5f79e481ba8a36335d835f455a42cec51cc6fea82c7992f58cbd93fa26b5ba8c

Sharing

Copy URL

Twitter E-mail

General

Target

5f79e481ba8a36335d835f455a42cec51cc6fea82c7992f58cbd93fa26b5ba8c
Size

2.6MB
MD5

27a719925aa833e28063a71a1dd2ac6c
SHA1

d37ef03bc48dc77cd8d017e7c577006e9185c04d
SHA256

5f79e481ba8a36335d835f455a42cec51cc6fea82c7992f58cbd93fa26b5ba8c
SHA512

1bd9666eb823a160cf5220924e044183bebef1121d327e3cd7bcf3502d91a127befef5813479dbc1ea69b48ec21f8ba76232b6d30bf095ed3ec1e2feba9dfe48
SSDEEP

49152:MuGXR72fqo9uwpWNAKcCXqLQZTPn/XZM/4IKY/RsYCT/uCcZRfoPqrrMMDMMM66Q:iB7EpWNAHQZTPn/XZMQIR6YCLuffoPqD

Score

1^/10

Malware Config

Signatures

Files

5f79e481ba8a36335d835f455a42cec51cc6fea82c7992f58cbd93fa26b5ba8c
.exe windows:5 windows x86 arch:x86

48c4be1de0258ae611ff345e67aff239

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6d
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/05/2023, 00:00

Not After

01/10/2024, 23:59

Subject

CN=SEIKO EPSON CORPORATION,O=SEIKO EPSON CORPORATION,L=Suwa-Shi,ST=Nagano,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

af:ae:5f:37:18:8b:a5:7e:4a:60:45:3b:46:f2:df:dd:cb:03:2e:86
Signer

Actual PE Digest

af:ae:5f:37:18:8b:a5:7e:4a:60:45:3b:46:f2:df:dd:cb:03:2e:86

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EPSDNAVI.pdb

Imports

comctl32

ImageList_GetIconSize
InitCommonControlsEx
_TrackMouseEvent

iphlpapi

GetIfTable
GetIpStatistics
GetIfEntry
GetTcpStatistics

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetMalloc
SHGetSpecialFolderPathW
SHBrowseForFolderW

uxtheme

IsAppThemed
CloseThemeData
IsThemePartDefined
GetThemeBackgroundContentRect
OpenThemeData
DrawThemeBackground

kernel32

GetDateFormatA
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
CloseHandle
WriteFile
CreateFileW
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetTempPathW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
ExitProcess
VirtualQuery
GetSystemInfo
IsDebuggerPresent
GetTimeFormatA
UnhandledExceptionFilter
TerminateProcess
WritePrivateProfileStringW
GetSystemTimeAsFileTime
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetSystemDirectoryW
GetTempFileNameW
GetFileTime
GetFileSizeEx
SetErrorMode
GetCurrentDirectoryW
GlobalFlags
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
MultiByteToWideChar
HeapSize
HeapFree
HeapAlloc
GetProcessHeap
VirtualFree
VirtualAlloc
lstrcmpA
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceW
TlsAlloc
LCMapStringW
IsValidCodePage
GetOEMCP
GlobalReAlloc
TlsGetValue
GetACP
GetCPInfo
QueryPerformanceCounter
SetUnhandledExceptionFilter
lstrcpyW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReleaseMutex
CreateEventW
SetThreadPriority
GetThreadLocale
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
LoadLibraryExW
MulDiv
ReadFile
SetFilePointer
SetEvent
GetExitCodeThread
SuspendThread
ResumeThread
CreateMutexW
UnmapViewOfFile
GetCurrentProcessId
MapViewOfFile
CreateFileMappingW
FormatMessageW
GetSystemDefaultLCID
GetStringTypeExW
GetUserDefaultLangID
lstrlenW
GetPrivateProfileIntW
GetCurrentThreadId
Sleep
GetTimeZoneInformation
GetExitCodeProcess
WaitForSingleObject
FindClose
FindFirstFileW
ExpandEnvironmentStringsW
SetLastError
GetCurrentProcess
GetModuleHandleW
GetPrivateProfileSectionNamesW
GlobalSize
GetVersionExW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
GetFileAttributesW
GetModuleFileNameW
lstrcmpW
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
GlobalLock
OutputDebugStringW
GlobalFree
GlobalHandle
GlobalUnlock
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
DeleteFileW
CopyFileW
GetLastError

user32

InsertMenuItemW
TranslateAcceleratorW
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
RegisterClipboardFormatW
GetNextDlgGroupItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
SetClassLongW
DestroyAcceleratorTable
SetParent
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsZoomed
NotifyWinEvent
MessageBeep
RedrawWindow
SetWindowRgn
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
DestroyMenu
GetMenuItemInfoW
GetSysColorBrush
SystemParametersInfoW
DrawStateW
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
GetMessageW
ValidateRect
GetCursorPos
WindowFromPoint
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CreateMenu
GetWindowRgn
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ReuseDDElParam
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
LoadMenuW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
GetIconInfo
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SetScrollPos
OffsetRect
GetScrollPos
SetRectEmpty
SetFocus
GetFocus
DestroyCaret
CreateCaret
ReleaseCapture
MapWindowPoints
DrawFrameControl
GetKeyState
DrawEdge
PtInRect
DeleteMenu
IsWindowVisible
UpdateWindow
CheckMenuItem
UnpackDDElParam
CopyIcon
CharUpperBuffW
PostThreadMessageW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
WinHelpW
EnableWindow
GetWindowRect
SendMessageW
CheckDlgButton
GetAsyncKeyState
GetClientRect
WaitMessage
SetRect
IsWindow
InvalidateRect
FillRect
ShowScrollBar
PostMessageW
GetParent
CopyRect
GetWindow
SetTimer
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
KillTimer
LoadImageW
DestroyIcon
SetCursor
LoadCursorW
LoadIconW
DrawIconEx
GetSysColor
DestroyCursor
InflateRect
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
GetDC
ReleaseDC
GetWindowLongW
GetSystemMetrics
ScreenToClient
SetWindowPos
GetSystemMenu
EnableMenuItem
GetDesktopWindow
GetPropW
IsIconic
GetLastActivePopup
SetPropW
AppendMenuW
DrawIcon
ShowWindow
SetWindowLongW
CharNextW

gdi32

DeleteDC
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetBkColor
GetTextColor
CreateDIBitmap
GetTextMetricsW
GetTextCharsetInfo
GetRgnBox
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
OffsetRgn
RealizePalette
SetPixel
RoundRect
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
Rectangle
CreateBrushIndirect
GetDeviceCaps
EnumFontFamiliesW
Polygon
CreatePen
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateFontIndirectW
CreateRectRgnIndirect
CreateSolidBrush
GetStockObject
DeleteObject
GetTextExtentPoint32W
CreateDIBSection
GetObjectW
CreateRectRgn
CreateCompatibleDC
SetDIBColorTable
SelectObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

EnumPrintersW
OpenPrinterW
DocumentPropertiesW
GetPrinterDataW
GetPrinterW
GetPrinterDriverW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SysFreeString
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SysAllocStringLen
SysStringLen
VariantChangeType
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipDrawImageRectI
GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode

wintrust

WinVerifyTrust

crypt32

CryptQueryObject
CryptMsgGetParam
CertCloseStore
CryptMsgClose
CryptDecodeObject
CertFindCertificateInStore
CertGetNameStringW
CertFreeCertificateContext

rpcrt4

UuidCreate

wtsapi32

WTSFreeMemory
WTSEnumerateProcessesW

winhttp

WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpConnect
WinHttpCrackUrl
WinHttpOpen
WinHttpSetTimeouts
WinHttpGetProxyForUrl

wininet

InternetSetOptionW
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
HttpSendRequestW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48c4be1de0258ae611ff345e67aff239

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6dCertificate

Extended Key Usages

Key Usages

af:ae:5f:37:18:8b:a5:7e:4a:60:45:3b:46:f2:df:dd:cb:03:2e:86Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

iphlpapi

shell32

uxtheme

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

gdiplus

wintrust

crypt32

rpcrt4

wtsapi32

winhttp

wininet

version

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 365KB - Virtual size: 365KB

.data Size: 29KB - Virtual size: 57KB

.rsrc Size: 406KB - Virtual size: 406KB

.reloc Size: 169KB - Virtual size: 169KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6d
Certificate

af:ae:5f:37:18:8b:a5:7e:4a:60:45:3b:46:f2:df:dd:cb:03:2e:86
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 365KB - Virtual size: 365KB

.data
Size: 29KB - Virtual size: 57KB

.rsrc
Size: 406KB - Virtual size: 406KB

.reloc
Size: 169KB - Virtual size: 169KB