpinCount
EncodePointer
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
CreateEventW

user32

FindWindowW
GetWindowRect
SetWindowPos
MonitorFromWindow
IsWindow
ShowWindow
KillTimer
GetClientRect
SetWindowLongW
SetTimer
SendMessageW
ScreenToClient
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
DestroyWindow
IsWindowVisible
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
PtInRect
GetParent
GetWindow
DefWindowProcW
PostQuitMessage
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetSystemMetrics
SetPropW
GetPropW
LoadCursorW
LoadImageW
wvsprintfW
SetCursor
OffsetRect
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
AppendMenuW
TrackPopupMenu
SetForegroundWindow
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetMonitorInfoW
IsIconic
GetCursorPos
GetWindowLongW
PostMessageW
MessageBoxW
SetWindowRgn

gdi32

BitBlt
GetStockObject
CreatePen
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
MoveToEx
TextOutW
GdiFlush
GetDeviceCaps
DeleteDC
CreateRoundRectRgn
GetObjectW
DeleteObject
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
SetWindowOrgEx
GetObjectA
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
CreateDIBSection
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreatePatternBrush

advapi32

SetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegSetKeyValueW
InitializeSecurityDescriptor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetMalloc

ole32

CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

shlwapi

PathIsDirectoryW
SHDeleteKeyW

gdiplus

GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRect
GdipCloneImage
GdipSetPathGradientCenterColor
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDrawImageI
GdipFree
GdipSetInterpolationMode
GdipDisposeImage
GdipDrawImageRectI
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCreateRegionRect
GdipCreateRegionPath
GdipDeleteRegion
GdipCombineRegionRegion
GdipCloneBrush
GdipDeleteBrush
GdipCreatePathGradientFromPath
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientPointCount
GdipSetPathGradientFocusScales
GdipCreateFromHDC
GdipSetPageUnit
GdipFillRegion
GdipCreateSolidFill
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetSolidFillColor
GdipCreateLineBrushI
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawImage
GdipDeleteFontFamily
GdipGetFamily
GdipCreatePen2
GdipDeletePen
GdipSetPenStartCap
GdipSetPenEndCap
GdipDrawLine
GdipFillRectangleI

comctl32

_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 858KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131.1MB - Virtual size: 131.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eef648675b15e6fd7df3ab2d83a6ff0a

Code Sign

01Certificate

Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

c7:8e:19:8d:1e:06:17:e2:d3:29:a0:41:81:5a:4e:fdCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0c:09:53:b4:9d:22:6e:66:1a:e7:a9:3d:d6:0a:61:ed:5a:69:7f:a7:c9:b0:56:4d:94:ba:f0:36:40:e9:8a:c0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

comctl32

imm32

Sections

.text Size: 858KB - Virtual size: 857KB

.rdata Size: 140KB - Virtual size: 140KB

.data Size: 6KB - Virtual size: 9KB

.gfids Size: 512B - Virtual size: 324B

.tls Size: 512B - Virtual size: 21B

.rsrc Size: 131.1MB - Virtual size: 131.1MB

.reloc Size: 28KB - Virtual size: 28KB

01
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

c7:8e:19:8d:1e:06:17:e2:d3:29:a0:41:81:5a:4e:fd
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0c:09:53:b4:9d:22:6e:66:1a:e7:a9:3d:d6:0a:61:ed:5a:69:7f:a7:c9:b0:56:4d:94:ba:f0:36:40:e9:8a:c0
Signer

.text
Size: 858KB - Virtual size: 857KB

.rdata
Size: 140KB - Virtual size: 140KB

.data
Size: 6KB - Virtual size: 9KB

.gfids
Size: 512B - Virtual size: 324B

.tls
Size: 512B - Virtual size: 21B

.rsrc
Size: 131.1MB - Virtual size: 131.1MB

.reloc
Size: 28KB - Virtual size: 28KB