54aba47eef5cbd23170b83301fbfcc941da510fdd6fc647619639de80bbf2365

Sharing

Copy URL Twitter E-mail

General

Target

54aba47eef5cbd23170b83301fbfcc941da510fdd6fc647619639de80bbf2365
Size

305KB
MD5

3c12729b7167307e6e0297d46b7dbab7
SHA1

f9c0f216f7b0772aaac66fbd2cb4a0df32bd601e
SHA256

54aba47eef5cbd23170b83301fbfcc941da510fdd6fc647619639de80bbf2365
SHA512

77adfb24546fb1075f8fd62f010e59595a3f0f53736f640d390aab3a303a804d2487198bdb5b74969f14caf036d3e7e5405341ddbe800b6d8600331fd83754db
SSDEEP

6144:OOuatq9nLtnGR9XACo5TdW+UKaG4JFW/gRVzgUEjRDrviICU:OO9t6ZnGLX/yZaKP4J02FartJ

Score

N/A

Malware Config

Signatures

Files

54aba47eef5cbd23170b83301fbfcc941da510fdd6fc647619639de80bbf2365
.exe windows x86

e482690d9d9fb55b364f188bebdc0631

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

Issuer

CN=drVoA01yoqkQ

Not Before

14/03/2012, 05:55

Not After

31/12/2039, 23:59

Subject

CN=drVoA01yoqkQ

Extended Key Usages

ExtKeyUsageCodeSigning

d0:e4:26:2f:fb:8b:ba:70:85:8e:55:c0:e3:99:d5:75:28:f3:78:e6
Signer

Actual PE Digest

d0:e4:26:2f:fb:8b:ba:70:85:8e:55:c0:e3:99:d5:75:28:f3:78:e6

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=drVoA01yoqkQ

15/09/2022, 14:53
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryW
GetProcAddress
ReadConsoleA
FreeLibrary
WaitForMultipleObjects
GetCurrentDirectoryA
GetCompressedFileSizeA
FileTimeToDosDateTime
SetNamedPipeHandleState
GetCPInfo
GetBinaryTypeW
RequestWakeupLatency
AddConsoleAliasA
GetProfileStringA
CancelWaitableTimer
DebugBreak
DefineDosDeviceA
GetThreadContext
InitAtomTable
FoldStringA
GetFileTime
GetCPInfoExW
GetConsoleAliasExesLengthA
CancelTimerQueueTimer
EnumTimeFormatsA
GetUserDefaultLangID
GetFileSizeEx
GlobalAlloc
GetPrivateProfileStringW
GetACP
SetFileAttributesA
GetVolumePathNameA
EnterCriticalSection
FindFirstFileExW
CreateEventW
GetEnvironmentVariableW
Process32FirstW
CreateRemoteThread
WaitNamedPipeW
GetTimeZoneInformation
GetCPInfoExA
CreateDirectoryA
GetConsoleOutputCP
FlushConsoleInputBuffer
GetNumberOfConsoleInputEvents
GetConsoleAliasExesLengthW
GetConsoleAliasesA
WaitForSingleObjectEx
GetTimeFormatW
SetThreadLocale
_lwrite
InterlockedExchange
Module32FirstW
SetFileApisToOEM
lstrlen
LoadLibraryExW
WritePrivateProfileSectionW
GlobalDeleteAtom
GlobalHandle
GetConsoleAliasesW
EnumResourceTypesA
SetLocaleInfoA
GetTimeFormatA
DuplicateHandle
VerifyVersionInfoW
SetConsoleMode
GetCompressedFileSizeW
lstrcatW
WriteProfileSectionW
WriteConsoleInputA
EnumUILanguagesA
LockFile
GetCommState
FreeEnvironmentStringsW
WriteConsoleOutputW
_lopen
GetShortPathNameA
EnumLanguageGroupLocalesW
ResetWriteWatch
SetCommTimeouts
ReadConsoleOutputAttribute
EnumSystemCodePagesA
GetConsoleWindow
GetSystemInfo
FindFirstVolumeA
VerifyVersionInfoA
CompareFileTime
GetLongPathNameW
GetDiskFreeSpaceW
FindFirstFileA
VerLanguageNameA
lstrcmpA
PeekConsoleInputA

user32

LoadCursorA
mouse_event
InsertMenuA
GetClipboardOwner
RegisterDeviceNotificationW
GetQueueStatus
GetClipboardViewer
SetWindowPos
WINNLSGetIMEHotkey
SendNotifyMessageA
OemToCharA
GetPropA
GetThreadDesktop
GetAltTabInfoW
InsertMenuW
MonitorFromWindow
EndPaint
CloseWindowStation
CharNextW
SetWindowPlacement
BringWindowToTop
CallMsgFilter
GrayStringW
GetUserObjectInformationA
CharPrevW
GetScrollRange
DestroyWindow
SendMessageA
NotifyWinEvent
DrawEdge
DlgDirSelectExW
GetSysColor
UnloadKeyboardLayout
RealGetWindowClass
CharLowerW
DdeInitializeW
SendMessageCallbackA
ShowWindowAsync
GetWindowTextLengthA
IMPQueryIMEA
MessageBeep
LoadStringW
OpenWindowStationA
ChangeMenuA
GetKeyboardLayoutNameA
SetProcessWindowStation
GetCursor
GetClipboardSequenceNumber
ArrangeIconicWindows
LoadCursorFromFileA
ImpersonateDdeClientWindow
SetParent
ShowScrollBar
UnpackDDElParam
RegisterWindowMessageA
DestroyIcon
InvalidateRect
OemToCharW
GetLastActivePopup
GetDCEx
MoveWindow
GetMenuItemRect
CharLowerBuffW
GetMenuDefaultItem
MapDialogRect
GetKeyboardState
LoadImageW
LoadBitmapW
SetMenuItemInfoA
VkKeyScanA
SetClipboardData
GetMessageA
ChangeClipboardChain
DdeFreeDataHandle
GetClipboardFormatNameW
SetWindowLongA
SetClassLongA
IsIconic
DefWindowProcW
PostThreadMessageA
ReleaseCapture
LoadImageA
DialogBoxParamW
TrackPopupMenu
GetWindowPlacement
IsDialogMessageA
DefDlgProcW
GetDesktopWindow
CharUpperBuffA
ScrollWindowEx
DlgDirSelectComboBoxExA
CloseWindow
GetMenuItemInfoW
DdeUninitialize
FindWindowA
wvsprintfA
SendIMEMessageExA

gdi32

GetStockObject

advapi32

RegOpenKeyExA

shell32

SHEmptyRecycleBinA
ShellExecuteW
SHGetFolderPathA
DragQueryFile
DragQueryFileA
SHLoadNonloadedIconOverlayIdentifiers
ExtractAssociatedIconA
SHBrowseForFolderA
ExtractIconExA
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceA
SHCreateDirectoryExW
FindExecutableA
SHCreateDirectoryExA
SHGetIconOverlayIndexW
SHCreateProcessAsUserW
SHPathPrepareForWriteA
SHInvokePrinterCommandW
SHBrowseForFolderW
SHGetDesktopFolder
SHBrowseForFolder
SHGetPathFromIDListW
SHGetSettings
SHGetFolderPathW
SHGetDiskFreeSpaceExW
SHAppBarMessage
SHGetDataFromIDListW
ShellExecuteExW
ExtractIconW
SHPathPrepareForWriteW
DuplicateIcon
SHGetPathFromIDListA
DragFinish

shlwapi

StrStrIW
StrRChrA
StrStrW

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e482690d9d9fb55b364f188bebdc0631

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1Certificate

Extended Key Usages

d0:e4:26:2f:fb:8b:ba:70:85:8e:55:c0:e3:99:d5:75:28:f3:78:e6Signer

Signature Validations

Verification

15/09/2022, 14:53 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 290KB - Virtual size: 289KB

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 968B

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

d0:e4:26:2f:fb:8b:ba:70:85:8e:55:c0:e3:99:d5:75:28:f3:78:e6
Signer

15/09/2022, 14:53
Valid: false

.text
Size: 290KB - Virtual size: 289KB

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 968B

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB