24c6e42deb5881d53fb9b3b19b14f989c06a0ccc97d45c79383d0e77eb7397eb

Sharing

Copy URL

Twitter E-mail

General

Target

24c6e42deb5881d53fb9b3b19b14f989c06a0ccc97d45c79383d0e77eb7397eb
Size

172KB
MD5

85a46581f1d401b33bec703a252848e4
SHA1

23d2acbc870f23b55f652e2a858cd5b7a5d93294
SHA256

24c6e42deb5881d53fb9b3b19b14f989c06a0ccc97d45c79383d0e77eb7397eb
SHA512

519a06fd149d16dad82f06d507e88887f47d3ef90d0b9fa74f933baf6adb77bb497ba3e12c3f5e351a6026513191415046ee381e7ff3f64a14e4a9cfdb16afb9
SSDEEP

3072:q4seP5fXMSmzg3csi0xx4MeXlL7GuuczgExpiD507u/A:q4L5fXMSmz9si0DqQdczgExIt07q

Score

N/A

Malware Config

Signatures

Files

24c6e42deb5881d53fb9b3b19b14f989c06a0ccc97d45c79383d0e77eb7397eb
.exe windows x86

6494447cb8cfa55889a61a3299aaf527

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

Issuer

CN=erqwerqwert23623

Not Before

05/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=erqwerqwert23623

Extended Key Usages

ExtKeyUsageCodeSigning

76:14:e9:37:b8:d8:b7:48:c7:25:b8:d9:87:d7:44:9c:93:b7:e9:bc
Signer

Actual PE Digest

76:14:e9:37:b8:d8:b7:48:c7:25:b8:d9:87:d7:44:9c:93:b7:e9:bc

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=erqwerqwert23623

15/09/2022, 14:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

ActivateKeyboardLayout
AnimateWindow
AttachThreadInput
BeginDeferWindowPos
ChangeClipboardChain
CharPrevA
CheckMenuItem
ChildWindowFromPointEx
CopyRect
CreateMDIWindowA
CreateWindowExA
DdeGetData
DdeQueryStringW
DdeReconnect
DefFrameProcA
DefFrameProcW
DefWindowProcA
DeregisterShellHookWindow
DestroyMenu
DispatchMessageW
DlgDirListA
DlgDirListComboBoxW
DrawEdge
DrawFrame
DrawStateW
EnableMenuItem
EnumDesktopsA
EnumDisplaySettingsA
EnumDisplaySettingsExW
EqualRect
FindWindowW
GetCaretPos
GetCursorInfo
GetDCEx
GetDlgItemTextA
GetKeyNameTextA
GetKeyboardLayoutList
GetMenuDefaultItem
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageTime
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetPriorityClipboardFormat
GetShellWindow
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetWindowInfo
GetWindowRgn
GetWindowTextLengthA
ImpersonateDdeClientWindow
IsCharAlphaNumericW
IsDialogMessage
IsDlgButtonChecked
IsHungAppWindow
LoadBitmapA
LoadCursorW
LoadImageW
LoadStringW
LockSetForegroundWindow
MapVirtualKeyExA
MessageBoxW
OemToCharBuffA
OemToCharW
OpenDesktopW
OpenWindowStationW
PaintDesktop
PostMessageW
RegisterClipboardFormatW
RegisterDeviceNotificationA
RemoveMenu
RemovePropA
ReuseDDElParam
ScrollWindow
SendMessageW
SetDeskWallpaper
SetDlgItemTextW
SetMessageQueue
SetProcessWindowStation
SetPropW
SetShellWindow
SetSysColors
SetWindowLongA
SetWindowPlacement
SetWindowRgn
SetWindowsHookExA
ShowCursor
UnregisterHotKey
wsprintfW
wvsprintfW

ole32

CLIPFORMAT_UserFree
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLSIDFromProgID
CoDeactivateObject
CoDisableCallCancellation
CoDisconnectObject
CoFreeAllLibraries
CoFreeUnusedLibraries
CoGetCallerTID
CoGetCancelObject
CoGetClassVersion
CoGetCurrentProcess
CoGetPSClsid
CoGetStandardMarshal
CoInitializeEx
CoIsOle1Class
CoLoadLibrary
CoLockObjectExternal
CoQueryAuthenticationServices
CoQueryProxyBlanket
CoRegisterChannelHook
CoRegisterClassObject
CoRegisterSurrogate
CoRevertToSelf
CoSetCancelObject
CoSuspendClassObjects
CoTaskMemFree
CoTestCancel
CoTreatAsClass
CoUnloadingWOW
CoUnmarshalHresult
CreateAntiMoniker
CreateBindCtx
CreateGenericComposite
DllGetClassObjectWOW
DoDragDrop
EnableHookObject
FmtIdToPropStgName
FreePropVariantArray
GetClassFile
GetHookInterface
HACCEL_UserMarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HBRUSH_UserFree
HBRUSH_UserSize
HENHMETAFILE_UserSize
HICON_UserSize
HMENU_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserFree
HMETAFILE_UserSize
HPALETTE_UserMarshal
MonikerCommonPrefixWith
MonikerRelativePathTo
OleConvertIStorageToOLESTREAMEx
OleCreate
OleCreateLinkEx
OleCreateLinkFromDataEx
OleDuplicateData
OleGetAutoConvert
OleIsCurrentClipboard
OleRegEnumVerbs
OleSave
OleSetMenuDescriptor
OpenOrCreateStream
ProgIDFromCLSID
PropStgNameToFmtId
ReadClassStg
SetDocumentBitStg
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgCreateStorageEx
StgOpenStorage
StgSetTimes
UtConvertDvtd16toDvtd32
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6494447cb8cfa55889a61a3299aaf527

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33Certificate

Extended Key Usages

76:14:e9:37:b8:d8:b7:48:c7:25:b8:d9:87:d7:44:9c:93:b7:e9:bcSigner

Signature Validations

Verification

15/09/2022, 14:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 948B

.text Size: 158KB - Virtual size: 157KB

.text2 Size: 1024B - Virtual size: 800B

.reloc Size: 2KB - Virtual size: 1KB

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

76:14:e9:37:b8:d8:b7:48:c7:25:b8:d9:87:d7:44:9c:93:b7:e9:bc
Signer

15/09/2022, 14:52
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 948B

.text
Size: 158KB - Virtual size: 157KB

.text2
Size: 1024B - Virtual size: 800B

.reloc
Size: 2KB - Virtual size: 1KB