630155dd06b45e9d804b0e5112a1983cd2bfa590816a70c4a353cf21794e2def[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

630155dd06b45e9d804b0e5112a1983cd2bfa590816a70c4a353cf21794e2def.exe
Size

3.8MB
MD5

4e98e878bdcd6d9e77fabf2e1c2f780b
SHA1

e4986c4993006ce32858bd11a4e97969138d0fe0
SHA256

630155dd06b45e9d804b0e5112a1983cd2bfa590816a70c4a353cf21794e2def
SHA512

f61e81d183aa4ebe37a1060424beffa66425819cc5ccb09e945be76c3370136583c02a941b6eb003632856af536901ed92b18008ba4919fbd6a37600434282fe
SSDEEP

98304:ITcOeIdcUP6wg45kHjObfMSDzbF7jo7t1a/l+6n:IceP5kHqN7joR0/l5

Score

1^/10

Malware Config

Signatures

Files

630155dd06b45e9d804b0e5112a1983cd2bfa590816a70c4a353cf21794e2def.exe
.exe windows:5 windows x86 arch:x86

bcd973cdeb2864904100d0c06056c94d

Code Sign

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6
Certificate

Issuer

CN=ShenZhen Thunder Networking Technologies Ltd.,O=Internet Widgits Pty Ltd,ST=Some-State,C=CN

Not Before

27-08-2024 10:44

Not After

25-08-2034 10:44

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,O=Internet Widgits Pty Ltd,ST=Some-State,C=CN

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6
Certificate

Issuer

CN=ShenZhen Thunder Networking Technologies Ltd.,O=Internet Widgits Pty Ltd,ST=Some-State,C=CN

Not Before

27-08-2024 10:44

Not After

25-08-2034 10:44

Subject

CN=ShenZhen Thunder Networking Technologies Ltd.,O=Internet Widgits Pty Ltd,ST=Some-State,C=CN

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:40:e3:1f:c6:f4:ec:84:e9:21:c2:50:7a:d8:dd:79:93:3b:c8:8b:81:43:cd:71:ff:69:6a:74:93:d6:7d:b0
Signer

Actual PE Digest

57:40:e3:1f:c6:f4:ec:84:e9:21:c2:50:7a:d8:dd:79:93:3b:c8:8b:81:43:cd:71:ff:69:6a:74:93:d6:7d:b0

Digest Algorithm

sha256

PE Digest Matches

false

66:f1:c3:5c:52:a8:84:68:ba:21:4f:6e:59:34:af:4f:f5:c1:c6:21
Signer

Actual PE Digest

66:f1:c3:5c:52:a8:84:68:ba:21:4f:6e:59:34:af:4f:f5:c1:c6:21

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\BranchAI\win\Release\stubs\x86\ExternalUi.pdb

Imports

kernel32

lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
CompareStringW
GetDriveTypeW
lstrcmpiW
lstrlenW
FreeLibrary
LoadLibraryW
CreateDirectoryW
CreateFileW
WriteFile
GetFileSize
ReadFile
SetStdHandle
WriteConsoleW
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
IsValidCodePage
GetOEMCP
GetACP
GlobalFree
LCMapStringA
GetCPInfo
LCMapStringW
RtlUnwind
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
PeekNamedPipe
OpenEventW
TerminateProcess
OpenProcess
SearchPathW
GetLocaleInfoA
GetStringTypeW
ConnectNamedPipe
CreateNamedPipeW
ResetEvent
MoveFileW
TerminateThread
GetSystemDirectoryW
GetLocalTime
OutputDebugStringW
GlobalMemoryStatus
GetVersion
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetWindowsDirectoryW
GetTempPathW
GetTempPathA
GetSystemTime
GetTempFileNameW
DeleteFileW
GetTempFileNameA
DeleteFileA
FindFirstFileW
RemoveDirectoryW
FindNextFileW
GetLogicalDriveStringsW
GetFileAttributesW
CreateFileA
SetFileAttributesW
CopyFileW
LocalAlloc
WaitForMultipleObjects
GetSystemInfo
InterlockedExchange
WideCharToMultiByte
LoadLibraryExW
MultiByteToWideChar
FindClose
HeapCreate
CloseHandle
GetExitCodeThread
SetEvent
CreateEventW
SetLastError
Sleep
GetLastError
GetCurrentThreadId
MulDiv
WaitForSingleObject
lstrcpynW
FindResourceExW
GetUserDefaultLangID
GetSystemDefaultLangID
GetLocaleInfoW
EnumResourceLanguagesW
SetEndOfFile
SetCurrentDirectoryW
GetCommandLineW
UnlockFile
LockFile
GetExitCodeProcess
FindResourceW
CreateProcessA
CreateProcessW
DuplicateHandle
GetModuleFileNameA
FlushFileBuffers
SetFilePointer
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetStdHandle
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
RaiseException
FlushInstructionCache
GetStartupInfoA
GetCurrentProcess
LocalFree
LoadLibraryA
GetVersionExW
SetConsoleTextAttribute
GetCurrentThread
GetEnvironmentVariableW
GetDiskFreeSpaceExW
FormatMessageW
GetShortPathNameW
GetFullPathNameW
CreateThread
SetUnhandledExceptionFilter

user32

CallWindowProcW
GetClientRect
SetWindowLongW
GetParent
GetWindow
SendMessageW
GetWindowLongW
GetWindowTextLengthW
FillRect
IsWindow
ShowWindow
GetWindowRect
UnionRect
IsWindowVisible
BeginPaint
EndPaint
GetWindowTextW
DefWindowProcW
ReleaseDC
GetWindowDC
SetWindowPos
MapWindowPoints
SetCursor
DrawFrameControl
RegisterWindowMessageW
InvalidateRgn
GetDesktopWindow
GetKeyState
DrawStateW
DrawTextExW
DrawFocusRect
ValidateRect
DestroyMenu
AppendMenuW
CreatePopupMenu
TrackPopupMenu
InflateRect
LoadBitmapW
MessageBeep
CharNextW
GetClassNameW
ReleaseCapture
GetCapture
SetCapture
UpdateWindow
DestroyIcon
GetDlgCtrlID
SetScrollInfo
GetScrollPos
GetClassInfoExW
RegisterClassExW
SetScrollPos
SetRect
MoveWindow
GetScrollInfo
GetMessagePos
SystemParametersInfoW
GetActiveWindow
TrackMouseEvent
GetAsyncKeyState
DestroyCursor
GetWindowRgn
CopyRect
IsZoomed
SetWindowRgn
GetComboBoxInfo
DestroyAcceleratorTable
CreateAcceleratorTableW
TranslateAcceleratorW
CreateDialogParamW
EndDialog
DialogBoxParamW
InvalidateRect
GetNextDlgTabItem
SetFocus
GetDC
MonitorFromWindow
GetMonitorInfoW
LoadImageW
IsDialogMessageW
IsChild
PostQuitMessage
PostMessageW
SetForegroundWindow
SetCursorPos
GetCursorPos
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
LoadIconW
DialogBoxIndirectParamW
GetForegroundWindow
EnumWindows
GetWindowThreadProcessId
GetPropW
GetSystemMenu
EnableMenuItem
MsgWaitForMultipleObjects
ModifyMenuW
FindWindowW
ExitWindowsEx
GetScrollRange
SetPropW
RemovePropW
LoadMenuW
GetSubMenu
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
GetIconInfo
SendMessageTimeoutW
UnregisterClassA
LoadStringW
MessageBoxW
GetFocus
RedrawWindow
IsWindowEnabled
EnableWindow
DestroyWindow
DrawTextW
DrawIconEx
GetSystemMetrics
ClientToScreen
OffsetRect
SetRectEmpty
PtInRect
GetSysColorBrush
IntersectRect
IsRectEmpty
SendMessageA
GetSysColor
CreateWindowExW
GetDlgItem
SetWindowTextW
EqualRect
SetTimer
KillTimer
ScreenToClient

gdi32

GetLayout
GetBrushOrgEx
CreateFontIndirectW
CreateSolidBrush
Rectangle
CreatePen
ExtTextOutW
SetBkColor
GetRgnBox
EqualRgn
CreatePolygonRgn
CreateRectRgnIndirect
GetStockObject
CreateFontW
ExcludeClipRect
SetBkMode
GetBitmapBits
SetBrushOrgEx
CreatePatternBrush
FillRgn
SelectClipRgn
CombineRgn
CreateRectRgn
GetObjectW
GetDeviceCaps
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SelectObject
DeleteDC
CreateDIBSection
CreateBitmapIndirect
SetTextColor

advapi32

RegOpenKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
GetSecurityDescriptorDacl
AdjustTokenPrivileges
LookupPrivilegeValueW
StartServiceW
QueryServiceStatus
OpenServiceW
RegDeleteValueA
RegQueryValueExA
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegOpenKeyA
OpenSCManagerW
LockServiceDatabase
UnlockServiceDatabase
CloseServiceHandle
RegOpenKeyExA
RegEnumValueA
LookupAccountSidW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameW
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA

shell32

ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CLSIDFromString
OleInitialize
CoInitializeEx
CLSIDFromProgID
CoTaskMemRealloc
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoUninitialize
CoTaskMemFree
CoInitialize
OleLockRunning

oleaut32

SysAllocStringByteLen
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VariantCopy
SysStringByteLen
VariantClear
SysAllocString
SysFreeString
OleLoadPicture
VarDateFromStr
VarUI4FromStr
VariantInit

dbghelp

SymSetSearchPath
SymCleanup
SymInitialize
SymSetOptions
SymFunctionTableAccess
SymGetModuleBase
StackWalk
SymGetLineFromAddr

shlwapi

PathIsUNCW
PathAddBackslashW
PathFileExistsW
PathIsDirectoryW

comctl32

ImageList_Add
PropertySheetW
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_LoadImageW
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Destroy
_TrackMouseEvent
ImageList_Create
CreatePropertySheetPageW

msimg32

AlphaBlend
TransparentBlt

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

netapi32

NetUserGetLocalGroups

comdlg32

GetOpenFileNameW
GetSaveFileNameW

Sections

.text
Size: 930KB - Virtual size: 930KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcd973cdeb2864904100d0c06056c94d

Code Sign

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

57:40:e3:1f:c6:f4:ec:84:e9:21:c2:50:7a:d8:dd:79:93:3b:c8:8b:81:43:cd:71:ff:69:6a:74:93:d6:7d:b0Signer

66:f1:c3:5c:52:a8:84:68:ba:21:4f:6e:59:34:af:4f:f5:c1:c6:21Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

dbghelp

shlwapi

comctl32

msimg32

version

netapi32

comdlg32

Sections

.text Size: 930KB - Virtual size: 930KB

.rdata Size: 229KB - Virtual size: 228KB

.data Size: 12KB - Virtual size: 36KB

.rsrc Size: 192KB - Virtual size: 192KB

.reloc Size: 89KB - Virtual size: 89KB

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

33:90:bb:52:09:6a:a2:90:38:d5:65:55:73:f5:bb:63:8a:08:8b:e6
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

57:40:e3:1f:c6:f4:ec:84:e9:21:c2:50:7a:d8:dd:79:93:3b:c8:8b:81:43:cd:71:ff:69:6a:74:93:d6:7d:b0
Signer

66:f1:c3:5c:52:a8:84:68:ba:21:4f:6e:59:34:af:4f:f5:c1:c6:21
Signer

.text
Size: 930KB - Virtual size: 930KB

.rdata
Size: 229KB - Virtual size: 228KB

.data
Size: 12KB - Virtual size: 36KB

.rsrc
Size: 192KB - Virtual size: 192KB

.reloc
Size: 89KB - Virtual size: 89KB