85f615aa3876a5518a20e3bf2358771cfec7abbb392bb49aeeb988fa15d2a212

Sharing

Copy URL

Twitter E-mail

General

Target

85f615aa3876a5518a20e3bf2358771cfec7abbb392bb49aeeb988fa15d2a212
Size

4.2MB
MD5

01274f403d249f2ab6803cc9d85af62a
SHA1

3b08f7a9840cefddee0677b265ec76ae2a2bed17
SHA256

85f615aa3876a5518a20e3bf2358771cfec7abbb392bb49aeeb988fa15d2a212
SHA512

e2da0f1b6f4f4cea4c5f3b931441629498aac3606c75ae34170f17aaadec2e6a669de44f11ba89bb034a11f51560bde3cf653cab27423cd51f5ec8698332f00d
SSDEEP

98304:Sq2R72woiC7eZXfi/9ftWSkCGPznfIe3PisaSc+7zEZ8Bt:Sq+fFCyZXq1f3kPPjge6NuYyBt

Score

N/A

Malware Config

Signatures

Files

85f615aa3876a5518a20e3bf2358771cfec7abbb392bb49aeeb988fa15d2a212
.exe windows x86

ae841657c069ee8afc9d4690a648ea99

Code Sign

02:79:71:e5:8c:22:7b:55:fa:53:0e:5b:3f:ed:80:4d
Certificate

Issuer

POSTALCODE=10305

Not Before

26-08-2022 17:48

Not After

26-08-2023 17:48

Subject

POSTALCODE=10305

e9:33:ed:3d:99:d8:84:ae:b7:4f:8f:8c:c2:20:d8:10:37:dc:cd:ae:e2:36:bc:6a:3b:3f:fe:5e:5c:8d:96:bb
Signer

Actual PE Digest

e9:33:ed:3d:99:d8:84:ae:b7:4f:8f:8c:c2:20:d8:10:37:dc:cd:ae:e2:36:bc:6a:3b:3f:fe:5e:5c:8d:96:bb

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

POSTALCODE=10305

26-08-2022 16:48
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDosDeviceA
OpenThread
SetProcessPriorityBoost
GetSystemDirectoryW
GlobalGetAtomNameW
FindResourceW
GetComputerNameExW
GetModuleHandleA
GetTempPathA
BuildCommDCBAndTimeoutsW
GetProcAddress
VirtualAlloc
GetMailslotInfo
_lread
GetDiskFreeSpaceExW
GlobalGetAtomNameA
WriteConsoleW
GetLastError
GetCommandLineA
InterlockedIncrement
CreateJobObjectA
InitializeCriticalSection
GetConsoleFontSize
FindNextVolumeW
CreateIoCompletionPort
GetExitCodeThread
LoadLibraryW
GetConsoleAliasesLengthW
WriteProfileSectionW
AddAtomA
InterlockedDecrement
LoadLibraryA
FoldStringW
GetProfileSectionW
GetDefaultCommConfigA
GetConsoleAliasesLengthA
lstrcpyW
VerifyVersionInfoA
SetHandleInformation
SetCriticalSectionSpinCount
GetComputerNameA
EnumSystemLocalesW
FreeLibrary
OpenMutexA
FileTimeToLocalFileTime
SearchPathW
FindNextFileA
WaitForSingleObject
CreateMutexA
FindResourceA
FormatMessageW
InterlockedCompareExchange
EnumDateFormatsA
GetConsoleScreenBufferInfo
GlobalAlloc
EnumDateFormatsExW
ZombifyActCtx
GetFileInformationByHandle
GetFileAttributesA
GetSystemWindowsDirectoryW
GetAtomNameA
ReadConsoleInputW
GetPrivateProfileStructW
_hwrite
GetConsoleAliasA
GetFullPathNameA
DebugBreakProcess
SetCurrentDirectoryA
SetCalendarInfoA
EnumCalendarInfoExA
CreateFileA
GetProfileSectionA
GetLogicalDrives
FlushConsoleInputBuffer
CopyFileExA
ReadConsoleOutputCharacterW
TerminateThread
FindNextFileW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MoveFileA
DeleteFileA
RaiseException
GetStartupInfoW
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
Sleep
ExitProcess
GetModuleFileNameA
WriteFile
GetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointer
CloseHandle
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

LoadMenuA
CharUpperW
GetMenuInfo

gdi32

GetBoundsRect
SelectObject
GetCharWidthW
GetCharWidth32A

advapi32

RevertToSelf

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae841657c069ee8afc9d4690a648ea99

Code Sign

02:79:71:e5:8c:22:7b:55:fa:53:0e:5b:3f:ed:80:4dCertificate

e9:33:ed:3d:99:d8:84:ae:b7:4f:8f:8c:c2:20:d8:10:37:dc:cd:ae:e2:36:bc:6a:3b:3f:fe:5e:5c:8d:96:bbSigner

Signature Validations

Verification

26-08-2022 16:48 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 3.9MB - Virtual size: 7.9MB

.rsrc Size: 40KB - Virtual size: 451KB

02:79:71:e5:8c:22:7b:55:fa:53:0e:5b:3f:ed:80:4d
Certificate

e9:33:ed:3d:99:d8:84:ae:b7:4f:8f:8c:c2:20:d8:10:37:dc:cd:ae:e2:36:bc:6a:3b:3f:fe:5e:5c:8d:96:bb
Signer

26-08-2022 16:48
Valid: false

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 3.9MB - Virtual size: 7.9MB

.rsrc
Size: 40KB - Virtual size: 451KB