General

Malware Config

Signatures

Files

• 6a3d573c5924146dca7da9666f0031b1f0a68b1733c34dadc2e98003efdaa280.exe

  .exe windows x86

  67e1469bc53427d992ffc6930ac5a6b6

  
  

  Code Sign

  67:4c:6d:bb:95:fa:0b:41:b0:f5:d0:c5:42:05:6e:c3

  Certificate

  Issuer

  CN=74775426139627757148236377924693923521191589117922621294993766952329797842987323748842468323588288723775443239621812122871662442295243673991883563259986648

  Not Before

  25-01-2013 10:30

  Not After

  31-12-2039 23:59

  Subject

  CN=74775426139627757148236377924693923521191589117922621294993766952329797842987323748842468323588288723775443239621812122871662442295243673991883563259986648

  Extended Key Usages

  ExtKeyUsageCodeSigning

  e9:a3:33:f3:93:2d:8b:84:90:6b:b0:68:b2:b1:cf:a8:05:f7:03:83

  Signer

  Actual PE Digest

  e9:a3:33:f3:93:2d:8b:84:90:6b:b0:68:b2:b1:cf:a8:05:f7:03:83

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=74775426139627757148236377924693923521191589117922621294993766952329797842987323748842468323588288723775443239621812122871662442295243673991883563259986648

  18-05-2022 18:07

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetStringTypeW

  GetSystemInfo

  GetVersionExA

  HeapCreate

  HeapDestroy

  HeapFree

  LCMapStringA

  LCMapStringW

  MultiByteToWideChar

  RtlUnwind

  GetStringTypeA

  SetLastError

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  VirtualFree

  VirtualProtect

  WriteFile

  VirtualAllocEx

  GetWindowsDirectoryW

  GetProcAddress

  GetLocaleInfoA

  GetFileType

  GetCurrentThreadId

  ExitProcess

  SetHandleCount

  DeleteCriticalSection

  user32

  LookupIconIdFromDirectory

  MessageBoxW

  PeekMessageW

  ReleaseDC

  SendDlgItemMessageW

  SetCursor

  SetDlgItemTextW

  SetForegroundWindow

  SystemParametersInfoW

  LoadIconW

  LoadStringW

  LoadCursorW

  GetSystemMetrics

  GetSystemMenu

  GetLastActivePopup

  GetDlgItem

  GetDC

  GetClientRect

  DispatchMessageW

  DestroyWindow

  CreateDialogParamW

  CopyRect

  CharNextW

  EnableMenuItem

  gdi32

  GetStockObject

  GetTextExtentPointW

  GetTextExtentExPointW

  GetDeviceCaps

  advapi32

  RegOpenKeyExA

  shell32

  SHGetSpecialFolderLocation

  SHGetPathFromIDListW

  SHChangeNotify

  SHAddToRecentDocs

  FindExecutableW

  ShellExecuteExW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  Sections

  .text

  Size: 28KB - Virtual size: 27KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 96KB - Virtual size: 95KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 730B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ