9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6

Sharing

Copy URL Twitter E-mail

General

Target

9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6
Size

1.7MB
MD5

e80ac907c83884a675b31221c0f9cff0
SHA1

68830f46c5644e7496d320add7aae88f5ec3f14c
SHA256

9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6
SHA512

c0cc311c970b915e9996169189be4b49f25d4f421efa5fe1b1142a2c3698e451a710c724dd052c10f2517dd4949f4201ce5b828f19f75d8367d08d5de5761449
SSDEEP

49152:VumnFHeIqTwCtwzfyY2KGeCs6B1r55zYHF4:QmnFHe/TwCt2lGX5R5qHF4

Score

N/A

Malware Config

Signatures

Files

9967989c15c0f7ae425e0980837f6caa91bd9475e97c935ff1ca9e00964423e6
.exe windows x86

c6bac4d534e401091ac0a2139b541daf

Code Sign

03:03:2d:7d:1e:1e:dc:55:f1:f0:a5:b0:92:a8:1d:db:9b:25
Certificate

Issuer

CN=R3,O=Let's Encrypt,C=US

Not Before

03/08/2022, 03:00

Not After

01/11/2022, 03:00

Subject

CN=printer.com

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:69:57:e1:a9:d0:fa:ea:cb:3e:4e:88:4e:45:9a:00:09:ea:7d:a5:28:ac:fc:b3:84:9b:9b:ec:fd:ed:92:23
Signer

Actual PE Digest

67:69:57:e1:a9:d0:fa:ea:cb:3e:4e:88:4e:45:9a:00:09:ea:7d:a5:28:ac:fc:b3:84:9b:9b:ec:fd:ed:92:23

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=printer.com

05/09/2022, 15:29
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetProcAddress
LoadLibraryA
GlobalFree
ReleaseSemaphore
ExitThread
FindClose
FreeConsole
SetConsoleCtrlHandler
InterlockedIncrement
GetStringTypeExW
CreateDirectoryExW
GetConsoleAliasExesLengthW
SetConsoleTitleW
LeaveCriticalSection
GetFileSizeEx
SetLastError
FreeLibrary
GetSystemTimes
CopyFileW
DeleteFileW
ContinueDebugEvent
GetLogicalDrives
GetLocaleInfoA
TryEnterCriticalSection
GetCurrentProcess
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetLastError
GetFinalPathNameByHandleW
GetDiskFreeSpaceExW
ExitProcess
GetTickCount
ConvertDefaultLocale
GetFullPathNameW
SetFirmwareEnvironmentVariableW
SetConsoleScreenBufferInfoEx
GetNamedPipeClientComputerNameW
RtlUnwind
DeleteFileA
GetStartupInfoW
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
MultiByteToWideChar
ReadFile
Sleep
WriteFile
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
RaiseException
SetStdHandle
HeapAlloc
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
CloseHandle
CreateFileA

user32

GetSysColorBrush

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6bac4d534e401091ac0a2139b541daf

Code Sign

03:03:2d:7d:1e:1e:dc:55:f1:f0:a5:b0:92:a8:1d:db:9b:25Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

67:69:57:e1:a9:d0:fa:ea:cb:3e:4e:88:4e:45:9a:00:09:ea:7d:a5:28:ac:fc:b3:84:9b:9b:ec:fd:ed:92:23Signer

Signature Validations

Verification

05/09/2022, 15:29 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 110KB - Virtual size: 109KB

03:03:2d:7d:1e:1e:dc:55:f1:f0:a5:b0:92:a8:1d:db:9b:25
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

67:69:57:e1:a9:d0:fa:ea:cb:3e:4e:88:4e:45:9a:00:09:ea:7d:a5:28:ac:fc:b3:84:9b:9b:ec:fd:ed:92:23
Signer

05/09/2022, 15:29
Valid: false

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 110KB - Virtual size: 109KB