1e43d0ff36dfc03c0f0c546e8c3465185204ee725721a50fbfc4b4eb35cb363b

Sharing

Copy URL Twitter E-mail

General

Target

1e43d0ff36dfc03c0f0c546e8c3465185204ee725721a50fbfc4b4eb35cb363b
Size

170KB
MD5

1ad23d00a69614797d1fec51768b11e1
SHA1

3f0917cc5a26ca25756cfdab23478015103d41b8
SHA256

1e43d0ff36dfc03c0f0c546e8c3465185204ee725721a50fbfc4b4eb35cb363b
SHA512

328a55f8dae685c431646a44a6a6f565f4b671c2c8905b16271e4bb2178265833b81d1a77ef94e6a84b35796e9bf5ba608fac1496ff6c50c4839e6de5bb81e21
SSDEEP

3072:5Z6Ie9CKJ9I2H8QHBz5RVFe2kFWVntDdNkf07zsPzpZe:cC+9I2cudRatUVn2sHsP1U

Score

N/A

Malware Config

Signatures

Files

1e43d0ff36dfc03c0f0c546e8c3465185204ee725721a50fbfc4b4eb35cb363b
.exe windows x86

c1807b153e6a78fee2af07f50e1465ec

Code Sign

29:91:e1:1b:94:9b:d7:9b:48:8d:41:3e:68:60:cd:19
Certificate

Issuer

CN=123ttt

Not Before

08/03/2012, 07:59

Not After

31/12/2039, 23:59

Subject

CN=123ttt

Extended Key Usages

ExtKeyUsageCodeSigning

5a:b0:1e:e9:ca:61:a8:63:1f:bc:54:60:f5:f9:41:d1:9f:94:71:45
Signer

Actual PE Digest

5a:b0:1e:e9:ca:61:a8:63:1f:bc:54:60:f5:f9:41:d1:9f:94:71:45

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=123ttt

15/09/2022, 14:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetCommState
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

AllowSetForegroundWindow
CallWindowProcW
ChangeDisplaySettingsExA
CharNextExA
CharPrevW
CharUpperA
CharUpperW
ChildWindowFromPoint
CreateDesktopW
DdeAddData
DdeConnectList
DdeFreeStringHandle
DdeGetLastError
DdeInitializeW
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringW
DdeReconnect
DefWindowProcW
DestroyIcon
DestroyMenu
DispatchMessageW
DlgDirSelectComboBoxExW
DragDetect
DrawTextExA
EndPaint
EndTask
EnumDesktopsA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumPropsA
GetClassInfoExA
GetClipboardFormatNameA
GetClipboardFormatNameW
GetDCEx
GetDoubleClickTime
GetKBCodePage
GetKeyboardState
GetLastActivePopup
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuStringA
GetQueueStatus
GetScrollPos
GetTopWindow
GetWindow
GetWindowLongW
GrayStringA
GrayStringW
IMPGetIMEW
InflateRect
InsertMenuItemW
InvalidateRect
IsCharAlphaA
IsClipboardFormatAvailable
IsHungAppWindow
LoadAcceleratorsW
LoadCursorW
LoadIconA
LockWorkStation
LookupIconIdFromDirectoryEx
MessageBeep
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OpenDesktopW
PostQuitMessage
PostThreadMessageW
RealGetWindowClassA
RegisterClassA
RegisterClipboardFormatW
RegisterWindowMessageA
ScrollWindowEx
SendInput
SendMessageA
SendMessageTimeoutA
SetCapture
SetCursor
SetDlgItemTextA
SetMenu
SetMenuDefaultItem
SetMenuItemInfoA
SetWindowLongW
SetWindowTextA
ShowWindow
TabbedTextOutW
TrackMouseEvent
TrackPopupMenu
UnhookWindowsHook
UnpackDDElParam
UnregisterClassA
UnregisterClassW
VkKeyScanExW
WINNLSEnableIME

ole32

BindMoniker
CLIPFORMAT_UserSize
CoAddRefServerProcess
CoBuildVersion
CoCopyProxy
CoCreateInstanceEx
CoFileTimeToDosDateTime
CoGetClassVersion
CoGetCurrentLogicalThreadId
CoGetInstanceFromIStorage
CoGetMalloc
CoGetObject
CoImpersonateClient
CoInitializeEx
CoInitializeSecurity
CoInitializeWOW
CoQueryClientBlanket
CoQueryReleaseObject
CoReactivateObject
CoRegisterMallocSpy
CoRegisterMessageFilter
CoReleaseMarshalData
CoRevertToSelf
CoRevokeClassObject
CoSetCancelObject
CoTreatAsClass
CreateBindCtx
CreatePointerMoniker
CreateStdProgressIndicator
DoDragDrop
GetHGlobalFromStream
GetHookInterface
GetRunningObjectTable
HACCEL_UserSize
HBITMAP_UserSize
HBRUSH_UserUnmarshal
HDC_UserSize
HDC_UserUnmarshal
HGLOBAL_UserUnmarshal
HMENU_UserFree
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserUnmarshal
HWND_UserMarshal
IsAccelerator
OleConvertOLESTREAMToIStorageEx
OleCreateEmbeddingHelper
OleCreateFromData
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleDuplicateData
OleGetAutoConvert
OleGetIconOfFile
OleInitialize
OleIsCurrentClipboard
OleIsRunning
OleLoad
OleLoadFromStream
OleLockRunning
OleQueryLinkFromData
OleRegEnumFormatEtc
OleSave
OleSaveToStream
OleSetAutoConvert
OleSetContainedObject
OleSetMenuDescriptor
OpenOrCreateStream
PropStgNameToFmtId
RegisterDragDrop
SNB_UserFree
SNB_UserUnmarshal
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgCreateDocfile
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgIsStorageFile
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorage
StgOpenStorageEx
WdtpInterfacePointer_UserFree
WriteClassStm
WriteFmtUserTypeStg
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1807b153e6a78fee2af07f50e1465ec

Code Sign

29:91:e1:1b:94:9b:d7:9b:48:8d:41:3e:68:60:cd:19Certificate

Extended Key Usages

5a:b0:1e:e9:ca:61:a8:63:1f:bc:54:60:f5:f9:41:d1:9f:94:71:45Signer

Signature Validations

Verification

15/09/2022, 14:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 980B

.text Size: 155KB - Virtual size: 155KB

.text2 Size: 1024B - Virtual size: 800B

.reloc Size: 2KB - Virtual size: 1KB

29:91:e1:1b:94:9b:d7:9b:48:8d:41:3e:68:60:cd:19
Certificate

5a:b0:1e:e9:ca:61:a8:63:1f:bc:54:60:f5:f9:41:d1:9f:94:71:45
Signer

15/09/2022, 14:52
Valid: false

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 980B

.text
Size: 155KB - Virtual size: 155KB

.text2
Size: 1024B - Virtual size: 800B

.reloc
Size: 2KB - Virtual size: 1KB