General

Malware Config

Signatures

Files

• b79524c98bfa18999ed070b243ada769bb7295419d510042eb25eba37c2c227c

  .exe windows x86

  eaf84746ba1da54d38029bc1277e3b05

  
  

  Code Sign

  54:ed:48:47:4d:39:20:85:44:7d:5b:b8:0e:18:22:b8

  Certificate

  Issuer

  CN=Kingston Fury Beast DDR4 4x8Gb HE432C16BBK2/32

  Not Before

  27-01-2022 11:51

  Not After

  28-01-2032 11:51

  Subject

  CN=Kingston Fury Beast DDR4 4x8Gb HE432C16BBK2/32

  8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  23-10-2020 00:00

  Not After

  22-01-2032 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  fb:34:4d:0b:59:c6:52:99:bc:5f:3d:52:66:68:86:3b:75:57:0b:c4:ae:8d:8b:c6:87:f4:13:21:55:a8:85:96

  Signer

  Actual PE Digest

  fb:34:4d:0b:59:c6:52:99:bc:5f:3d:52:66:68:86:3b:75:57:0b:c4:ae:8d:8b:c6:87:f4:13:21:55:a8:85:96

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Kingston Fury Beast DDR4 4x8Gb HE432C16BBK2/32

  28-01-2022 14:03

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleHandleA

  user32

  CopyRect

  advapi32

  RegQueryValueW

  mscoree

  _CorExeMain

  shell32

  SHGetDiskFreeSpaceExW

  comctl32

  DllGetVersion

  Sections

  .pdata

  Size: - Virtual size: 232KB

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .idata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 189KB - Virtual size: 189KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didata

  Size: 94KB - Virtual size: 96KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE