d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294

Sharing

Copy URL

Twitter E-mail

General

Target

d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294
Size

1.3MB
MD5

32e5b59891ed62dbf7cc6f0163fa801e
SHA1

e3a6a29cddea56cbe6eba31f08e2a1e99f1cb296
SHA256

d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294
SHA512

fe5a60228c9771dce560c168a06827aea87dd864e5d4212b909f855255ad3dbdd47b7f8a48d9daa91478069eb9f1d26f6c7e69b598daae03883667006fed4bd9
SSDEEP

24576:pM7L5fPP6l3JdsSJuK3bD7fX3nfX3nfX3nfX3nfX3nfX3kj82c8Q:SL5HPoZ+SJ7rD7fX3nfX3nfX3nfX3nfd

Score

N/A

Malware Config

Signatures

Files

d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294
.exe windows x86

0238994ac6c4a278698a11197e0d28f4

Code Sign

07:b7:fc:5e:0e:c9:de:58:bc:31:41:94:58:b0:10:ca
Certificate

Issuer

CN=MDYBJBVCDQEWWDCFGK

Not Before

04-08-2020 09:35

Not After

31-12-2039 23:59

Subject

CN=MDYBJBVCDQEWWDCFGK

Extended Key Usages

ExtKeyUsageCodeSigning

95:9a:4b:8d:03:c4:f7:9e:51:61:de:66:9b:df:e2:f6:32:54:69:39
Signer

Actual PE Digest

95:9a:4b:8d:03:c4:f7:9e:51:61:de:66:9b:df:e2:f6:32:54:69:39

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=MDYBJBVCDQEWWDCFGK

18-05-2022 18:07
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA
RaiseException
GetCommConfig
GetDriveTypeW
GetTempFileNameA
GetProcessShutdownParameters
SetThreadContext
GetNumberOfConsoleMouseButtons
CreateNamedPipeW
DeleteFileA
GlobalUnlock
SetThreadLocale
GetPrivateProfileStringA
FlushInstructionCache
SetLastError
GetSystemInfo
GetSystemDirectoryW
GetLogicalDriveStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetModuleFileNameW
WideCharToMultiByte
DeleteFileW
InterlockedExchange
GlobalMemoryStatusEx
MultiByteToWideChar
GetLocaleInfoW
GetCurrentProcess
LeaveCriticalSection
lstrlenW
GetVersionExW
Sleep
GetSystemTimeAsFileTime
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
GetProcessTimes
GetModuleHandleW
GetTickCount
OpenProcess
InitializeCriticalSection
DeleteCriticalSection
GetLastError
CloseHandle
FreeLibrary
LoadLibraryW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
GlobalFree
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateThread
SetProcessAffinityMask
GetNativeSystemInfo
GetProcessAffinityMask
GetComputerNameW

user32

GetForegroundWindow
GetMessageTime
GetKBCodePage
GetDialogBaseUnits
GetMenuCheckMarkDimensions
GetMessageExtraInfo
GetInputState
GetDoubleClickTime
GetMessagePos
GetOpenClipboardWindow
GetFocus
LoadIconW
GetActiveWindow
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperW
ExitWindowsEx
FindWindowA
GetCapture
GetCaretPos
GetClipboardOwner
GetClipboardViewer
GetCursorPos
GetDesktopWindow
GetProcessWindowStation
GetSystemMetrics
MessageBoxA
OemToCharBuffA
OemToCharBuffW
OemToCharW
GetWindowTextLengthW
DestroyMenu
GetMouseMovePointsEx
CascadeChildWindows
GetClipboardFormatNameA
ReleaseCapture
CopyAcceleratorTableW
LookupIconIdFromDirectoryEx
UnregisterClassA
CopyAcceleratorTableA
DlgDirListComboBoxW
MapVirtualKeyW
PostThreadMessageW
EnumDisplaySettingsA
DrawMenuBar
ArrangeIconicWindows
GetScrollRange
GetWindowLongW
DrawFocusRect
DrawEdge
DrawStateW
GetWindowDC
UpdateWindow
DestroyIcon
GetIconInfo
DrawIcon
IsIconic
SetScrollPos
ShowScrollBar
KillTimer
SetTimer
SetMenuItemInfoW
GetMenuItemInfoW
UnionRect
GetMenuBarInfo
LoadMenuW
GetSubMenu
EnableMenuItem
ModifyMenuW
GetMenuState
GetMenuItemID
GetMenuItemCount
IsWindow
LoadBitmapW
GetWindowRect
OffsetRect
FrameRect
EnumDisplaySettingsW
ClientToScreen
RedrawWindow
GetScrollPos
InflateRect
IsRectEmpty
CopyRect
FillRect
SetRect
GetParent
ReleaseDC
GetDC
PtInRect
GetClientRect
SendMessageW
InvalidateRect
EnableWindow
GetSysColor

gdi32

GetStockObject
AbortPath
AddFontResourceA
GdiFlush
GdiGetBatchLimit
AbortDoc
AddFontResourceW
GetEnhMetaFileA
DeleteObject
SetPixelV
EngPaint
GdiAddGlsBounds
GdiConvertBitmapV5
PtInRegion
EngDeleteClip
GetCurrentPositionEx
UnrealizeObject
GdiIsMetaFileDC
SetBoundsRect
ExcludeClipRect
FONTOBJ_pxoGetXform
PlayMetaFileRecord
GdiPlayPageEMF
GdiConvertMetaFilePict
XFORMOBJ_bApplyXform
CheckColorsInGamut
GetTextExtentExPointI
StrokePath
CancelDC
AddFontResourceExW
GetBkColor
CreateRoundRectRgn
CreatePen
GetBkMode
GetDIBColorTable
StretchBlt
CreateDIBSection
CreateFontW
CreatePatternBrush
GetCurrentObject
DeleteDC
SelectObject
CreateFontIndirectW
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
FrameRgn
SetBrushOrgEx
SetDIBColorTable
GetTextColor
FillRgn
CreateCompatibleDC

advapi32

RegOpenKeyW
RegQueryValueExA
FreeSid
LookupAccountSidW
EqualSid
GetTokenInformation
LookupAccountNameW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
EnumServicesStatusExW
CloseServiceHandle
RegConnectRegistryW
OpenSCManagerW

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
SHCreateDirectoryExA
DragQueryFileW
FindExecutableA
SHCreateDirectoryExW
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoTaskMemFree

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantCopy

shlwapi

StrRStrIA
StrCmpNIA

comctl32

_TrackMouseEvent
InitCommonControlsEx

ws2_32

closesocket
recv
send

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0238994ac6c4a278698a11197e0d28f4

Code Sign

07:b7:fc:5e:0e:c9:de:58:bc:31:41:94:58:b0:10:caCertificate

Extended Key Usages

95:9a:4b:8d:03:c4:f7:9e:51:61:de:66:9b:df:e2:f6:32:54:69:39Signer

Signature Validations

Verification

18-05-2022 18:07 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

ws2_32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 51KB - Virtual size: 50KB

.rsrc Size: 158KB - Virtual size: 157KB

07:b7:fc:5e:0e:c9:de:58:bc:31:41:94:58:b0:10:ca
Certificate

95:9a:4b:8d:03:c4:f7:9e:51:61:de:66:9b:df:e2:f6:32:54:69:39
Signer

18-05-2022 18:07
Valid: false

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 51KB - Virtual size: 50KB

.rsrc
Size: 158KB - Virtual size: 157KB