cd93469dddd59ddd54ea319a52bdacdeeb304c437e29dc68754ee62a1f8729c7

Sharing

Copy URL Twitter E-mail

General

Target

cd93469dddd59ddd54ea319a52bdacdeeb304c437e29dc68754ee62a1f8729c7
Size

1.2MB
MD5

1e9e59946dfa5c4725ae99244dac7b5d
SHA1

113d388bc0413c49e31a84c47c46e9457079b0ac
SHA256

cd93469dddd59ddd54ea319a52bdacdeeb304c437e29dc68754ee62a1f8729c7
SHA512

85b4b544d9ba3f2eed86d64b69fa5041d2d9d9000102830ff6854f2aa02cc53e51e4a74978780d65749f04c3bc86db3c0acc8db622f13dde2548440da51bc725
SSDEEP

24576:e+U92swAw2Qh4JY2NAF6jeThHkZWjTztFpTW+O3CGoJ26JrEH7n:e+gQMYkqGNP

Score

1^/10

Malware Config

Signatures

Files

cd93469dddd59ddd54ea319a52bdacdeeb304c437e29dc68754ee62a1f8729c7
.exe windows:5 windows x86 arch:x86

dbecc0e6818d65af385247ac7934152e

Code Sign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/11/2018, 00:00

Not After

07/11/2021, 23:59

Subject

SERIALNUMBER=91440605MA4UTBEQ1U,CN=FOSHAN CHENXING TECH\,CO.\,LTD,OU=IT Dept,O=FOSHAN CHENXING TECH\,CO.\,LTD,L=FoShan,ST=GuangDong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130c466f5368616e4e616e486169,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67446f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/11/2018, 00:00

Not After

07/11/2021, 23:59

Subject

SERIALNUMBER=91440605MA4UTBEQ1U,CN=FOSHAN CHENXING TECH\,CO.\,LTD,OU=IT Dept,O=FOSHAN CHENXING TECH\,CO.\,LTD,L=FoShan,ST=GuangDong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130c466f5368616e4e616e486169,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67446f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:ed:9f:c9:96:66:9e:88:3d:ed:6b:e8:dc:7e:52:e8:7d:d0:5c:a5:8e:2b:44:b1:97:9b:ba:1d:65:59:0d:e1
Signer

Actual PE Digest

2c:ed:9f:c9:96:66:9e:88:3d:ed:6b:e8:dc:7e:52:e8:7d:d0:5c:a5:8e:2b:44:b1:97:9b:ba:1d:65:59:0d:e1

Digest Algorithm

sha256

PE Digest Matches

false

84:7d:bc:8a:b1:c3:a8:5f:93:59:25:76:d1:77:96:fe:f3:28:0b:a7
Signer

Actual PE Digest

84:7d:bc:8a:b1:c3:a8:5f:93:59:25:76:d1:77:96:fe:f3:28:0b:a7

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\PCUnlocker-LiveCD\Release_Enterprise\PCUNLOCKER.pdb

Imports

shell32

SHGetFolderPathA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA

kernel32

SetEndOfFile
GetCurrentProcess
GetModuleHandleW
SetErrorMode
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapReAlloc
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ExitProcess
GetCommandLineA
RtlUnwind
RaiseException
VirtualAlloc
HeapSize
HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
LCMapStringW
SetHandleCount
LCMapStringA
SetStdHandle
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetStringTypeA
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
ReadFile
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetModuleFileNameW
MulDiv
WritePrivateProfileStringA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GlobalAlloc
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
lstrcpyA
LoadLibraryExA
FreeLibrary
LocalFree
WinExec
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
CreateDirectoryA
FormatMessageA
FindNextVolumeA
FindFirstVolumeA
GetVolumePathNamesForVolumeNameA
DeviceIoControl
SetVolumeMountPointA
GetDriveTypeA
DeleteVolumeMountPointA
FindVolumeClose
DeleteFileA
FileTimeToLocalFileTime
CloseHandle
LockResource
CopyFileA
GetLastError
GetLogicalDriveStringsA
FileTimeToSystemTime
CreateProcessA
SizeofResource
Sleep
WideCharToMultiByte
WriteFile
WaitForSingleObject
LoadResource
FreeResource
FindResourceA
CreateFileA
MultiByteToWideChar
GetStartupInfoA

shlwapi

StrStrIA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathFileExistsA

user32

UnregisterClassA
DestroyMenu
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
SetCursor
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetDlgItemTextA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetWindow
GetWindowLongA
SetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
GetMenuState
CheckMenuItem
GetParent
DrawStateA
InvalidateRect
SetWindowRgn
GetWindowRect
GetWindowDC
IsIconic
IsZoomed
GetSubMenu
LoadBitmapA
LoadMenuA
LoadIconA
DrawIcon
GetClientRect
ExitWindowsEx
PtInRect
GetDC
ReleaseDC
EnableMenuItem
PostMessageA
GetSystemMetrics
SendMessageA
EnableWindow
LoadCursorA
GetSysColorBrush
GetSysColor

gdi32

DeleteDC
GetDeviceCaps
ScaleWindowExtEx
Escape
ExtTextOutA
TextOutA
SetWindowExtEx
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetStockObject
GetTextExtentPoint32A
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn
GetObjectA
CreateSolidBrush
DeleteObject
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontIndirectA
SelectObject

msimg32

TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA

comctl32

InitCommonControlsEx
_TrackMouseEvent

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitializeEx

oleaut32

VariantClear
VariantChangeType
VariantInit

winmm

mciSendStringA

Sections

.text
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 645KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbecc0e6818d65af385247ac7934152e

Code Sign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate

Extended Key Usages

Key Usages

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7Certificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate

Extended Key Usages

Key Usages

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

2c:ed:9f:c9:96:66:9e:88:3d:ed:6b:e8:dc:7e:52:e8:7d:d0:5c:a5:8e:2b:44:b1:97:9b:ba:1d:65:59:0d:e1Signer

84:7d:bc:8a:b1:c3:a8:5f:93:59:25:76:d1:77:96:fe:f3:28:0b:a7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

kernel32

shlwapi

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

winmm

Sections

.text Size: 330KB - Virtual size: 330KB

.rdata Size: 124KB - Virtual size: 124KB

.data Size: 36KB - Virtual size: 51KB

.rsrc Size: 645KB - Virtual size: 644KB

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

5f:95:6e:a2:09:02:45:59:88:58:5f:ec:c9:3d:db:b7
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

2c:ed:9f:c9:96:66:9e:88:3d:ed:6b:e8:dc:7e:52:e8:7d:d0:5c:a5:8e:2b:44:b1:97:9b:ba:1d:65:59:0d:e1
Signer

84:7d:bc:8a:b1:c3:a8:5f:93:59:25:76:d1:77:96:fe:f3:28:0b:a7
Signer

.text
Size: 330KB - Virtual size: 330KB

.rdata
Size: 124KB - Virtual size: 124KB

.data
Size: 36KB - Virtual size: 51KB

.rsrc
Size: 645KB - Virtual size: 644KB