General

Malware Config

Signatures

Files

• d698370bf405a8cd74807fece4ed957e39a6e78a792a765c90b8a39b8af1f2cb

  .dll windows x86

  
  

  Code Sign

  48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16

  Certificate

  Issuer

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  25-05-2021 00:00

  Not After

  31-12-2028 23:59

  Subject

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a

  Certificate

  Issuer

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  Not Before

  22-03-2021 00:00

  Not After

  21-03-2036 23:59

  Subject

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  1f:8f:51:90:91:c7:04:ff:22:0b:6b:18:97:f8:7a:bc

  Certificate

  Issuer

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  Not Before

  10-02-2022 00:00

  Not After

  10-02-2023 23:59

  Subject

  CN=BUM NOTE LIMITED,O=BUM NOTE LIMITED,ST=London,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  9b:71:7a:da:48:2b:60:07:61:2b:70:63:b0:6c:38:69:be:37:30:1a:f3:19:77:4b:b2:49:34:e6:00:18:e4:e5

  Signer

  Actual PE Digest

  9b:71:7a:da:48:2b:60:07:61:2b:70:63:b0:6c:38:69:be:37:30:1a:f3:19:77:4b:b2:49:34:e6:00:18:e4:e5

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  CN=BUM NOTE LIMITED,O=BUM NOTE LIMITED,ST=London,C=GB

  23-06-2022 17:36

  Valid: true

  Chain 1

  CN=BUM NOTE LIMITED,O=BUM NOTE LIMITED,ST=London,C=GB

  CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

  CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

  CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Sections

  CODE

  Size: 402KB - Virtual size: 401KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  DATA

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  BSS

  Size: - Virtual size: 3KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 29KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 238KB - Virtual size: 238KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ