Death-Penalty-Process-In-China[.]exe

Sharing

Copy URL

Twitter E-mail

Reason

too many matches

General

Target

Death-Penalty-Process-In-China.exe
Size

276.0MB
MD5

5670b65450a63a11cbf599236dcaa3e9
SHA1

56292399a0f1d88a9bb86f68021b4936be75354e
SHA256

0e411b7cd5e09d4f162a20501dab9d0afc5b9932706f181a73f6cd8e2428a7a2
SHA512

4a4477542dd5952fdcfb039fa5eba5d38624e961393918815bbf031e8bc6c2ff5dad755d2c6a01d82ea1b3303e539cbec82d1f34c935353864406a41c615e7e3
SSDEEP

49152:DIgMG5fk1NiQF6SRZNpmxuTMoQQ3Fsd8icUG5AAdHIoBHxDJ8Nx7UeRVFOZBY5Zp:XzEinQ3sJqJ8UeRpLhpAxQwu

Score

N/A

Malware Config

Signatures

Files

Death-Penalty-Process-In-China.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5a:36:4c:49:57:d9:34:06:f7:63:21:c2:31:6f:42:f0
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

24/08/2022, 10:35

Not After

24/08/2023, 10:35

Subject

SERIALNUMBER=11430692,CN=Board Game Bucket Ltd,O=Board Game Bucket Ltd,POSTALCODE=WC2H 9JQ,STREET=71-75 Shelton Street,ST=Greater London,C=GB,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024742

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

be:09:f8:0c:38:8f:8a:b4:d8:46:9d:29:d5:3d:3d:27:1b:f1:35:a8:70:51:71:fd:fc:ab:16:a3:e2:4b:a0:7a
Signer

Actual PE Digest

be:09:f8:0c:38:8f:8a:b4:d8:46:9d:29:d5:3d:3d:27:1b:f1:35:a8:70:51:71:fd:fc:ab:16:a3:e2:4b:a0:7a

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=11430692,CN=Board Game Bucket Ltd,O=Board Game Bucket Ltd,POSTALCODE=WC2H 9JQ,STREET=71-75 Shelton Street,ST=Greater London,C=GB,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024742

26/08/2022, 16:48
Valid: true

Chain 1

SERIALNUMBER=11430692,CN=Board Game Bucket Ltd,O=Board Game Bucket Ltd,POSTALCODE=WC2H 9JQ,STREET=71-75 Shelton Street,ST=Greater London,C=GB,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024742

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89Certificate

Extended Key Usages

Key Usages

5a:36:4c:49:57:d9:34:06:f7:63:21:c2:31:6f:42:f0Certificate

Extended Key Usages

Key Usages

be:09:f8:0c:38:8f:8a:b4:d8:46:9d:29:d5:3d:3d:27:1b:f1:35:a8:70:51:71:fd:fc:ab:16:a3:e2:4b:a0:7aSigner

Signature Validations

Verification

26/08/2022, 16:48 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rsrc Size: 291KB - Virtual size: 291KB

.reloc Size: 512B - Virtual size: 12B

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

5a:36:4c:49:57:d9:34:06:f7:63:21:c2:31:6f:42:f0
Certificate

be:09:f8:0c:38:8f:8a:b4:d8:46:9d:29:d5:3d:3d:27:1b:f1:35:a8:70:51:71:fd:fc:ab:16:a3:e2:4b:a0:7a
Signer

26/08/2022, 16:48
Valid: true

.text
Size: 3.9MB - Virtual size: 3.9MB

.rsrc
Size: 291KB - Virtual size: 291KB

.reloc
Size: 512B - Virtual size: 12B