9aeb8db8fe2d214867747431f4632050N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

9aeb8db8fe2d214867747431f4632050N.exe
Size

9.7MB
MD5

9aeb8db8fe2d214867747431f4632050
SHA1

ccaf7f8e2886c7698b997fba8a94d010415568f5
SHA256

14528205b42ed843af3928f64d17a41e19738dfeb20f8c97d5f26c0ed158c7e5
SHA512

ecb36deb6067a267764c4f41e41422ad6bebe1b7334b7292560f134d1a3c0c441d5cd507326aca9c026f0759fa1c0ae8de09978b0faf579318653741ca3044a5
SSDEEP

98304:W8KS6qXSNEQfSUjNVkkbYyFjlzXgZ2587VCGFb:V3RtgSUlMyEm87VCGFb

Score

1^/10

Malware Config

Signatures

Files

9aeb8db8fe2d214867747431f4632050N.exe
.exe windows:6 windows x86 arch:x86

e65b72ef12fd6e8251777933ec7ff070

Code Sign

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3
Certificate

Issuer

CN=MarketMates GmbH,ST=Maryland,C=US

Not Before

25/01/2024, 21:00

Not After

26/01/2025, 21:00

Subject

CN=MarketMates GmbH,ST=Maryland,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3
Certificate

Issuer

CN=MarketMates GmbH,ST=Maryland,C=US

Not Before

25/01/2024, 21:00

Not After

26/01/2025, 21:00

Subject

CN=MarketMates GmbH,ST=Maryland,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

ed:bf:33:29:d9:c2:69:c8:0a:e2:fb:e7:98:da:ed:12:a9:e3:19:e5:3f:13:00:d4:ad:ab:f2:11:d6:61:26:a5
Signer

Actual PE Digest

ed:bf:33:29:d9:c2:69:c8:0a:e2:fb:e7:98:da:ed:12:a9:e3:19:e5:3f:13:00:d4:ad:ab:f2:11:d6:61:26:a5

Digest Algorithm

sha256

PE Digest Matches

true

87:7e:b8:a5:2e:54:8e:d0:25:83:1e:24:42:50:b3:51:c4:f9:7e:3b
Signer

Actual PE Digest

87:7e:b8:a5:2e:54:8e:d0:25:83:1e:24:42:50:b3:51:c4:f9:7e:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetConsoleOutputCP
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
QueryPerformanceFrequency
OutputDebugStringW
GetStringTypeW
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
Sleep
SearchPathW
GetProfileIntW
GetCPInfo
GetTempPathW
GetTickCount
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
GetWindowsDirectoryW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
RaiseException
GetThreadLocale
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
CloseHandle
GetVersionExW
GetCurrentThread
GlobalGetAtomNameW
lstrcmpA
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
OutputDebugStringA
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
ReadFile
Module32FirstW
LCIDToLocaleName
InterlockedFlushSList
HeapWalk
GetThreadPriority
GetTempPathA
GetProcessWorkingSetSizeEx
GetProcessHeaps
SizeofResource
GetLocaleInfoEx
GetFileMUIPath
GetEnvironmentStringsW
GetCurrencyFormatEx
GetACP
FoldStringW
CreateThreadpoolWork
CopyFileW
TerminateProcess
AddSIDToBoundaryDescriptor
FreeLibrary
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetSystemInfo
WriteConsoleW

user32

CharNextW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
WindowFromPoint
GetCursorPos
SetRectEmpty
SendDlgItemMessageA
LoadMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
WinHelpW
GetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
SetWindowLongW
PtInRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetSystemMetrics
GetSysColorBrush
LoadCursorW
UnpackDDElParam
EnableWindow
SendMessageW
LoadBitmapW
GetParent
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
FillRect
GetSysColor
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetWindowLongW
RealChildWindowFromPoint
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
GetAsyncKeyState
TrackMouseEvent
InvalidateRect
DestroyIcon
LoadImageW
DeleteMenu
SetTimer
KillTimer
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
CharUpperW
CreatePopupMenu
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
UnregisterClassW
SetCapture
CopyRect
InflateRect
OffsetRect
CharNextExA
CharUpperA
CloseDesktop
EndDeferWindowPos
EndMenu
EnumWindowStationsA
EqualRect
GetClassLongW
GetMenu
GetWindowRgnBox
RegisterClassW
ScreenToClient
ScrollWindow
SetScrollInfo
SetWindowPlacement
MonitorFromWindow
GetWindow
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
RegisterClipboardFormatW
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData

gdi32

CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreatePatternBrush
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
CreateDCW
CopyMetaFileW
ExcludeClipRect
WidenPath
SetWorldTransform
OffsetRgn
GetSystemPaletteEntries
GetRgnBox
GetEnhMetaFileHeader
GetDeviceCaps
ScaleWindowExtEx
GetDCBrushColor

msimg32

GradientFill
TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
BuildTrusteeWithObjectsAndNameA

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragFinish
SHAppBarMessage

shlwapi

PathFindOnPathA
PathRemoveBackslashA
PathIsUNCW
IntlStrEqWorkerW
PathIsSameRootA
PathMatchSpecExA
PathRemoveFileSpecA
PathUnmakeSystemFolderW
SHCreateShellPalette
SHRegQueryUSValueA
StrCatChainW
StrCpyW
StrRChrW
StrSpnW
UrlHashW
PathFindExtensionW
PathFindFileNameW
PathCreateFromUrlAlloc
StrFormatKBSizeW
PathRemoveFileSpecW
ord437
PathStripToRootW

uxtheme

GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
DrawThemeBackground
OpenThemeData
DrawThemeParentBackground
DrawThemeText
CloseThemeData

ole32

CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleInitialize
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
OleDuplicateData
OleUninitialize
CoInitializeEx
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoDisconnectObject
CoTaskMemFree
CoTaskMemAlloc
SNB_UserMarshal
ReadClassStm
PropVariantClear
OleSaveToStream
OleFlushClipboard
OleDestroyMenuDescriptor
OleCreate
HWND_UserMarshal
HICON_UserUnmarshal
HDC_UserMarshal
CreateDataAdviseHolder
CoRevokeMallocSpy
CoMarshalInterface
CoIsHandlerConnected
CoImpersonateClient
ReleaseStgMedium
CoCreateGuid

oleaut32

VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
LoadTypeLi
VariantChangeType

oledlg

OleUIBusyW
OleUIPromptUserW

imm32

ImmEscapeW
ImmGetCandidateListA
ImmGetConversionStatus
ImmGetDefaultIMEWnd
ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
ImmEnumRegisterWordA

oleacc

CreateStdAccessibleProxyA
CreateStdAccessibleObject
AccessibleChildren
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 525KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e65b72ef12fd6e8251777933ec7ff070

Code Sign

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3Certificate

Extended Key Usages

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3Certificate

Extended Key Usages

ed:bf:33:29:d9:c2:69:c8:0a:e2:fb:e7:98:da:ed:12:a9:e3:19:e5:3f:13:00:d4:ad:ab:f2:11:d6:61:26:a5Signer

87:7e:b8:a5:2e:54:8e:d0:25:83:1e:24:42:50:b3:51:c4:f9:7e:3bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

imm32

oleacc

gdiplus

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 525KB - Virtual size: 525KB

.data Size: 29KB - Virtual size: 113KB

.rsrc Size: 6.3MB - Virtual size: 6.3MB

.reloc Size: 202KB - Virtual size: 201KB

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3
Certificate

50:8d:5d:e9:1a:63:aa:75:b6:c6:15:f8:51:14:2e:b3
Certificate

ed:bf:33:29:d9:c2:69:c8:0a:e2:fb:e7:98:da:ed:12:a9:e3:19:e5:3f:13:00:d4:ad:ab:f2:11:d6:61:26:a5
Signer

87:7e:b8:a5:2e:54:8e:d0:25:83:1e:24:42:50:b3:51:c4:f9:7e:3b
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 525KB - Virtual size: 525KB

.data
Size: 29KB - Virtual size: 113KB

.rsrc
Size: 6.3MB - Virtual size: 6.3MB

.reloc
Size: 202KB - Virtual size: 201KB