5f93ae74628d8b5606a67aa9a07713b4cf248f0847dc1a290b93de522d52f064

Sharing

Copy URL

Twitter E-mail

General

Target

5f93ae74628d8b5606a67aa9a07713b4cf248f0847dc1a290b93de522d52f064
Size

1.1MB
MD5

0e2165dd22a9b65ede5c24773c91f2de
SHA1

52439e2defb203bdb35158e139f2f24634029023
SHA256

5f93ae74628d8b5606a67aa9a07713b4cf248f0847dc1a290b93de522d52f064
SHA512

4e9ff76b1cb83506ee37dfd94b98991b57d0b89b99cec045943eed80383d2d1868cf8a7876a81719670bf515d5945fe51d62edbf3a5c97c1f56eb258a20347e6
SSDEEP

24576:5vf3ZKnZDyYxr6AVIY7wOM058KJWljhx:NQFnXz+jh

Score

N/A

Malware Config

Signatures

Files

5f93ae74628d8b5606a67aa9a07713b4cf248f0847dc1a290b93de522d52f064
.dll windows x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:af:00:ce:54:27:60:fc:11:6b:41:fa:92:e1:85:89
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10-06-2022 00:00

Not After

10-06-2023 23:59

Subject

CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2d:52:fa:32:7f:a3:78:c2:6f:f6:de:e6:ef:b2:6e:c5:40:ad:9c:35:a0:47:3c:eb:b8:67:8b:d7:53:9a:e6:88
Signer

Actual PE Digest

2d:52:fa:32:7f:a3:78:c2:6f:f6:de:e6:ef:b2:6e:c5:40:ad:9c:35:a0:47:3c:eb:b8:67:8b:d7:53:9a:e6:88

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

19-07-2022 16:37
Valid: true

Chain 1

CN=DICKIE MUSDALE WINDFARM LIMITED,O=DICKIE MUSDALE WINDFARM LIMITED,ST=Scotland,C=GB

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 810KB - Virtual size: 810KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

58:af:00:ce:54:27:60:fc:11:6b:41:fa:92:e1:85:89Certificate

Extended Key Usages

Key Usages

2d:52:fa:32:7f:a3:78:c2:6f:f6:de:e6:ef:b2:6e:c5:40:ad:9c:35:a0:47:3c:eb:b8:67:8b:d7:53:9a:e6:88Signer

Signature Validations

Verification

19-07-2022 16:37 Valid: true

Chain 1

Headers

File Characteristics

Sections

CODE Size: 810KB - Virtual size: 810KB

DATA Size: 10KB - Virtual size: 9KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.reloc Size: 61KB - Virtual size: 61KB

.rsrc Size: 164KB - Virtual size: 164KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

58:af:00:ce:54:27:60:fc:11:6b:41:fa:92:e1:85:89
Certificate

2d:52:fa:32:7f:a3:78:c2:6f:f6:de:e6:ef:b2:6e:c5:40:ad:9c:35:a0:47:3c:eb:b8:67:8b:d7:53:9a:e6:88
Signer

19-07-2022 16:37
Valid: true

CODE
Size: 810KB - Virtual size: 810KB

DATA
Size: 10KB - Virtual size: 9KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.reloc
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 164KB - Virtual size: 164KB