8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741

Sharing

Copy URL

Twitter E-mail

General

Target

8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741
Size

1.6MB
MD5

b5d3bb71ea746a115af16ec859cb0cbf
SHA1

8a56a6da989c5a1e4bceea554de821387e9e01e7
SHA256

8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741
SHA512

9025428ba9c3c48863a6415603e5e1b157f548fb3e637ee31e21eaa7a0a6c3bd8a535fae2a17ad27ea937ad5e9084ae3d3a8e16f85a49779ce2d66a351ac699e
SSDEEP

24576:W7px+J+5QQgo4QdSva2t5WO84c7xrV0z3DsZsaBUsIQM59Ue956YuVRaqCP6kUV:k6J7Ho49B7cNJ0/6Unv59x/6l6xQ

Score

N/A

Malware Config

Signatures

Files

8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741
.exe windows x86

27b63bcc734d66ffb8c9186c736c20a8

Code Sign

68:fb:bc:e1:f6:ba:c9:a4:4b:eb:ee:87:3b:18:67:b0
Certificate

Issuer

CN=Polaroid Candy KO (PVL-7008-02)

Not Before

17-01-2022 13:47

Not After

18-01-2032 13:47

Subject

CN=Polaroid Candy KO (PVL-7008-02)

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1
Signer

Actual PE Digest

a8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Polaroid Candy KO (PVL-7008-02)

18-01-2022 13:28
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

GetDesktopWindow

advapi32

GetUserNameA

comctl32

PropertySheet

Sections

BSS
Size: - Virtual size: 3.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27b63bcc734d66ffb8c9186c736c20a8

Code Sign

68:fb:bc:e1:f6:ba:c9:a4:4b:eb:ee:87:3b:18:67:b0Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

a8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1Signer

Signature Validations

Verification

18-01-2022 13:28 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

BSS Size: - Virtual size: 3.3MB

.pdata Size: 512B - Virtual size: 4KB

.rsrc Size: 131KB - Virtual size: 131KB

DATA Size: 94KB - Virtual size: 96KB

68:fb:bc:e1:f6:ba:c9:a4:4b:eb:ee:87:3b:18:67:b0
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

a8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1
Signer

18-01-2022 13:28
Valid: false

BSS
Size: - Virtual size: 3.3MB

.pdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 131KB - Virtual size: 131KB

DATA
Size: 94KB - Virtual size: 96KB