General

Malware Config

Signatures

Files

• new.exe

  .exe windows x86

  95eaf4fd2fbe9d4cd7d4ba331c148b36

  
  

  Code Sign

  34:99:10:fc:e9:8a:6b:9f:46:fb:58:1f:bb:20:ee:ca

  Certificate

  Issuer

  CN=Eldon Tyrell,1.2.840.113549.1.9.1=#0c1c656c646f6e2e747972656c6c40747972656c6c2d636f72702e636f6d

  Not Before

  30-03-2022 08:15

  Not After

  30-03-2023 08:35

  Subject

  CN=Eldon Tyrell,1.2.840.113549.1.9.1=#0c1c656c646f6e2e747972656c6c40747972656c6c2d636f72702e636f6d

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  13:78:56:17:7d:b2:4d:ca:db:32:75:31:52:5f:a0:37:a9:d7:44:bf:86:eb:07:fa:f1:e6:60:e2:79:26:16:89

  Signer

  Actual PE Digest

  13:78:56:17:7d:b2:4d:ca:db:32:75:31:52:5f:a0:37:a9:d7:44:bf:86:eb:07:fa:f1:e6:60:e2:79:26:16:89

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Eldon Tyrell,1.2.840.113549.1.9.1=#0c1c656c646f6e2e747972656c6c40747972656c6c2d636f72702e636f6d

  12-05-2022 17:51

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_SYSTEM

  IMAGE_FILE_UP_SYSTEM_ONLY

  Imports

  kernel32

  GetComputerNameA

  FillConsoleOutputCharacterA

  GetPrivateProfileSectionNamesW

  GetFileSize

  SetPriorityClass

  WriteConsoleInputW

  lstrlenA

  TlsGetValue

  FindResourceExW

  SetConsoleTextAttribute

  SetEnvironmentVariableW

  GetModuleHandleExW

  SetComputerNameW

  AddConsoleAliasW

  CreateDirectoryExA

  CallNamedPipeW

  FreeEnvironmentStringsA

  GetCurrentThread

  GetConsoleAliasesLengthA

  EnumTimeFormatsA

  SetProcessPriorityBoost

  ActivateActCtx

  LoadLibraryW

  ReadConsoleInputA

  SetVolumeMountPointA

  GetVersionExW

  GetFileAttributesA

  SetConsoleMode

  WriteConsoleW

  WritePrivateProfileSectionW

  IsDBCSLeadByte

  CompareStringW

  SetThreadPriority

  VerifyVersionInfoW

  ReleaseActCtx

  SetCurrentDirectoryA

  SetThreadLocale

  GetStdHandle

  FindFirstFileExA

  GetHandleInformation

  GetLastError

  GetCurrentDirectoryW

  GetProcAddress

  GetProcessHeaps

  MoveFileW

  CopyFileA

  SetStdHandle

  LoadLibraryA

  OpenMutexA

  ProcessIdToSessionId

  OpenWaitableTimerW

  LocalAlloc

  DnsHostnameToComputerNameA

  SetFileApisToANSI

  WriteProfileSectionW

  AddAtomA

  GlobalWire

  SetConsoleCursorInfo

  DebugSetProcessKillOnExit

  SetConsoleTitleW

  ContinueDebugEvent

  BuildCommDCBA

  VirtualProtect

  CompareStringA

  SetProcessShutdownParameters

  OpenSemaphoreW

  GetVersionExA

  LocalSize

  FindAtomW

  GetWindowsDirectoryW

  FindActCtxSectionStringW

  ReadConsoleOutputCharacterW

  OpenFileMappingA

  GlobalReAlloc

  GetProfileSectionW

  CommConfigDialogW

  GetVolumeInformationW

  CloseHandle

  CreateFileW

  LCMapStringW

  InterlockedIncrement

  InterlockedDecrement

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  EncodePointer

  DecodePointer

  DeleteFileA

  GetModuleHandleW

  ExitProcess

  MultiByteToWideChar

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  GetModuleFileNameW

  HeapValidate

  IsBadReadPtr

  RaiseException

  RtlUnwind

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  InitializeCriticalSectionAndSpinCount

  WriteFile

  GetACP

  GetOEMCP

  GetCPInfo

  IsValidCodePage

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  TlsFree

  SetLastError

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetModuleFileNameA

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  HeapCreate

  OutputDebugStringA

  OutputDebugStringW

  HeapAlloc

  HeapReAlloc

  HeapSize

  HeapQueryInformation

  HeapFree

  GetStringTypeW

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  user32

  GetComboBoxInfo

  GetMenuBarInfo

  Sections

  .code

  Size: 465KB - Virtual size: 465KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 47KB - Virtual size: 47KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 21KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 41KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .bss

  Size: 37KB - Virtual size: 37KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .00cfg

  Size: 37KB - Virtual size: 37KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .ndata

  Size: 37KB - Virtual size: 37KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .debug

  Size: 165KB - Virtual size: 165KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .00cfg

  Size: 708KB - Virtual size: 708KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ