General

Malware Config

Signatures

Files

• edc12b00df9b14ff11d99f6b98bf439d7544d1e99ebffff4a6b55e633a4fd94b

  .rar
• Sverka maj.exe

  .exe windows x86

  10f459a72d95e0912e5fc24662dbfdf6

  
  

  Code Sign

  08:87:dc:8e:20:69:d1:b8:45:19:ed:a7:65:18:19:8c

  Certificate

  Issuer

  CN=GDITUVVWZFAHWMWLWE

  Not Before

  25-05-2020 21:38

  Not After

  31-12-2039 23:59

  Subject

  CN=GDITUVVWZFAHWMWLWE

  Extended Key Usages

  ExtKeyUsageCodeSigning

  1c:be:81:e7:81:00:58:7e:73:43:eb:3a:2f:4d:f7:70:94:e7:38:88

  Signer

  Actual PE Digest

  1c:be:81:e7:81:00:58:7e:73:43:eb:3a:2f:4d:f7:70:94:e7:38:88

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=GDITUVVWZFAHWMWLWE

  18-05-2022 18:07

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  LoadLibraryA

  GetProcAddress

  GetModuleHandleA

  GetLastError

  user32

  LoadIconW

  DefWindowProcA

  GetDesktopWindow

  GetFocus

  LoadCursorFromFileA

  winmm

  PlaySoundA

  Sections

  .text

  Size: 55KB - Virtual size: 54KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 58KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 67KB - Virtual size: 66KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ