68d21d20f6a9f46d9151aae1005b0e0335a8ec731aa9793d5d234307d4b7c0d8

Sharing

Copy URL

Twitter E-mail

General

Target

68d21d20f6a9f46d9151aae1005b0e0335a8ec731aa9793d5d234307d4b7c0d8
Size

106KB
MD5

67261168c98fe70bd7132a0bd67d0ccc
SHA1

46bfbcd2fb9d4d708fee37df8d8844899b7141ac
SHA256

68d21d20f6a9f46d9151aae1005b0e0335a8ec731aa9793d5d234307d4b7c0d8
SHA512

eea00d12b35c25185100a9abc3cecbb913bd1d50f2ca0f83da37421571da5ae7fc6d9aa5f8822e855c8ab3674e173161c8b9bf639a34ae1492b56e1140b060e3
SSDEEP

3072:TZ92GPn3mMk/5gov7zsY7VyOwhw+ZnwCkRNCCRIfLN0WYT:TJP275x7zsY7mhURN7IfLN0HT

Score

N/A

Malware Config

Signatures

Files

68d21d20f6a9f46d9151aae1005b0e0335a8ec731aa9793d5d234307d4b7c0d8
.rar
Paket za proshlyj mesyac.exe
.exe windows x86

c2df530e7cb0381caa58f399f7ce6e36

Code Sign

48:26:f7:bb:e7:f7:9f:7c:b6:0b:84:d2:35:2b:ce:11
Certificate

Issuer

CN=PBDGSXTEAENVEWKAMM

Not Before

12-08-2020 23:10

Not After

31-12-2039 23:59

Subject

CN=PBDGSXTEAENVEWKAMM

Extended Key Usages

ExtKeyUsageCodeSigning

d3:4e:36:3c:d1:81:16:39:4e:3c:57:8a:96:22:a5:b4:b7:9c:92:94
Signer

Actual PE Digest

d3:4e:36:3c:d1:81:16:39:4e:3c:57:8a:96:22:a5:b4:b7:9c:92:94

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=PBDGSXTEAENVEWKAMM

18-05-2022 18:07
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
Sleep
DeviceIoControl
SetConsoleCtrlHandler
LocalAlloc
CreateFileW
GetLastError
GetModuleHandleA
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
SetUnhandledExceptionFilter
OutputDebugStringA
SetLastError
GetEnvironmentStringsW
GetEnvironmentVariableW
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
MultiByteToWideChar
VirtualAllocEx

user32

LoadIconA
GetWindowTextLengthW
LoadCursorFromFileA
PaintDesktop
IsCharLowerW
OpenIcon
IsClipboardFormatAvailable
VkKeyScanW
IsIconic
ShowCaret

gdi32

GetStockObject
GetEnhMetaFileA

advapi32

RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdat2be
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fa
Size: 689KB - Virtual size: 689KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bh
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2df530e7cb0381caa58f399f7ce6e36

Code Sign

48:26:f7:bb:e7:f7:9f:7c:b6:0b:84:d2:35:2b:ce:11Certificate

Extended Key Usages

d3:4e:36:3c:d1:81:16:39:4e:3c:57:8a:96:22:a5:b4:b7:9c:92:94Signer

Signature Validations

Verification

18-05-2022 18:07 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 608KB - Virtual size: 608KB

.rdat2be Size: 512B - Virtual size: 377B

fa Size: 689KB - Virtual size: 689KB

.data Size: 2KB - Virtual size: 2KB

.bh Size: 512B - Virtual size: 377B

.rsrc Size: 125KB - Virtual size: 124KB

48:26:f7:bb:e7:f7:9f:7c:b6:0b:84:d2:35:2b:ce:11
Certificate

d3:4e:36:3c:d1:81:16:39:4e:3c:57:8a:96:22:a5:b4:b7:9c:92:94
Signer

18-05-2022 18:07
Valid: false

.text
Size: 608KB - Virtual size: 608KB

.rdat2be
Size: 512B - Virtual size: 377B

fa
Size: 689KB - Virtual size: 689KB

.data
Size: 2KB - Virtual size: 2KB

.bh
Size: 512B - Virtual size: 377B

.rsrc
Size: 125KB - Virtual size: 124KB