0537727df1752f4975690851f5508f469f94a5a9c79bb56dfd2d0c51eb1f2a23

Sharing

Copy URL

Twitter E-mail

General

Target

0537727df1752f4975690851f5508f469f94a5a9c79bb56dfd2d0c51eb1f2a23
Size

132KB
MD5

67fa4e3a599feb0be78f7343720a35a6
SHA1

b06fc0530031bc0eba9f9c15ce7610dca17d94f5
SHA256

0537727df1752f4975690851f5508f469f94a5a9c79bb56dfd2d0c51eb1f2a23
SHA512

706e706f6709fb323e68c1d2ef717bb4c46be2b3c1746d3e425d965d78ad4827be975cb4d28ace2fd1ba307cf2a8d98914907421794b4e60e3bc5d0ce5616952
SSDEEP

3072:U0Ecsz3+wLvN0YBn/+kuSmR8+J2xixlxCEHIOH5Se:JNgmm+P3K+JpxhH5z

Score

N/A

Malware Config

Signatures

Files

0537727df1752f4975690851f5508f469f94a5a9c79bb56dfd2d0c51eb1f2a23
.exe windows x86

31d9be2b06d437d713996f40ba72848e

Code Sign

62:1e:92:61:61:f7:d6:a1:46:f8:f2:37:6f:cb:f1:1f
Certificate

Issuer

CN=WBDEVWJTKIIYVHPJIS

Not Before

02-05-2019 20:03

Not After

31-12-2039 23:59

Subject

CN=WBDEVWJTKIIYVHPJIS

Extended Key Usages

ExtKeyUsageCodeSigning

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:d4:e8:6f:32:fb:cb:f0:8b:2b:e0:43:3e:20:c4:5e:6e:e3:32:43:59:8f:86:73:94:81:8c:56:35:1e:a4:1c
Signer

Actual PE Digest

41:d4:e8:6f:32:fb:cb:f0:8b:2b:e0:43:3e:20:c4:5e:6e:e3:32:43:59:8f:86:73:94:81:8c:56:35:1e:a4:1c

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=WBDEVWJTKIIYVHPJIS

03-05-2019 08:03
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetModuleHandleA

user32

GetProcessWindowStation
GetQueueStatus
LoadCursorFromFileW
PaintDesktop
CharUpperA
IsWindow
GetSysColorBrush
IsClipboardFormatAvailable
AnyPopup
CloseWindowStation
GetDesktopWindow
GetClipboardOwner
GetThreadDesktop
GetCaretBlinkTime
DestroyWindow
GetKeyState
IsIconic
GetTopWindow
GetSysColor
GetListBoxInfo
CharNextW
IsWindowVisible
CharToOemBuffA
CharNextExA

gdi32

DeleteObject
UpdateColors
GetLayout
CreateMetaFileW
DeleteEnhMetaFile
GetTextAlign
GetDCPenColor
CloseMetaFile
CreateMetaFileA
FillPath
RealizePalette
EndDoc
SwapBuffers
GetFontLanguageInfo
GetSystemPaletteUse

advapi32

RegOpenKeyA
RegQueryValueExA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_controlfp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d9be2b06d437d713996f40ba72848e

Code Sign

62:1e:92:61:61:f7:d6:a1:46:f8:f2:37:6f:cb:f1:1fCertificate

Extended Key Usages

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate

Extended Key Usages

Key Usages

41:d4:e8:6f:32:fb:cb:f0:8b:2b:e0:43:3e:20:c4:5e:6e:e3:32:43:59:8f:86:73:94:81:8c:56:35:1e:a4:1cSigner

Signature Validations

Verification

03-05-2019 08:03 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 36KB - Virtual size: 35KB

62:1e:92:61:61:f7:d6:a1:46:f8:f2:37:6f:cb:f1:1f
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

41:d4:e8:6f:32:fb:cb:f0:8b:2b:e0:43:3e:20:c4:5e:6e:e3:32:43:59:8f:86:73:94:81:8c:56:35:1e:a4:1c
Signer

03-05-2019 08:03
Valid: false

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 36KB - Virtual size: 35KB