General

Malware Config

Signatures

Files

• 9ff286f4a4938d6f49156f8dd7303c12ad904c3e73cd1f223a56260e7604658b

  .rar
• Otsylka za proshlyj i za etot mesyac.exe

  .exe windows x86

  7fd1635592875f20f32ecd49c75b512f

  
  

  Code Sign

  70:ec:c2:01:a9:63:bc:ab:46:ef:05:6b:39:bf:f5:ef

  Certificate

  Issuer

  CN=GVMOXNIIPFNCWPOVZJ

  Not Before

  27-05-2020 04:10

  Not After

  31-12-2039 23:59

  Subject

  CN=GVMOXNIIPFNCWPOVZJ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  46:29:e8:7b:9b:e6:72:7e:37:6e:12:9f:04:bf:cf:94:38:88:ae:6b

  Signer

  Actual PE Digest

  46:29:e8:7b:9b:e6:72:7e:37:6e:12:9f:04:bf:cf:94:38:88:ae:6b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=GVMOXNIIPFNCWPOVZJ

  18-05-2022 18:05

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleA

  GetLastError

  LoadLibraryA

  GetProcAddress

  user32

  LoadIconW

  DefWindowProcA

  GetDesktopWindow

  GetFocus

  LoadCursorFromFileA

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  winmm

  PlaySoundA

  Sections

  .text

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 58KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 65KB - Virtual size: 65KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ