Static task
static1
General
-
Target
8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741
-
Size
1.6MB
-
MD5
b5d3bb71ea746a115af16ec859cb0cbf
-
SHA1
8a56a6da989c5a1e4bceea554de821387e9e01e7
-
SHA256
8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741
-
SHA512
9025428ba9c3c48863a6415603e5e1b157f548fb3e637ee31e21eaa7a0a6c3bd8a535fae2a17ad27ea937ad5e9084ae3d3a8e16f85a49779ce2d66a351ac699e
-
SSDEEP
24576:W7px+J+5QQgo4QdSva2t5WO84c7xrV0z3DsZsaBUsIQM59Ue956YuVRaqCP6kUV:k6J7Ho49B7cNJ0/6Unv59x/6l6xQ
Malware Config
Signatures
Files
-
8c8fd0120327d4795bcf8fcf2ce131a480ae41cf200e844bc1eb0185cd2d3741.exe windows x86
27b63bcc734d66ffb8c9186c736c20a8
Code Sign
68:fb:bc:e1:f6:ba:c9:a4:4b:eb:ee:87:3b:18:67:b0Certificate
IssuerCN=Polaroid Candy KO (PVL-7008-02)Not Before17-01-2022 13:47Not After18-01-2032 13:47SubjectCN=Polaroid Candy KO (PVL-7008-02)8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before23-10-2020 00:00Not After22-01-2032 23:59SubjectCN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-05-2019 00:00Not After18-01-2038 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
a8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1Signer
Actual PE Digesta8:aa:52:b9:cd:fc:d1:60:10:c7:1c:fd:56:e7:e7:07:ab:7c:21:12:be:5f:0f:ec:0b:e9:71:e2:95:03:9c:a1Digest Algorithmsha256PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=Polaroid Candy KO (PVL-7008-02)18-01-2022 13:28 Valid: false
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
GetDesktopWindow
advapi32
GetUserNameA
comctl32
PropertySheet
Sections
BSS Size: - Virtual size: 3.3MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 131KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DATA Size: 94KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE