4886f8b8b85a9aedb084b8cb5e235d5c13c335fd63380e779a7e0dc2a864d85d

Sharing

Copy URL

Twitter E-mail

General

Target

4886f8b8b85a9aedb084b8cb5e235d5c13c335fd63380e779a7e0dc2a864d85d
Size

2.0MB
MD5

b7fa4d529ed71dec2b24119797cfcb8e
SHA1

fd78ca5760ecdf809478245fb92ae62418dbebf2
SHA256

4886f8b8b85a9aedb084b8cb5e235d5c13c335fd63380e779a7e0dc2a864d85d
SHA512

9f8820819d7f83019c77d5c22d7a1c19f283b41a80663f34391ff3b58a793e7e57f89d1fae9a6df821455fc9e971bde836c1339f1aa3835e2eb9abcca8c315fb
SSDEEP

24576:sufhKPqQR8W4SjkB01x5HmMfa3TTW7csfKVb4P3t3+BmvPUl43UzYhLGtE:LRAndy3qFiVg3t3+Bmvcl43UzYh8E

Score

1^/10

Malware Config

Signatures

Files

4886f8b8b85a9aedb084b8cb5e235d5c13c335fd63380e779a7e0dc2a864d85d
.exe windows:6 windows x86 arch:x86

dcd0d8367e0fe9afa24018e304248c02

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:f6:2f:c4:75:14:15:80:d1:17:c2:44:48:43:66:d5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28-11-2023 00:00

Not After

27-11-2026 23:59

Subject

SERIALNUMBER=91510100MAC13UF2XR,CN=成都霁悦科技有限公司,O=成都霁悦科技有限公司,L=成都市,ST=四川省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c21e68890e983bde9ab98e696b0e68a80e69cafe4baa7e4b89ae5bc80e58f91e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e59b9be5b79de79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:d6:ac:c2:cd:90:07:5b:0e:5e:1c:2e:ed:57:61:17:9e:a6:71:eb:19:31:81:20:44:aa:ff:cf:9d:46:f6:83
Signer

Actual PE Digest

af:d6:ac:c2:cd:90:07:5b:0e:5e:1c:2e:ed:57:61:17:9e:a6:71:eb:19:31:81:20:44:aa:ff:cf:9d:46:f6:83

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\.jenkins\workspace\MGame\general_user\AccountCenter\bin\Release\AccountCenter.pdb

Imports

kernel32

WritePrivateProfileStringW
GetPrivateProfileIntW
WideCharToMultiByte
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
lstrlenW
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
VirtualProtect
InitializeCriticalSectionEx
RaiseException
DecodePointer
VerifyVersionInfoW
TlsSetValue
TlsGetValue
CreateWaitableTimerW
SetWaitableTimer
GetModuleHandleW
FindResourceExW
OpenProcess
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
CreateMutexW
WaitForSingleObject
DeleteCriticalSection
CreateEventW
SleepEx
ReleaseMutex
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
VerSetConditionMask
FormatMessageA
LocalFree
TlsFree
TlsAlloc
TerminateThread
QueueUserAPC
WaitForMultipleObjects
SetEvent
PostQueuedCompletionStatus
OutputDebugStringW
CopyFileW
DeleteFileW
GetStartupInfoW
Sleep
ReadFile
GetFileSize
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetStdHandle
ReadConsoleW
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
CreateFileW
IsBadReadPtr
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
CloseHandle
IsDebuggerPresent
EncodePointer
GetStringTypeW
FormatMessageW
TryEnterCriticalSection
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread
GetExitCodeThread
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
WriteFile
FlushFileBuffers
lstrcpynW
lstrcpyW
MulDiv
GetACP
ExitProcess
FreeResource
lstrcmpW
FindFirstFileW
FindNextFileW
SetEndOfFile
SetFilePointer
SetFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersion
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GetTempFileNameW
GetTempPathW
ResumeThread
ResetEvent
GetLocalTime
IsProcessorFeaturePresent
UnhandledExceptionFilter
InitializeSListHead
LoadLibraryExW
CreateDirectoryW
SetFileAttributesW
FindClose
GetStdHandle
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
GetSystemWindowsDirectoryW
DeviceIoControl
lstrcmpA
RtlUnwind
GetFileAttributesExW
GetFileType
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
GetTimeZoneInformation

user32

InvalidateRect
GetClientRect
GetCursorPos
CreateCaret
GetCaretBlinkTime
SetCaretPos
ScreenToClient
MapWindowPoints
IntersectRect
UnionRect
IsRectEmpty
SetWindowLongW
GetParent
GetClassNameW
GetWindow
MonitorFromWindow
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
ShowWindow
EnableWindow
SetPropW
GetPropW
LoadCursorW
LoadImageW
wvsprintfW
SetCursor
InflateRect
OffsetRect
SetWindowRgn
MessageBoxW
CharPrevW
DrawTextW
SetRect
DestroyIcon
DrawIconEx
GetIconInfo
GetMessagePos
MoveWindow
GetDlgCtrlID
DrawFocusRect
FillRect
HideCaret
ShowCaret
EndPaint
GetSysColor
GetWindowDC
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
RemovePropW
FindWindowExW
IsWindowEnabled
GetDC
ReleaseDC
MonitorFromPoint
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
RegisterWindowMessageW
GetShellWindow
GetUpdateRect
BeginPaint
ReleaseCapture
SetCapture
GetKeyState
GetFocus
SetFocus
CharNextW
IsZoomed
GetWindowThreadProcessId
AttachThreadInput
SetWindowPos
BringWindowToTop
GetForegroundWindow
UpdateLayeredWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExW
SetForegroundWindow
KillTimer
SetTimer
PostQuitMessage
wsprintfW
ChangeWindowMessageFilter
SetWindowTextW
IsIconic
IsWindowVisible
PostMessageW
GetMonitorInfoW
GetWindowLongW
PtInRect
GetWindowRect
ClientToScreen

gdi32

ExtTextOutW
GetDIBits
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteObject
GetStockObject
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDCW
DeleteDC
CreateDIBSection
SetDIBColorTable
TextOutW
GetTextColor
CreateSolidBrush
SetDIBitsToDevice

advapi32

RegCreateKeyExW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
LookupPrivilegeValueW
GetTokenInformation
DuplicateTokenEx
AdjustTokenPrivileges
OpenProcessToken
RegEnumKeyExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
ord165
ShellExecuteW

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
OleLockRunning
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayCreate
SafeArrayPutElement
SysStringLen
VariantClear
VariantInit

shlwapi

PathFindFileNameW
StrCmpNIW
StrTrimA
StrStrIW
SHAutoComplete
PathRemoveFileSpecW
StrCmpIW
PathCombineW
PathFileExistsW
PathAppendW
StrStrIA

gdiplus

GdipDrawEllipseI
GdipLoadImageFromFile
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
GdipFillPath
GdipDrawImagePointsI
GdipDrawImageRectRectI
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipAddPathArc

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

WSASocketW
WSARecv
WSASetLastError
shutdown
setsockopt
listen
htons
WSASend
WSAGetLastError
WSACleanup
ioctlsocket
WSAStartup
bind
closesocket

mswsock

GetAcceptExSockaddrs
AcceptEx

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

comctl32

ord17
_TrackMouseEvent
ImageList_DrawEx
ImageList_GetIconSize
InitCommonControlsEx

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcd0d8367e0fe9afa24018e304248c02

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:f6:2f:c4:75:14:15:80:d1:17:c2:44:48:43:66:d5Certificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

af:d6:ac:c2:cd:90:07:5b:0e:5e:1c:2e:ed:57:61:17:9e:a6:71:eb:19:31:81:20:44:aa:ff:cf:9d:46:f6:83Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

version

ws2_32

mswsock

wininet

iphlpapi

urlmon

comctl32

msimg32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 280KB - Virtual size: 280KB

.data Size: 30KB - Virtual size: 64KB

.rsrc Size: 203KB - Virtual size: 203KB

.reloc Size: 81KB - Virtual size: 80KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:f6:2f:c4:75:14:15:80:d1:17:c2:44:48:43:66:d5
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

af:d6:ac:c2:cd:90:07:5b:0e:5e:1c:2e:ed:57:61:17:9e:a6:71:eb:19:31:81:20:44:aa:ff:cf:9d:46:f6:83
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 280KB - Virtual size: 280KB

.data
Size: 30KB - Virtual size: 64KB

.rsrc
Size: 203KB - Virtual size: 203KB

.reloc
Size: 81KB - Virtual size: 80KB