5d5259463d19b19caad0d406b148bb7681ed4c28ebf02f02414e72c95f8be836

Sharing

Copy URL

Twitter E-mail

General

Target

5d5259463d19b19caad0d406b148bb7681ed4c28ebf02f02414e72c95f8be836
Size

3.0MB
MD5

355c04cbb0ed749bc4795599bcaaa57e
SHA1

c09899a72f303d6af66b1bb73d811aec089443e3
SHA256

5d5259463d19b19caad0d406b148bb7681ed4c28ebf02f02414e72c95f8be836
SHA512

ddcca7b3629f7c593a23b6ef10f199ca17e3738dae8de5f83278cb9112afa23ca075d748c1a6bb00ddfc88a833672ec1c7ed1b246844b8edb9ba99594c33c607
SSDEEP

49152:rPZa11IYcr0jGE3fFVJdF/IEoZzdosQtcGL7fhd6YPCbrhoj9ghi1RebpyTIg9Co:rG1Ir0j/fFDf/IEoZzdosQ2whoYPCbrS

Score

1^/10

Malware Config

Signatures

Files

5d5259463d19b19caad0d406b148bb7681ed4c28ebf02f02414e72c95f8be836
.exe windows:5 windows x86 arch:x86

c08cac77b7d41860c002e07cfa879d7b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:43:c8:c3:b9:31:c3:6b:a8:b2:99:4a:b3:c5:2a:29
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11-11-2021 00:00

Not After

11-11-2023 23:59

Subject

CN=Gstarsoft Co.\,Ltd.,O=Gstarsoft Co.\,Ltd.,L=Suzhou,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:83:24:63:75:11:31:75:3d:21:84:25:54:4e:75:bb:4a:df:fb:2b:be:7e:da:cc:7b:da:f6:b0:71:92:d7:2d
Signer

Actual PE Digest

3b:83:24:63:75:11:31:75:3d:21:84:25:54:4e:75:bb:4a:df:fb:2b:be:7e:da:cc:7b:da:f6:b0:71:92:d7:2d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\IAec\IBase\src\IWebProxy\Release\IWebProxy.pdb

Imports

kernel32

GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
WriteConsoleW
SetEnvironmentVariableA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
CreateThread
SizeofResource
ExitThread
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RtlUnwind
HeapFree
HeapAlloc
DecodePointer
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeW
EncodePointer
CreateFileW
lstrcmpiW
DeleteFileW
lstrcpyW
GetSystemDirectoryW
GetCurrentDirectoryW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
InitializeCriticalSection
GlobalFindAtomW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForSingleObject
ResumeThread
SetThreadPriority
FreeResource
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
LoadLibraryW
lstrcmpW
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
CreateEventW
GetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
WideCharToMultiByte
FreeLibrary
GetModuleFileNameW
SetLastError
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
InterlockedDecrement
InterlockedIncrement
lstrlenA
CompareStringW
GetTickCount
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetVersionExW
MultiByteToWideChar
SetEvent
OpenFileMappingW
GetCurrentThreadId
MapViewOfFile
CloseHandle
UnmapViewOfFile
FindResourceW
LoadResource
LockResource

user32

IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
CopyImage
DestroyMenu
GetMenuItemInfoW
InflateRect
IsIconic
CharUpperW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
OffsetRect
CharNextW
InvalidateRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
SetRectEmpty
DeleteMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
DestroyIcon
UnregisterClassW
LoadCursorW
FrameRect
GetDC
ReleaseDC
GetSysColorBrush
RealChildWindowFromPoint
ClientToScreen
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
CopyRect
PtInRect
RegisterWindowMessageW
GetClientRect
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetWindowRgn
DestroyCursor
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetWindowTextLengthW
GetWindowTextW
SetFocus
IsWindowEnabled
ShowWindow
DrawIcon
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetSystemMetrics
GetDoubleClickTime
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
GetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatW
PostMessageW
PostQuitMessage
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
EnableWindow
PeekMessageW
KillTimer
SetTimer
PostThreadMessageW
CopyAcceleratorTableW

gdi32

GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
CreateRectRgnIndirect
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateFontIndirectW
CreateCompatibleBitmap
SetViewportOrgEx
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
SetWindowOrgEx
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetPixel
CreateBitmap
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
GetDeviceCaps
OffsetWindowOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegEnumValueW
RegEnumKeyExW

shell32

SHAppBarMessage
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoGetClassObject
CoUninitialize
CoInitialize
CoCreateInstance
OleTranslateAccelerator
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
IsAccelerator
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoDisconnectObject
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2

oleaut32

SysAllocString
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
DispCallFunc
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringLen
SysStringByteLen
VariantChangeType
VariantCopy
SysAllocStringLen
SysFreeString
VariantInit
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

ws2_32

gethostname

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c08cac77b7d41860c002e07cfa879d7b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:43:c8:c3:b9:31:c3:6b:a8:b2:99:4a:b3:c5:2a:29Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

3b:83:24:63:75:11:31:75:3d:21:84:25:54:4e:75:bb:4a:df:fb:2b:be:7e:da:cc:7b:da:f6:b0:71:92:d7:2dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 285KB - Virtual size: 285KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 170KB - Virtual size: 170KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:43:c8:c3:b9:31:c3:6b:a8:b2:99:4a:b3:c5:2a:29
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

3b:83:24:63:75:11:31:75:3d:21:84:25:54:4e:75:bb:4a:df:fb:2b:be:7e:da:cc:7b:da:f6:b0:71:92:d7:2d
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 285KB - Virtual size: 285KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 170KB - Virtual size: 170KB