9dae2b8bc3fb0580af09fd9d4d023958ee201a23fae7bb374bd0ecf3f5e77663

Sharing

Copy URL Twitter E-mail

General

Target

9dae2b8bc3fb0580af09fd9d4d023958ee201a23fae7bb374bd0ecf3f5e77663
Size

165KB
MD5

5e9b234bb83cfc857ae267eccdcdd339
SHA1

4398dc76d58c6dff916c0b7507d85f9118c37e5a
SHA256

9dae2b8bc3fb0580af09fd9d4d023958ee201a23fae7bb374bd0ecf3f5e77663
SHA512

845aefb587118ff4782fe69020e31a6418c053e64d723921f083dc3c14563379339a4481986d247fc9c8d206bd9c7a705c0e570db4687d0efad6474d9c7fa8a7
SSDEEP

3072:3aL9Em0KA/KED281xf11CzRcZOItSYOhNcBu364yeEBFI3U/CS91:lkA1D2sxWCUY6NcQq4ABFEU/D

Score

N/A

Malware Config

Signatures

Files

9dae2b8bc3fb0580af09fd9d4d023958ee201a23fae7bb374bd0ecf3f5e77663
.exe windows x86

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

a1:93:f5:dd:f2:e1:4b:20:d9:4b:a3:50:df:2d:77:2f:86:3a:20:51
Signer

Actual PE Digest

a1:93:f5:dd:f2:e1:4b:20:d9:4b:a3:50:df:2d:77:2f:86:3a:20:51

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=222222222

15/09/2022, 14:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW

comdlg32

GetFileTitleW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA

oleaut32

BSTR_UserFree
ClearCustData
CreateStdDispatch
CreateTypeLib2
GetActiveObject
LPSAFEARRAY_Marshal
LPSAFEARRAY_Size
LPSAFEARRAY_Unmarshal
LoadTypeLi
OleCreatePropertyFrame
OleLoadPictureFile
OleLoadPicturePath
OleSavePictureFile
QueryPathOfRegTypeLi
RevokeActiveObject
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCopy
SafeArrayCopyData
SafeArrayCreateVector
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetElemsize
SafeArrayPutElement
SafeArraySetRecordInfo
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringLen
VARIANT_UserMarshal
VarAnd
VarBoolFromCy
VarBoolFromI2
VarBstrCat
VarBstrCmp
VarBstrFromDec
VarBstrFromDisp
VarBstrFromUI1
VarCyAbs
VarCyAdd
VarCyCmp
VarCyCmpR8
VarCyFromDate
VarCyMulI4
VarCyRound
VarDateFromI1
VarDateFromI2
VarDateFromI4
VarDateFromUI2
VarDateFromUdate
VarDecAdd
VarDecCmpR8
VarDecFix
VarDecFromBool
VarDecFromDisp
VarDecFromI2
VarDecFromI4
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecSu
VarEqv
VarFormatCurrency
VarFormatFromTokens
VarFormatPercent
VarI1FromCy
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI2
VarI2FromCy
VarI2FromDisp
VarI2FromI1
VarI2FromStr
VarI2FromUI4
VarI4FromDate
VarI4FromDisp
VarI4FromR8
VarI4FromStr
VarI4FromUI2
VarI4FromUI4
VarImp
VarInt
VarMod
VarMonthName
VarMul
VarOr
VarR4FromDec
VarR4FromDisp
VarR4FromI1
VarR4FromI2
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR4FromUI4
VarR8FromCy
VarR8FromDate
VarR8FromR4
VarR8FromUI1
VarUI1FromBool
VarUI1FromDec
VarUI1FromI2
VarUI1FromI4
VarUI1FromR4
VarUI1FromR8
VarUI1FromStr
VarUI2FromCy
VarUI2FromDate
VarUI2FromDec
VarUI2FromI1
VarUI2FromStr
VarUI2FromUI4
VarUI4FromDec
VarUI4FromI4
VarUI4FromR4
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarUdateFromDate
VarXor
VectorFromBstr

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8045544fe50e4b2560460d517b5662ec

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

a1:93:f5:dd:f2:e1:4b:20:d9:4b:a3:50:df:2d:77:2f:86:3a:20:51Signer

Signature Validations

Verification

15/09/2022, 14:59 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 612B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 153KB - Virtual size: 152KB

.text6 Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

a1:93:f5:dd:f2:e1:4b:20:d9:4b:a3:50:df:2d:77:2f:86:3a:20:51
Signer

15/09/2022, 14:59
Valid: false

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 612B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 153KB - Virtual size: 152KB

.text6
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB