5e9f6a1a2faddfef5517f4dd90a5fae8704b90f7b2b3dcbd41b3ca9c0e0c6011

Sharing

Copy URL

Twitter E-mail

General

Target

5e9f6a1a2faddfef5517f4dd90a5fae8704b90f7b2b3dcbd41b3ca9c0e0c6011
Size

10.3MB
MD5

8526d1e3aa57fa5265f86123ba73121a
SHA1

1f96725ecfbe3b005cb25a0dbc21d1f390f4ccb2
SHA256

5e9f6a1a2faddfef5517f4dd90a5fae8704b90f7b2b3dcbd41b3ca9c0e0c6011
SHA512

2ebf1b7cb6f8fab5a7d740bf6ca9af8c3f9d7881174ed40edad8e2e2febe39f196f564cb306e36244f5b1240e34e575c0ebef8ca61d0896e198da9a4fc659af5
SSDEEP

1536:NbYyMeMIGY9tUWEI068UKtYMrtFaxq1EjwfRjTi9XNozI8B7tb1dPlCCE6Cq:hYYMIXEI06tKtYMTaaFOFaZRddCCEM

Score

N/A

Malware Config

Signatures

Files

5e9f6a1a2faddfef5517f4dd90a5fae8704b90f7b2b3dcbd41b3ca9c0e0c6011
.dll windows x86

2500a2f443e920dfcdaf6b35d6d99ba0

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

27/11/2009, 00:00

Not After

27/11/2011, 23:59

Subject

CN=YNK JAPAN Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=YNK JAPAN Inc,L=\ Nihonbashi Kodenmachou10-6,ST=Chuo-ku,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

94:0c:6c:7e:44:6c:fa:ef:46:4a:f4:91:4d:ad:85:82:2b:02:e5:21
Signer

Actual PE Digest

94:0c:6c:7e:44:6c:fa:ef:46:4a:f4:91:4d:ad:85:82:2b:02:e5:21

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=YNK JAPAN Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=YNK JAPAN Inc,L=\ Nihonbashi Kodenmachou10-6,ST=Chuo-ku,C=JP

15/09/2022, 14:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
_strlwr
strstr
isupper
_strrev
strncpy
strchr
atoi
??2@YAPAXI@Z
??3@YAXPAX@Z
calloc
sprintf
fopen
_fdopen
fprintf
ftell
fputc
_errno
wcsncat
_strnicmp
strncat
_wcsnicmp
wcschr
_wcsupr
malloc
_wfopen
fclose
fread
fwrite
rand
_wtoi
_wcsicmp
wcsstr
_wcsrev
swprintf
wcscpy
_stricmp
memset
srand
_except_handler3
free
wcscat
wcsncpy
wcslen
_wtol

kernel32

CloseHandle
GetVersionExA
MultiByteToWideChar
LocalAlloc
LocalFree
DeleteCriticalSection
InitializeCriticalSection
Sleep
LoadLibraryW
GetProcAddress
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetLastError
lstrlenW
HeapFree
HeapAlloc
GetProcessHeap
VirtualProtect
VirtualFree
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleA
GetCurrentProcess
TerminateProcess
GetTickCount
ExitProcess
WaitForSingleObject
GetModuleHandleW
LoadLibraryExW
FreeLibrary
GlobalFree

user32

DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow
ShowWindow
PostQuitMessage
CreateWindowExW
RegisterClassExW
SendMessageW
CharNextW
DefWindowProcW
SetWindowLongW
GetWindowLongW
GetClientRect
CloseWindow
SetWindowPos
DestroyWindow

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
OleInitialize
OleUninitialize
OleCreate
OleSetContainedObject

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

AppStartup
GetClassObject
Install

Sections

.text
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2500a2f443e920dfcdaf6b35d6d99ba0

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4dCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

94:0c:6c:7e:44:6c:fa:ef:46:4a:f4:91:4d:ad:85:82:2b:02:e5:21Signer

Signature Validations

Verification

15/09/2022, 14:52 Valid: false

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 10.2MB - Virtual size: 10.2MB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 36KB - Virtual size: 43KB

.reloc Size: 32KB - Virtual size: 29KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

67:24:34:0d:db:c7:25:2f:7f:b7:14:b8:12:a5:c0:4d
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

94:0c:6c:7e:44:6c:fa:ef:46:4a:f4:91:4d:ad:85:82:2b:02:e5:21
Signer

15/09/2022, 14:52
Valid: false

.text
Size: 10.2MB - Virtual size: 10.2MB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 36KB - Virtual size: 43KB

.reloc
Size: 32KB - Virtual size: 29KB