General

Malware Config

Signatures

Files

• 23d25672f4db1a05b89ca99493d27125

  .eml
• New Order.rar

  .rar
• New Order.exe

  .exe windows x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  0f:f1:ef:66:bd:62:1c:65:b7:4b:4d:e4:14:25:71:7f

  Certificate

  Issuer

  CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  30-10-2013 00:00

  Not After

  04-01-2017 12:00

  Subject

  CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66

  Certificate

  Issuer

  CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  22-10-2014 00:00

  Not After

  22-10-2024 00:00

  Subject

  CN=DigiCert Timestamp Responder,O=DigiCert,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  11-02-2011 12:00

  Not After

  10-02-2026 12:00

  Subject

  CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  10-11-2006 00:00

  Not After

  10-11-2021 00:00

  Subject

  CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageServerAuth

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  ExtKeyUsageEmailProtection

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  04:0c:b4:1e:4f:b3:70:c4:5c:43:44:76:51:62:58:2f

  Certificate

  Issuer

  CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  30-10-2013 00:00

  Not After

  04-01-2017 12:00

  Subject

  CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9

  Certificate

  Issuer

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  22-10-2013 12:00

  Not After

  22-10-2028 12:00

  Subject

  CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  02:ce:42:94:59:02:a4:f3:c0:40:b0:ff:77:93:d1:4f

  Certificate

  Issuer

  CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  24-12-2015 00:00

  Not After

  07-01-2025 00:00

  Subject

  CN=DigiCert SHA2 Timestamp Responder,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15

  Certificate

  Issuer

  CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  07-01-2016 12:00

  Not After

  07-01-2031 12:00

  Subject

  CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  b2:79:c3:ad:a2:22:be:a6:80:82:fb:bf:da:77:ec:91:64:47:3e:36:bb:41:fa:0f:f5:d9:0a:0c:a3:fe:fe:ed

  Signer

  Actual PE Digest

  b2:79:c3:ad:a2:22:be:a6:80:82:fb:bf:da:77:ec:91:64:47:3e:36:bb:41:fa:0f:f5:d9:0a:0c:a3:fe:fe:ed

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

  30-06-2022 15:34

  Valid: false

  79:c7:79:e8:cd:49:3e:16:91:5a:ec:00:3a:af:13:81:a4:15:be:5a

  Signer

  Actual PE Digest

  79:c7:79:e8:cd:49:3e:16:91:5a:ec:00:3a:af:13:81:a4:15:be:5a

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

  29-03-2016 01:35

  Valid: true

  Chain 1

  CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

  CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

  CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 118KB - Virtual size: 118KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 104KB - Virtual size: 104KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• email-html-2.txt

  .html
• email-plain-1.txt