6d7a6e7c674e93b337ed751614e214ab6430a4c4ae5a9811c3ed3fdac5e0ae59[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6d7a6e7c674e93b337ed751614e214ab6430a4c4ae5a9811c3ed3fdac5e0ae59.exe
Size

2.3MB
MD5

9639830d1a300d2e4c409c5809374039
SHA1

69a8860b3e95de30f7abb485d11908c4deceff68
SHA256

6d7a6e7c674e93b337ed751614e214ab6430a4c4ae5a9811c3ed3fdac5e0ae59
SHA512

8d5a1aa9e840fdb105131f5b28883f565ec2361c2a3cad3439f4221daf886ad1770baabb4027383c5e48e532e8e6222eef789b08dc2dd2a3f4dfce63c0545efa
SSDEEP

24576:c9oYv0s5EOybPGe+LAm0q9eKYSec3skTdG6kFjN/FGitIFcGbQD4vWpy0JeWJ06G:Kvvv9e0eyskTdh2N/FGiuFcZi0g0DU5T

Score

1^/10

Malware Config

Signatures

Files

6d7a6e7c674e93b337ed751614e214ab6430a4c4ae5a9811c3ed3fdac5e0ae59.exe
.exe windows:5 windows x86 arch:x86

38a27b0dd57a5c25ab8b3b91a143c948

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:c0:f0:2d:a5:7c:c9:b6:18:22:3a:e8:8a:a6:32:aa:34:39:b9:db:fb:32:23:35:50:23:99:57:3c:cb:17:ed
Signer

Actual PE Digest

4d:c0:f0:2d:a5:7c:c9:b6:18:22:3a:e8:8a:a6:32:aa:34:39:b9:db:fb:32:23:35:50:23:99:57:3c:cb:17:ed

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
mciSendStringW

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetLocalTime
LocalUnlock
LocalLock
MulDiv
GetVolumeInformationW
lstrcpynA
lstrlenA
GetCurrentProcessId
LockResource
GlobalSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetTempPathW
CompareFileTime
ExpandEnvironmentStringsA
LoadLibraryA
SetFilePointer
GetFileTime
GetFileSize
GetFileAttributesW
DeleteFileW
GetTempFileNameW
RemoveDirectoryW
CreateDirectoryW
GetFileAttributesExW
GetTimeZoneInformation
GetConsoleCP
LCMapStringW
LCMapStringA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
InterlockedDecrement
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapSize
HeapReAlloc
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetSystemTimeAsFileTime
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetStringTypeA
GetStringTypeW
InterlockedIncrement
GetLogicalDrives
GetDriveTypeW
GetTickCount
AreFileApisANSI
WideCharToMultiByte
CreateFileW
DeviceIoControl
ResetEvent
GetProcAddress
GetDiskFreeSpaceExW
CreatePipe
DuplicateHandle
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CreateEventW
WriteFile
WaitForMultipleObjects
PeekNamedPipe
ReadFile
TerminateProcess
SetEvent
TerminateThread
CreateProcessW
GetLastError
DosDateTimeToFileTime
FileTimeToSystemTime
GetDateFormatW
FindFirstFileW
FindNextFileW
FindClose
lstrcmpW
GetConsoleMode
lstrcpyW
SetLastError
CreateThread
WaitForSingleObject
Sleep
CloseHandle
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenW
lstrcpynW
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
RaiseException
LoadLibraryW
FreeLibrary
GetModuleFileNameW
lstrcatW
CompareStringW
SetEnvironmentVariableA
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount

user32

MessageBeep
LoadStringA
PostQuitMessage
CreatePopupMenu
IsDialogMessageW
TranslateAcceleratorW
GetCapture
GetMessagePos
DrawEdge
RemoveMenu
UnregisterClassA
SetRectEmpty
SetCursor
IsMenu
GetMenuItemCount
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
wsprintfW
GetFocus
OpenClipboard
IsZoomed
IsIconic
SetMenu
GetMenu
IsWindowVisible
GetWindowThreadProcessId
ModifyMenuW
PtInRect
ReleaseCapture
SetCapture
LoadStringW
LoadAcceleratorsW
RegisterClassExW
CharNextW
LoadCursorW
GetClassInfoExW
wvsprintfW
FrameRect
ClientToScreen
GetWindowLongA
SetWindowLongA
CallWindowProcA
FindWindowExW
CheckMenuItem
EnableMenuItem
RegisterClipboardFormatW
SendDlgItemMessageW
SetWindowsHookExW
GetClassNameW
CallNextHookEx
WindowFromPoint
GetKeyState
GetWindowDC
LoadMenuW
InflateRect
OffsetRect
DrawFrameControl
DrawStateW
DestroyMenu
GetSubMenu
EndPaint
BeginPaint
RedrawWindow
GetCursorPos
TrackPopupMenuEx
SetMenuDefaultItem
CharLowerW
UnhookWindowsHookEx
RegisterWindowMessageW
IsWindowUnicode
GetMenuItemInfoW
SetMenuItemInfoW
PostMessageW
SetFocus
GetSysColor
DrawTextW
DrawFocusRect
GetSysColorBrush
FillRect
TrackMouseEvent
InvalidateRect
MoveWindow
LoadIconW
LoadBitmapW
CreateWindowExW
GetSystemMetrics
KillTimer
SetTimer
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
CallWindowProcW
DestroyWindow
DefWindowProcW
InsertMenuW
IsWindowEnabled
GetSystemMenu
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextW
GetActiveWindow
EnableWindow
CreateDialogParamW
DialogBoxParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
IsWindow
ShowWindow
SetWindowTextW
LoadImageW
DestroyIcon
SetWindowLongW
GetDC
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
GetParent
SetDlgItemTextW
ReleaseDC
GetWindowLongW
SendMessageW
EndDialog
UpdateWindow
AppendMenuW

gdi32

GetTextExtentPoint32W
ExcludeClipRect
CreateDIBSection
SetBrushOrgEx
CreateBitmap
CreatePatternBrush
PatBlt
CreateSolidBrush
ExtTextOutW
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
SetTextColor
SelectObject
DeleteDC
GetTextMetricsW
DeleteObject
GetDeviceCaps
BitBlt
SetBkMode
GetObjectW
GetStockObject
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExA
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueExA
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
DragQueryPoint
DragFinish
ord18
ord17
ord16
ord155
SHGetSpecialFolderLocation
DragQueryFileW
SHGetDesktopFolder
SHGetMalloc
ord4
ord2
SHGetFolderPathW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
ord25

ole32

RegisterDragDrop
RevokeDragDrop
OleUninitialize
OleInitialize
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
CoLockObjectExternal
DoDragDrop

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_Add
ImageList_Draw
InitCommonControlsEx
CreateStatusWindowW
ImageList_GetImageCount

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38a27b0dd57a5c25ab8b3b91a143c948

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

4d:c0:f0:2d:a5:7c:c9:b6:18:22:3a:e8:8a:a6:32:aa:34:39:b9:db:fb:32:23:35:50:23:99:57:3c:cb:17:edSigner

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 780KB - Virtual size: 779KB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 26KB - Virtual size: 324KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

4d:c0:f0:2d:a5:7c:c9:b6:18:22:3a:e8:8a:a6:32:aa:34:39:b9:db:fb:32:23:35:50:23:99:57:3c:cb:17:ed
Signer

.text
Size: 780KB - Virtual size: 779KB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 26KB - Virtual size: 324KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB