Static task
static1
Behavioral task
behavioral1
Sample
3b8aa90ed1f241485bce6c194bb553fcd8dc1e06c94ddc95e5f36dcccdb341be.exe
Resource
win7-20220414-en
General
-
Target
3b8aa90ed1f241485bce6c194bb553fcd8dc1e06c94ddc95e5f36dcccdb341be
-
Size
484KB
-
MD5
124d636100ebd7a0150b180a54536108
-
SHA1
1961e8a42971d2d40226f9c5bc405e81430d10b0
-
SHA256
3b8aa90ed1f241485bce6c194bb553fcd8dc1e06c94ddc95e5f36dcccdb341be
-
SHA512
b55d5380f4d02881838591a15047a42c8da784faf78a0f0aa592d7c9be6aa240bd0c30fc606c018ccec645afdbd05958a0e3e3fc2aebe2edbd7a4b96ce12194f
-
SSDEEP
12288:1KTJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJB:1KTJJJJJJJJJJJJJJJJJJJJJJJJJJJJB
Malware Config
Signatures
Files
-
3b8aa90ed1f241485bce6c194bb553fcd8dc1e06c94ddc95e5f36dcccdb341be.exe windows x86
89f6ba148ce2c43cce9d2d610a7a25fb
Code Sign
01Certificate
IssuerCN=DC main,O=DiTAS corp,C=ESNot Before13-02-2019 18:30Not After13-02-2020 18:30SubjectCN=DC main,O=DiTAS corp,C=ES4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before31-12-2015 00:00Not After09-07-2019 18:40SubjectCN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
4e:8e:02:7a:69:84:c1:42:74:7a:f6:61:77:15:d6:53:c3:26:24:f2:8b:bb:7a:35:db:c5:dd:8a:dd:3e:ab:cbSigner
Actual PE Digest4e:8e:02:7a:69:84:c1:42:74:7a:f6:61:77:15:d6:53:c3:26:24:f2:8b:bb:7a:35:db:c5:dd:8a:dd:3e:ab:cbDigest Algorithmsha256PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=DC main,O=DiTAS corp,C=ES13-02-2019 21:38 Valid: false
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord660
ord595
ord526
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord609
ProcCallEngine
ord100
ord616
Sections
.text Size: 464KB - Virtual size: 460KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ