Static task
static1
Behavioral task
behavioral1
Sample
16ebc150998d18a2f00ba92ff7704d8e3615f6cddf8a48921b678439189a1bd3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
16ebc150998d18a2f00ba92ff7704d8e3615f6cddf8a48921b678439189a1bd3.exe
Resource
win10v2004-20220414-en
General
-
Target
16ebc150998d18a2f00ba92ff7704d8e3615f6cddf8a48921b678439189a1bd3
-
Size
501KB
-
MD5
365c7943dc2aab5777fbc8a127a5187d
-
SHA1
08aab407d36826c7dd2036d0cc260907a68cb7a9
-
SHA256
16ebc150998d18a2f00ba92ff7704d8e3615f6cddf8a48921b678439189a1bd3
-
SHA512
5cd9f4e9ad28ccce3435efd1bed18a4145a35e42e8f9258e7b5ebf61cb8ef34ea43192c39e4bc6231fa0cd4ca963200aeee62fb19f5016528968aa76a68c260a
-
SSDEEP
12288:7Qr7brW0lk+I9JE/0OTKWwKBx/9xsfRw+N:7uPZI9CMOTK7KBPxspxN
Malware Config
Signatures
Files
-
16ebc150998d18a2f00ba92ff7704d8e3615f6cddf8a48921b678439189a1bd3.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
Certificate
IssuerCN=RoyalCert Ltd.,OU=RoyalCert Certification,O=RoyalCert,L=London Center,ST=London,C=uk,1.2.840.113549.1.9.1=#0c12696e666f40726f79616c636572742e636f6dNot Before26-11-2015 05:01Not After25-11-2016 05:01SubjectCN=RoyalCert Ltd.,OU=RoyalCert Certification,O=RoyalCert,L=London Center,ST=London,C=uk,1.2.840.113549.1.9.1=#0c12696e666f40726f79616c636572742e636f6d27:be:56:bb:06:3c:7e:59:7b:d1:ca:4a:83:90:f9:77:08:04:85:54Signer
Actual PE Digest27:be:56:bb:06:3c:7e:59:7b:d1:ca:4a:83:90:f9:77:08:04:85:54Digest Algorithmsha1PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=RoyalCert Ltd.,OU=RoyalCert Certification,O=RoyalCert,L=London Center,ST=London,C=uk,1.2.840.113549.1.9.1=#0c12696e666f40726f79616c636572742e636f6d02-06-2022 18:22 Valid: false
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 388KB - Virtual size: 386KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 104KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ