ScreenShot
| Created | 2024.10.17 16:44 | Machine | s1_win7_x6403 |
| Filename | ChromePass.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 51 detected (AIDetectMalware, ChromePass, Malicious, score, Tool, PassView, NirSoft, ChromePassView, Unsafe, Hacktool, Vkn6, PasswordRevealer, high confidence, PSWTool, D potentially unsafe, ChromePassVariant, jpsxrt, 094ofYYs1NG, NirsoftPT, NirPassView, Detected, rssnv, ZexaCO, oq0@aCVNqUnO, Gencirc, ai score=78, PossibleThreat) | ||
| md5 | a892c43b0cf244f070f97fafdb224cf4 | ||
| sha256 | 4b127e7b83148bfbe56bd83e4b95b2a4fdb69e1c9fa4e0c021a3bfb7b02d8a16 | ||
| ssdeep | 3072:xuPjHEpDzJHyUXMGI3SdBqc0b1/4NNkQmRf/9E8B0Gt9vFpy8vs971kBJ3y57TqM:4PjHuhM52BqBgvkQmB/lXRk6B9kPqck | ||
| imphash | 1e5e3ffcadaf7ce3dde86165afb33e9f | ||
| impfuzzy | 96:IM8PbFqi44uG3QXR5/m6lHjsxsril9vFiqvoRdVlIG:IMgbIiLPAB5/rQl9vFi6WlIG | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 51 AntiVirus engines on VirusTotal as malicious |
| notice | Steals private information from local Internet browsers |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
msvcrt.dll
0x4302ec modf
0x4302f0 wcsrchr
0x4302f4 _gmtime64
0x4302f8 memmove
0x4302fc _itow
0x430300 _wcslwr
0x430304 _purecall
0x430308 __dllonexit
0x43030c _onexit
0x430310 _c_exit
0x430314 _exit
0x430318 _XcptFilter
0x43031c _cexit
0x430320 _wtoi
0x430324 _wcmdln
0x430328 __wgetmainargs
0x43032c log
0x430330 abs
0x430334 _wcsicmp
0x430338 wcscmp
0x43033c wcschr
0x430340 wcslen
0x430344 wcscpy
0x430348 wcsncat
0x43034c _snwprintf
0x430350 wcscat
0x430354 isxdigit
0x430358 strftime
0x43035c isalnum
0x430360 strlen
0x430364 isdigit
0x430368 wcstoul
0x43036c _memicmp
0x430370 ??2@YAPAXI@Z
0x430374 exit
0x430378 ??3@YAXPAX@Z
0x43037c malloc
0x430380 realloc
0x430384 isspace
0x430388 free
0x43038c strcmp
0x430390 toupper
0x430394 memset
0x430398 memcmp
0x43039c memcpy
0x4303a0 atoi
0x4303a4 tolower
0x4303a8 _initterm
0x4303ac __setusermatherr
0x4303b0 _adjust_fdiv
0x4303b4 __p__commode
0x4303b8 __p__fmode
0x4303bc __set_app_type
0x4303c0 _controlfp
0x4303c4 _except_handler3
COMCTL32.dll
0x430010 CreateStatusWindowW
0x430014 ImageList_AddMasked
0x430018 ImageList_SetImageCount
0x43001c ImageList_Create
0x430020 None
0x430024 ImageList_ReplaceIcon
0x430028 CreateToolbarEx
KERNEL32.dll
0x430058 OpenProcess
0x43005c ExitProcess
0x430060 GetCurrentProcess
0x430064 SetErrorMode
0x430068 GetPrivateProfileStringW
0x43006c EnumResourceNamesW
0x430070 GetPrivateProfileIntW
0x430074 CopyFileW
0x430078 FindFirstFileW
0x43007c GetModuleFileNameW
0x430080 LockResource
0x430084 GetTempFileNameW
0x430088 GetDateFormatW
0x43008c GetTimeFormatW
0x430090 GetWindowsDirectoryW
0x430094 GlobalLock
0x430098 FormatMessageW
0x43009c FindClose
0x4300a0 EnumResourceTypesW
0x4300a4 GetModuleHandleA
0x4300a8 GetStartupInfoW
0x4300ac WritePrivateProfileStringW
0x4300b0 ReadProcessMemory
0x4300b4 LockFile
0x4300b8 DeleteFileW
0x4300bc LeaveCriticalSection
0x4300c0 GetCurrentProcessId
0x4300c4 SetFilePointer
0x4300c8 GetFileAttributesA
0x4300cc GetTickCount
0x4300d0 GetSystemTimeAsFileTime
0x4300d4 GetFileAttributesW
0x4300d8 GetTempPathA
0x4300dc GetSystemTime
0x4300e0 AreFileApisANSI
0x4300e4 DeleteFileA
0x4300e8 WriteFile
0x4300ec ReadFile
0x4300f0 SetEndOfFile
0x4300f4 GetFullPathNameW
0x4300f8 CreateFileW
0x4300fc GetFullPathNameA
0x430100 InterlockedIncrement
0x430104 MultiByteToWideChar
0x430108 InitializeCriticalSection
0x43010c FlushFileBuffers
0x430110 GetTempPathW
0x430114 QueryPerformanceCounter
0x430118 WideCharToMultiByte
0x43011c CreateFileA
0x430120 GetFileSize
0x430124 DeleteCriticalSection
0x430128 GetLastError
0x43012c Sleep
0x430130 GetCurrentThreadId
0x430134 LockFileEx
0x430138 CloseHandle
0x43013c UnlockFile
0x430140 GetVersionExW
0x430144 EnterCriticalSection
0x430148 FreeLibrary
0x43014c GetProcAddress
0x430150 SystemTimeToFileTime
0x430154 CompareFileTime
0x430158 FileTimeToLocalFileTime
0x43015c LocalAlloc
0x430160 LocalFree
0x430164 GetModuleHandleW
0x430168 LoadLibraryW
0x43016c FileTimeToSystemTime
0x430170 GlobalUnlock
0x430174 GlobalAlloc
0x430178 GetSystemDirectoryW
0x43017c FindResourceW
0x430180 LoadResource
0x430184 FindNextFileW
0x430188 LoadLibraryExW
0x43018c SizeofResource
USER32.dll
0x4301b0 DrawTextExW
0x4301b4 TranslateMessage
0x4301b8 IsDialogMessageW
0x4301bc GetMessageW
0x4301c0 PostQuitMessage
0x4301c4 TrackPopupMenu
0x4301c8 BeginDeferWindowPos
0x4301cc RegisterWindowMessageW
0x4301d0 EndDeferWindowPos
0x4301d4 DispatchMessageW
0x4301d8 LoadStringW
0x4301dc EnumChildWindows
0x4301e0 DestroyWindow
0x4301e4 CreateDialogParamW
0x4301e8 DestroyMenu
0x4301ec GetDlgCtrlID
0x4301f0 DialogBoxParamW
0x4301f4 ChildWindowFromPoint
0x4301f8 LoadCursorW
0x4301fc GetSysColorBrush
0x430200 ShowWindow
0x430204 SetCursor
0x430208 GetClientRect
0x43020c SetWindowTextW
0x430210 UpdateWindow
0x430214 SetDlgItemTextW
0x430218 GetDlgItemTextW
0x43021c GetSystemMetrics
0x430220 DeferWindowPos
0x430224 CreateWindowExW
0x430228 GetWindowRect
0x43022c GetDlgItemInt
0x430230 SendDlgItemMessageW
0x430234 EndDialog
0x430238 GetDlgItem
0x43023c InvalidateRect
0x430240 SetDlgItemInt
0x430244 SetWindowPos
0x430248 GetWindowPlacement
0x43024c LoadAcceleratorsW
0x430250 PostMessageW
0x430254 DefWindowProcW
0x430258 SendMessageW
0x43025c TranslateAcceleratorW
0x430260 RegisterClassW
0x430264 MessageBoxW
0x430268 SetMenu
0x43026c LoadImageW
0x430270 LoadIconW
0x430274 SetWindowLongW
0x430278 GetWindowLongW
0x43027c SetFocus
0x430280 SetClipboardData
0x430284 GetDC
0x430288 EnableWindow
0x43028c MapWindowPoints
0x430290 EmptyClipboard
0x430294 EnableMenuItem
0x430298 ReleaseDC
0x43029c GetClassNameW
0x4302a0 OpenClipboard
0x4302a4 GetMenuStringW
0x4302a8 CloseClipboard
0x4302ac GetMenuItemCount
0x4302b0 MoveWindow
0x4302b4 GetParent
0x4302b8 CheckMenuItem
0x4302bc GetCursorPos
0x4302c0 GetSysColor
0x4302c4 GetMenu
0x4302c8 GetSubMenu
0x4302cc GetWindowTextW
0x4302d0 LoadMenuW
0x4302d4 ModifyMenuW
0x4302d8 GetMenuItemInfoW
GDI32.dll
0x430030 SetBkColor
0x430034 GetDeviceCaps
0x430038 SelectObject
0x43003c SetTextColor
0x430040 CreateFontIndirectW
0x430044 SetBkMode
0x430048 DeleteObject
0x43004c GetStockObject
0x430050 GetTextExtentPoint32W
comdlg32.dll
0x4302e0 GetSaveFileNameW
0x4302e4 FindTextW
ADVAPI32.dll
0x430000 RegQueryValueExW
0x430004 RegCloseKey
0x430008 RegOpenKeyExW
SHELL32.dll
0x430194 ShellExecuteExW
0x430198 SHBrowseForFolderW
0x43019c SHGetPathFromIDListW
0x4301a0 SHGetMalloc
0x4301a4 SHGetFileInfoW
0x4301a8 ShellExecuteW
ole32.dll
0x4303cc CoUninitialize
0x4303d0 CoInitialize
0x4303d4 CoCreateGuid
EAT(Export Address Table) is none
msvcrt.dll
0x4302ec modf
0x4302f0 wcsrchr
0x4302f4 _gmtime64
0x4302f8 memmove
0x4302fc _itow
0x430300 _wcslwr
0x430304 _purecall
0x430308 __dllonexit
0x43030c _onexit
0x430310 _c_exit
0x430314 _exit
0x430318 _XcptFilter
0x43031c _cexit
0x430320 _wtoi
0x430324 _wcmdln
0x430328 __wgetmainargs
0x43032c log
0x430330 abs
0x430334 _wcsicmp
0x430338 wcscmp
0x43033c wcschr
0x430340 wcslen
0x430344 wcscpy
0x430348 wcsncat
0x43034c _snwprintf
0x430350 wcscat
0x430354 isxdigit
0x430358 strftime
0x43035c isalnum
0x430360 strlen
0x430364 isdigit
0x430368 wcstoul
0x43036c _memicmp
0x430370 ??2@YAPAXI@Z
0x430374 exit
0x430378 ??3@YAXPAX@Z
0x43037c malloc
0x430380 realloc
0x430384 isspace
0x430388 free
0x43038c strcmp
0x430390 toupper
0x430394 memset
0x430398 memcmp
0x43039c memcpy
0x4303a0 atoi
0x4303a4 tolower
0x4303a8 _initterm
0x4303ac __setusermatherr
0x4303b0 _adjust_fdiv
0x4303b4 __p__commode
0x4303b8 __p__fmode
0x4303bc __set_app_type
0x4303c0 _controlfp
0x4303c4 _except_handler3
COMCTL32.dll
0x430010 CreateStatusWindowW
0x430014 ImageList_AddMasked
0x430018 ImageList_SetImageCount
0x43001c ImageList_Create
0x430020 None
0x430024 ImageList_ReplaceIcon
0x430028 CreateToolbarEx
KERNEL32.dll
0x430058 OpenProcess
0x43005c ExitProcess
0x430060 GetCurrentProcess
0x430064 SetErrorMode
0x430068 GetPrivateProfileStringW
0x43006c EnumResourceNamesW
0x430070 GetPrivateProfileIntW
0x430074 CopyFileW
0x430078 FindFirstFileW
0x43007c GetModuleFileNameW
0x430080 LockResource
0x430084 GetTempFileNameW
0x430088 GetDateFormatW
0x43008c GetTimeFormatW
0x430090 GetWindowsDirectoryW
0x430094 GlobalLock
0x430098 FormatMessageW
0x43009c FindClose
0x4300a0 EnumResourceTypesW
0x4300a4 GetModuleHandleA
0x4300a8 GetStartupInfoW
0x4300ac WritePrivateProfileStringW
0x4300b0 ReadProcessMemory
0x4300b4 LockFile
0x4300b8 DeleteFileW
0x4300bc LeaveCriticalSection
0x4300c0 GetCurrentProcessId
0x4300c4 SetFilePointer
0x4300c8 GetFileAttributesA
0x4300cc GetTickCount
0x4300d0 GetSystemTimeAsFileTime
0x4300d4 GetFileAttributesW
0x4300d8 GetTempPathA
0x4300dc GetSystemTime
0x4300e0 AreFileApisANSI
0x4300e4 DeleteFileA
0x4300e8 WriteFile
0x4300ec ReadFile
0x4300f0 SetEndOfFile
0x4300f4 GetFullPathNameW
0x4300f8 CreateFileW
0x4300fc GetFullPathNameA
0x430100 InterlockedIncrement
0x430104 MultiByteToWideChar
0x430108 InitializeCriticalSection
0x43010c FlushFileBuffers
0x430110 GetTempPathW
0x430114 QueryPerformanceCounter
0x430118 WideCharToMultiByte
0x43011c CreateFileA
0x430120 GetFileSize
0x430124 DeleteCriticalSection
0x430128 GetLastError
0x43012c Sleep
0x430130 GetCurrentThreadId
0x430134 LockFileEx
0x430138 CloseHandle
0x43013c UnlockFile
0x430140 GetVersionExW
0x430144 EnterCriticalSection
0x430148 FreeLibrary
0x43014c GetProcAddress
0x430150 SystemTimeToFileTime
0x430154 CompareFileTime
0x430158 FileTimeToLocalFileTime
0x43015c LocalAlloc
0x430160 LocalFree
0x430164 GetModuleHandleW
0x430168 LoadLibraryW
0x43016c FileTimeToSystemTime
0x430170 GlobalUnlock
0x430174 GlobalAlloc
0x430178 GetSystemDirectoryW
0x43017c FindResourceW
0x430180 LoadResource
0x430184 FindNextFileW
0x430188 LoadLibraryExW
0x43018c SizeofResource
USER32.dll
0x4301b0 DrawTextExW
0x4301b4 TranslateMessage
0x4301b8 IsDialogMessageW
0x4301bc GetMessageW
0x4301c0 PostQuitMessage
0x4301c4 TrackPopupMenu
0x4301c8 BeginDeferWindowPos
0x4301cc RegisterWindowMessageW
0x4301d0 EndDeferWindowPos
0x4301d4 DispatchMessageW
0x4301d8 LoadStringW
0x4301dc EnumChildWindows
0x4301e0 DestroyWindow
0x4301e4 CreateDialogParamW
0x4301e8 DestroyMenu
0x4301ec GetDlgCtrlID
0x4301f0 DialogBoxParamW
0x4301f4 ChildWindowFromPoint
0x4301f8 LoadCursorW
0x4301fc GetSysColorBrush
0x430200 ShowWindow
0x430204 SetCursor
0x430208 GetClientRect
0x43020c SetWindowTextW
0x430210 UpdateWindow
0x430214 SetDlgItemTextW
0x430218 GetDlgItemTextW
0x43021c GetSystemMetrics
0x430220 DeferWindowPos
0x430224 CreateWindowExW
0x430228 GetWindowRect
0x43022c GetDlgItemInt
0x430230 SendDlgItemMessageW
0x430234 EndDialog
0x430238 GetDlgItem
0x43023c InvalidateRect
0x430240 SetDlgItemInt
0x430244 SetWindowPos
0x430248 GetWindowPlacement
0x43024c LoadAcceleratorsW
0x430250 PostMessageW
0x430254 DefWindowProcW
0x430258 SendMessageW
0x43025c TranslateAcceleratorW
0x430260 RegisterClassW
0x430264 MessageBoxW
0x430268 SetMenu
0x43026c LoadImageW
0x430270 LoadIconW
0x430274 SetWindowLongW
0x430278 GetWindowLongW
0x43027c SetFocus
0x430280 SetClipboardData
0x430284 GetDC
0x430288 EnableWindow
0x43028c MapWindowPoints
0x430290 EmptyClipboard
0x430294 EnableMenuItem
0x430298 ReleaseDC
0x43029c GetClassNameW
0x4302a0 OpenClipboard
0x4302a4 GetMenuStringW
0x4302a8 CloseClipboard
0x4302ac GetMenuItemCount
0x4302b0 MoveWindow
0x4302b4 GetParent
0x4302b8 CheckMenuItem
0x4302bc GetCursorPos
0x4302c0 GetSysColor
0x4302c4 GetMenu
0x4302c8 GetSubMenu
0x4302cc GetWindowTextW
0x4302d0 LoadMenuW
0x4302d4 ModifyMenuW
0x4302d8 GetMenuItemInfoW
GDI32.dll
0x430030 SetBkColor
0x430034 GetDeviceCaps
0x430038 SelectObject
0x43003c SetTextColor
0x430040 CreateFontIndirectW
0x430044 SetBkMode
0x430048 DeleteObject
0x43004c GetStockObject
0x430050 GetTextExtentPoint32W
comdlg32.dll
0x4302e0 GetSaveFileNameW
0x4302e4 FindTextW
ADVAPI32.dll
0x430000 RegQueryValueExW
0x430004 RegCloseKey
0x430008 RegOpenKeyExW
SHELL32.dll
0x430194 ShellExecuteExW
0x430198 SHBrowseForFolderW
0x43019c SHGetPathFromIDListW
0x4301a0 SHGetMalloc
0x4301a4 SHGetFileInfoW
0x4301a8 ShellExecuteW
ole32.dll
0x4303cc CoUninitialize
0x4303d0 CoInitialize
0x4303d4 CoCreateGuid
EAT(Export Address Table) is none