d92e3ee87dd4df4f6cfaa0a5ea38605c4b3ad0deeef47b01249176d402367282

Sharing

Copy URL

Twitter E-mail

General

Target

d92e3ee87dd4df4f6cfaa0a5ea38605c4b3ad0deeef47b01249176d402367282
Size

98KB
MD5

3a33eaf8cef53654e62b15a742213d2e
SHA1

22d6f57f60b3acb997fca1f61ea34dfe0c790343
SHA256

d92e3ee87dd4df4f6cfaa0a5ea38605c4b3ad0deeef47b01249176d402367282
SHA512

fdb0f1e92b135ae157a447cf8925663dad17b04130e50e70c351e5cebcfeaae4e9c6fa29b2515d0e8a9c5cb84bf9fc4f19b6c3c90867c106217b10b6d70d3fee
SSDEEP

1536:8u/TEsCcwHsJNIbPGGH2G5lS5GiTUXfQQmtAahtNjnZA2:r/TzCcwjbeGH2G5lS5GIoozt1DZA2

Score

N/A

Malware Config

Signatures

Files

d92e3ee87dd4df4f6cfaa0a5ea38605c4b3ad0deeef47b01249176d402367282
.exe windows x86

be513e5d901ef74339a55fe7c89ebb63

Code Sign

1c:a0:67:61:db:40:7b:8d:42:94:9f:a9:a3:83:47:47
Certificate

Issuer

CN=zkkpOtSEljpZpRoddvGgRMIV RWKupAqrmJoSOliivhyQWdyINjQirNDtLATdfASc QgUIXlSRhqzBvXbWqIjrZCfCGyxVqTaiz iDJgykoWxzfkpCtZleJflfkYnNWwnsvsbDyaPqvYaexJtqBtMv

Not Before

04/07/2012, 11:14

Not After

31/12/2039, 23:59

Subject

CN=zkkpOtSEljpZpRoddvGgRMIV RWKupAqrmJoSOliivhyQWdyINjQirNDtLATdfASc QgUIXlSRhqzBvXbWqIjrZCfCGyxVqTaiz iDJgykoWxzfkpCtZleJflfkYnNWwnsvsbDyaPqvYaexJtqBtMv

Extended Key Usages

ExtKeyUsageCodeSigning

c9:5e:42:ac:eb:4d:f1:a0:75:9c:cf:8d:18:ae:51:6f:f1:b9:52:de
Signer

Actual PE Digest

c9:5e:42:ac:eb:4d:f1:a0:75:9c:cf:8d:18:ae:51:6f:f1:b9:52:de

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=zkkpOtSEljpZpRoddvGgRMIV RWKupAqrmJoSOliivhyQWdyINjQirNDtLATdfASc QgUIXlSRhqzBvXbWqIjrZCfCGyxVqTaiz iDJgykoWxzfkpCtZleJflfkYnNWwnsvsbDyaPqvYaexJtqBtMv

15/09/2022, 14:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
ConvertDefaultLocale
CreateDirectoryExA
CreateEventW
CreateHardLinkA
DeleteTimerQueueTimer
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoExA
EnumDateFormatsExA
EnumUILanguagesA
FindAtomW
FindFirstVolumeW
FindNextFileW
FindNextVolumeMountPointW
FindResourceW
FormatMessageA
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetBinaryTypeW
GetConsoleAliasExesW
GetConsoleCP
GetConsoleTitleA
GetCurrencyFormatA
GetCurrencyFormatW
GetDiskFreeSpaceExA
GetExitCodeProcess
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetOEMCP
GetPrivateProfileSectionNamesA
GetProcessAffinityMask
GetSystemTime
GetSystemWindowsDirectoryW
GetThreadLocale
GetThreadSelectorEntry
GetVolumeInformationA
GlobalAddAtomW
GlobalFlags
GlobalGetAtomNameA
HeapCreate
HeapUnlock
LocalHandle
CommConfigDialogA
LockResource
MoveFileExA
OpenFileMappingW
OpenWaitableTimerA
PeekConsoleInputW
Process32NextW
PulseEvent
QueueUserWorkItem
ReadConsoleOutputCharacterW
ReadFileScatter
ResetEvent
SetDefaultCommConfigA
SetErrorMode
SetEvent
SetHandleCount
SetLocaleInfoW
SetStdHandle
SetTapeParameters
SetThreadContext
SetVolumeLabelA
Sleep
SuspendThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TransmitCommChar
TryEnterCriticalSection
UnmapViewOfFile
VirtualFreeEx
WaitForSingleObject
WriteConsoleOutputCharacterA
WriteFile
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProfileSectionW
_lopen
lstrcatW
lstrcmpi
lstrcpy
lstrcpyW
lstrlenA
GetProcAddress
GetModuleHandleA
CreateFileA
GetWindowsDirectoryW
CreateFileW
LoadLibraryW
CancelIo
CloseHandle
LocalUnlock
CallNamedPipeW

gdi32

GetStockObject

advapi32

RegOpenKeyExA

msvcrt

memcpy

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be513e5d901ef74339a55fe7c89ebb63

Code Sign

1c:a0:67:61:db:40:7b:8d:42:94:9f:a9:a3:83:47:47Certificate

Extended Key Usages

c9:5e:42:ac:eb:4d:f1:a0:75:9c:cf:8d:18:ae:51:6f:f1:b9:52:deSigner

Signature Validations

Verification

15/09/2022, 14:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 88KB - Virtual size: 87KB

.reloc Size: 1024B - Virtual size: 28KB

1c:a0:67:61:db:40:7b:8d:42:94:9f:a9:a3:83:47:47
Certificate

c9:5e:42:ac:eb:4d:f1:a0:75:9c:cf:8d:18:ae:51:6f:f1:b9:52:de
Signer

15/09/2022, 14:53
Valid: false

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 88KB - Virtual size: 87KB

.reloc
Size: 1024B - Virtual size: 28KB