General

Malware Config

Signatures

Files

• 146fc0ebaf0bb0706e9710a6b177c9fb7f3722637eb15eeb775e3974ded41286

  .zip
• 146fc0ebaf0bb0706e9710a6b177c9fb7f3722637eb15eeb775e3974ded41286

  .dll windows x86

  
  

  Code Sign

  48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16

  Certificate

  Issuer

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  25-05-2021 00:00

  Not After

  31-12-2028 23:59

  Subject

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a

  Certificate

  Issuer

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Not Before

  22-03-2021 00:00

  Not After

  21-03-2036 23:59

  Subject

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  58:af:00:ce:54:27:60:fc:11:6b:41:fa:92:e1:85:89

  Certificate

  Issuer

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Not Before

  10-06-2022 00:00

  Not After

  10-06-2023 23:59

  Subject

  CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  1b:c4:4d:ef:c1:a3:28:76:88:7e:56:d7:c0:b5:a1:c2:96:ac:77:cc:ae:32:29:b7:92:50:dd:65:29:3f:90:d3

  Signer

  Actual PE Digest

  1b:c4:4d:ef:c1:a3:28:76:88:7e:56:d7:c0:b5:a1:c2:96:ac:77:cc:ae:32:29:b7:92:50:dd:65:29:3f:90:d3

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

  23-06-2022 17:32

  Valid: true

  Chain 1

  CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Sections

  CODE

  Size: 810KB - Virtual size: 810KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  DATA

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  BSS

  Size: - Virtual size: 3KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 164KB - Virtual size: 164KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ