Nopdeengine-i386[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Nopdeengine-i386.exe
Size

7.4MB
MD5

e3d57335791bf5bbe51243fa48ba5b7c
SHA1

67dea503d0f32943ef5bcb54e12ccda73018d742
SHA256

4469ae04485e4a305b362f918e8f6254ebb71df21ebe9b981a65bd2be5f1cea6
SHA512

0a3c554192acc6a66cd06d47313d512201fb4ac3b75f6cc9612fba10977c90c301b99cf03774ac7c5dd8ae1b1dade1869790a50c9f447b6a86765c50a934f09c
SSDEEP

196608:IfOWIKD+QkOC+Tj/ResDc45InPXLA/7BYGF/RA:IfjIKKQkibD55sPLmYGF/

Score

1^/10

Malware Config

Signatures

Files

Nopdeengine-i386.exe
.exe windows:4 windows x86 arch:x86

d10dafaa9a4cd4473efa1a3280308274

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:77:30:89:91:0c:f0:e7:ea:1d:8a:1e:40:3d:53:44:a8
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/05/2014, 12:14

Not After

22/08/2015, 11:08

Subject

CN=Nopde Engine,O=Nopde Engine,L=Eindhoven,C=NL,1.2.840.113549.1.9.1=#0c156461726b5f6279746540686f746d61696c2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:23:1e:7e:bd:ca:6f:15:90:1e:93:6b:27:16:ec:84:47:c8:5d:91
Signer

Actual PE Digest

48:23:1e:7e:bd:ca:6f:15:90:1e:93:6b:27:16:ec:84:47:c8:5d:91

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
GetTokenInformation
LookupAccountSidA
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegFlushKey
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
SetKernelObjectSecurity
StartServiceA

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_EndDrag
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_SetImageCount
InitCommonControls

comdlg32

ChooseColorA
ChooseFontA
ChooseFontW
CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW

gdi32

Arc
BitBlt
ChoosePixelFormat
Chord
CombineRgn
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectA
CreateFontIndirectW
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EnumFontFamiliesA
EnumFontFamiliesExA
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FillRgn
GetBitmapBits
GetBkColor
GetCharABCWidthsA
GetClipBox
GetClipRgn
GetCurrentObject
GetDCOrgEx
GetDIBits
GetDeviceCaps
GetMapMode
GetObjectA
GetObjectType
GetObjectW
GetPixel
GetROP2
GetRandomRgn
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextMetricsA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetRgn
OffsetViewportOrgEx
PaintRgn
PatBlt
Pie
PolyBezier
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetPixel
SetPixelFormat
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
SwapBuffers
TextOutW

hhctrl.ocx

HtmlHelpA

imagehlp

StackWalk64
SymCleanup
SymEnumSymbols
SymEnumerateModules
SymEnumerateModules64
SymEnumerateSymbols
SymFunctionTableAccess64
SymGetModuleBase64
SymGetOptions
SymGetTypeInfo
SymInitialize
SymLoadModule64
SymSetContext
SymSetOptions
SymSetSearchPath

imm32

ImmGetCompositionStringW
ImmGetContext
ImmNotifyIME
ImmReleaseContext

kernel32

BeginUpdateResourceA
CloseHandle
CompareStringA
CompareStringW
ConnectNamedPipe
CopyFileA
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateNamedPipeA
CreateProcessA
CreateRemoteThread
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EndUpdateResourceA
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceExA
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
GetACP
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFileTime
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessWorkingSetSize
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetTempPathA
GetThreadLocale
GetThreadPriority
GetThreadSelectorEntry
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MoveFileA
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReadProcessMemory
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetProcessAffinityMask
SetProcessWorkingSetSize
SetThreadAffinityMask
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateProcess
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
UpdateResourceA
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory

lua5.1-32

luaL_loadfile
luaL_loadstring
luaL_newstate
luaL_openlibs
luaL_ref
luaL_unref
lua_atpanic
lua_call
lua_close
lua_createtable
lua_error
lua_getfield
lua_getinfo
lua_getlocal
lua_getmetatable
lua_gettable
lua_gettop
lua_insert
lua_iscfunction
lua_isnumber
lua_isstring
lua_isuserdata
lua_newthread
lua_newuserdata
lua_next
lua_objlen
lua_pcall
lua_pushboolean
lua_pushcclosure
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushvalue
lua_rawgeti
lua_rawseti
lua_remove
lua_setfield
lua_sethook
lua_setmetatable
lua_settable
lua_settop
lua_toboolean
lua_tocfunction
lua_tointeger
lua_tolstring
lua_tonumber
lua_touserdata
lua_type

ole32

CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
GetErrorInfo
OleInitialize
OleUninitialize

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeTypeEx
VariantClear
VariantCopy
VariantInit

opengl32

wglCreateContext
wglMakeCurrent
wglUseFontBitmapsA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileW
ExtractIconA
SHBrowseForFolder
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteA

user32

AdjustWindowRectEx
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CallWindowProcW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharToOemA
CharUpperA
CharUpperBuffA
CharUpperBuffW
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CloseWindow
CopyImage
CountClipboardFormats
CreateCaret
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateA
DrawStateW
DrawTextA
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndPaint
EnumClipboardFormats
EnumPropsA
EnumThreadWindows
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassInfoW
GetClassLongA
GetClassNameA
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemInfoA
GetParent
GetPropA
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemA
IntersectRect
InvalidateRect
InvalidateRgn
IsClipboardFormatAvailable
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SendMessageTimeoutA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetSysColors
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenuEx
TranslateMessage
UnregisterClassA
UnregisterClassW
UnregisterHotKey
UpdateWindow
WindowFromDC
WindowFromPoint
keybd_event

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

WSACleanup
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
listen
recv
recvfrom
select
send
sendto
setsockopt
socket

wsock32

WSAStartup
gethostbyaddr
gethostbyname

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 179KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d10dafaa9a4cd4473efa1a3280308274

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45Certificate

Extended Key Usages

Key Usages

11:21:77:30:89:91:0c:f0:e7:ea:1d:8a:1e:40:3d:53:44:a8Certificate

Extended Key Usages

Key Usages

48:23:1e:7e:bd:ca:6f:15:90:1e:93:6b:27:16:ec:84:47:c8:5d:91Signer

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

hhctrl.ocx

imagehlp

imm32

kernel32

lua5.1-32

ole32

oleaut32

opengl32

shell32

user32

version

ws2_32

wsock32

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.data Size: 2.3MB - Virtual size: 2.3MB

.bss Size: - Virtual size: 179KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 18KB - Virtual size: 17KB

.rsrc Size: 312KB - Virtual size: 312KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

11:21:77:30:89:91:0c:f0:e7:ea:1d:8a:1e:40:3d:53:44:a8
Certificate

48:23:1e:7e:bd:ca:6f:15:90:1e:93:6b:27:16:ec:84:47:c8:5d:91
Signer

.text
Size: 4.7MB - Virtual size: 4.7MB

.data
Size: 2.3MB - Virtual size: 2.3MB

.bss
Size: - Virtual size: 179KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 312KB - Virtual size: 312KB