TradingView Premium Desktop[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

TradingView Premium Desktop.exe
Size

782.1MB
MD5

a44c11ff27b4350c9e4d368cd6ae4583
SHA1

9f5de149596e55a9b3560f3e162ce29d18c87f30
SHA256

311c992c91b94c32e6bdb543da6944a2c3c4ee45305416f2d5d9c4a96eb05099
SHA512

4cf4e9fbb39f24a1eabcbfe3e07cbfff568a62b27cb7587dd6bb466270b2c4d5673fb6ecaeb277bdf5d639e361bd33e396c1bab1c97e569e1d9c7180cc193f28
SSDEEP

98304:NCVtEz6jrCmBJ9jQeXGuzTdodTqVcfK6mkzfV9F2QNL4AXAtVo7:Ncw1y3zZoJK6mEdD2DAQE7

Score

1^/10

Malware Config

Signatures

Files

TradingView Premium Desktop.exe
.exe windows:5 windows x86 arch:x86

62769a759b7133155135a4c7d96aa831

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:50:f4:67:03:16:e5:22:d5:6b:45:0f:f0:1f:43:0e
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

16/11/2012, 00:00

Not After

16/11/2015, 23:59

Subject

CN=Deskover Soft,O=Deskover Soft,POSTALCODE=024102,STREET=ap 10 sector 2+STREET=16-18 Delea Veche,L=SECTORUL 2,ST=Bucharest,C=RO

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:e9:6f:3e:42:cb:4a:ca:5d:f0:d8:0a:f5:b3:04:7f:f4:db:39:0c
Signer

Actual PE Digest

39:e9:6f:3e:42:cb:4a:ca:5d:f0:d8:0a:f5:b3:04:7f:f4:db:39:0c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncpy
malloc
_wtoi64
??_V@YAXPAX@Z
atexit
memchr
strcpy_s
strchr
strtok_s
??_U@YAPAXI@Z
_time64
srand
rand
memmove
__CxxFrameHandler3

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
HeapSize
WideCharToMultiByte
IsValidCodePage
GetOEMCP
ExitProcess
SetCriticalSectionSpinCount
FlsAlloc
HeapAlloc
GetCurrentProcess
HeapFree
VirtualFree
GetProcessHeap
WriteFile
VirtualAllocExNuma
Sleep
ReadFile
CreateFileW
lstrcatA
MultiByteToWideChar
GetTempPathW
GetLastError
lstrcmpiA
GetProcAddress
VirtualAlloc
GlobalMemoryStatusEx
ConvertDefaultLocale
lstrcmpiW
GetModuleHandleA
VirtualProtect
CloseHandle
lstrlenA
FreeLibrary
GetThreadContext
SetThreadContext
ReadProcessMemory
SetHandleCount
WriteProcessMemory
VirtualQueryEx
OpenProcess
GetComputerNameA
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
CreateProcessA
CreateDirectoryA
GetLogicalDriveStringsA
CreateThread
CreateFileA
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
lstrcpynA
SystemTimeToFileTime
GetTickCount
GetLocalTime
CreateFileMappingA
GetFileInformationByHandle
lstrcpyA
GetCPInfo
HeapSetInformation
GetCommandLineA
HeapReAlloc
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
SetConsoleCtrlHandler
IsProcessorFeaturePresent
GetCurrentThread
InterlockedDecrement
GetACP
GetCurrentThreadId
SetLastError
GetFileType
QueryPerformanceCounter
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
VirtualAllocEx
GetStringTypeW
InterlockedIncrement
TlsFree
RaiseException
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
GetModuleHandleW
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
RtlUnwind
HeapCreate
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetDesktopWindow
OpenInputDesktop
wsprintfW
IsDialogMessageW
MessageBoxA
GetWindowLongW
ReleaseDC
GetWindowContextHelpId
GetCursorPos
SetThreadDesktop
RegisterClassW
IsWindowVisible
CharToOemA
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

gdi32

CreateDCA
GetDeviceCaps

advapi32

RegGetValueA
RegOpenKeyExA
GetUserNameA
GetCurrentHwProfileA

shell32

SHFileOperationA

ole32

CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

shlwapi

ord155

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmpↂl
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmpↂl
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62769a759b7133155135a4c7d96aa831

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

dd:50:f4:67:03:16:e5:22:d5:6b:45:0f:f0:1f:43:0eCertificate

Extended Key Usages

Key Usages

39:e9:6f:3e:42:cb:4a:ca:5d:f0:d8:0a:f5:b3:04:7f:f4:db:39:0cSigner

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wtsapi32

Sections

.text Size: - Virtual size: 184KB

.rdata Size: - Virtual size: 50KB

.data Size: - Virtual size: 2.2MB

.vmpↂl Size: - Virtual size: 3.1MB

.vmpↂl Size: 5.4MB - Virtual size: 5.4MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 73KB - Virtual size: 73KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

dd:50:f4:67:03:16:e5:22:d5:6b:45:0f:f0:1f:43:0e
Certificate

39:e9:6f:3e:42:cb:4a:ca:5d:f0:d8:0a:f5:b3:04:7f:f4:db:39:0c
Signer

.text
Size: - Virtual size: 184KB

.rdata
Size: - Virtual size: 50KB

.data
Size: - Virtual size: 2.2MB

.vmpↂl
Size: - Virtual size: 3.1MB

.vmpↂl
Size: 5.4MB - Virtual size: 5.4MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 73KB - Virtual size: 73KB