ORDEN DE COMPRA 80107[.]pdf________________________[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ORDEN DE COMPRA 80107.pdf________________________.exe
Size

229KB
MD5

af7c27fd6e49538aa93a667d67463c51
SHA1

e2da9a0143a07da2b2c498f4622ea5db21d9298f
SHA256

d7553925a2f9d9840cd23da20f66fcbfb3e7eca2f24c624e2f6139181eefc138
SHA512

6fdf0a2efc97e8c69c8aa97d4a2f47826c7bc201a8db4323f41ac097925c0c5e919ec7df5e72579d61dab3e7e38f8e8a324ca8a336b55e2ce756838a9bd08122
SSDEEP

3072:sXFgpRlMXzGWG2z7JHEsmVT0s4L9b3DJpRMWXXHRVo:gORmw2zFEVT54NR18

Score

N/A

Malware Config

Signatures

Files

ORDEN DE COMPRA 80107.pdf________________________.exe
.exe windows x86

021148ab9e3c0ac12b1105f8e3760ae5

Code Sign

Certificate

Issuer

CN=keraphyllous,OU=HOVEDSTADSKOMMUNE,O=Architecure,L=EUKALYPTUSOLIEN,ST=Prointegration,C=IR,1.2.840.113549.1.9.1=#0c1d44696574697469616e7340546572726f72697a6174696f6e73362e5369

Not Before

24-01-2022 08:41

Not After

24-01-2023 08:41

Subject

CN=keraphyllous,OU=HOVEDSTADSKOMMUNE,O=Architecure,L=EUKALYPTUSOLIEN,ST=Prointegration,C=IR,1.2.840.113549.1.9.1=#0c1d44696574697469616e7340546572726f72697a6174696f6e73362e5369

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:89:d9:29:ee:23:54:48:56:7a:b5:fe:d9:e2:f1:cf:4f:12:46:91:d0:60:3b:90:bb:c5:07:b8:5d:c9:16:64
Signer

Actual PE Digest

34:89:d9:29:ee:23:54:48:56:7a:b5:fe:d9:e2:f1:cf:4f:12:46:91:d0:60:3b:90:bb:c5:07:b8:5d:c9:16:64

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=keraphyllous,OU=HOVEDSTADSKOMMUNE,O=Architecure,L=EUKALYPTUSOLIEN,ST=Prointegration,C=IR,1.2.840.113549.1.9.1=#0c1d44696574697469616e7340546572726f72697a6174696f6e73362e5369

24-01-2022 08:41
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
_CIcos
_adj_fptan
__vbaHresultCheck
__vbaStrI4
__vbaVarMove
__vbaFreeVar
ord587
__vbaStrVarMove
__vbaLenBstr
ord588
ord696
__vbaFreeVarList
_adj_fdiv_m64
ord698
ord514
__vbaFreeObjList
ord515
_adj_fprem1
ord518
ord519
__vbaStrCat
ord660
__vbaHresultCheckObj
__vbaLenBstrB
ord557
_adj_fdiv_m32
ord666
__vbaVarTstLe
__vbaAryDestruct
ord593
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord703
ord705
ord522
ord523
_CIsin
ord524
ord631
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaGet3
__vbaStrCmp
__vbaObjVar
ord670
ord564
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
_adj_fprem
_adj_fdivr_m64
ord714
ord607
ord716
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
ord648
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord574
__vbaFreeStrList
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
ord689
ord610
__vbaVarDup
ord613
__vbaVarTstGe
__vbaFpI4
ord616
__vbaLateMemCallLd
ord617
_CIatan
__vbaStrMove
ord618
ord542
_allmul
ord651
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

021148ab9e3c0ac12b1105f8e3760ae5

Code Sign

Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

34:89:d9:29:ee:23:54:48:56:7a:b5:fe:d9:e2:f1:cf:4f:12:46:91:d0:60:3b:90:bb:c5:07:b8:5d:c9:16:64Signer

Signature Validations

Verification

24-01-2022 08:41 Valid: false

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 164KB - Virtual size: 161KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 52KB - Virtual size: 51KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

34:89:d9:29:ee:23:54:48:56:7a:b5:fe:d9:e2:f1:cf:4f:12:46:91:d0:60:3b:90:bb:c5:07:b8:5d:c9:16:64
Signer

24-01-2022 08:41
Valid: false

.text
Size: 164KB - Virtual size: 161KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 52KB - Virtual size: 51KB