General

Malware Config

Signatures

Files

• mc.dll

  .dll windows x86

  dae02f32a21e03ce65412f6e56942daa

  
  

  Code Sign

  54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99

  Certificate

  Issuer

  CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

  Not Before

  16-04-2020 18:36

  Not After

  16-04-2045 18:44

  Subject

  CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:1a:c9:80:d2:41:37:45:9e:89:05:00:00:00:00:1a:c9

  Certificate

  Issuer

  CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

  Not Before

  10-07-2022 14:38

  Not After

  09-08-2022 14:38

  Subject

  CN=Reason Cybersecurity Inc.,O=Reason Cybersecurity Inc.,L=New York,ST=NY,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  33:00:00:1a:c9:80:d2:41:37:45:9e:89:05:00:00:00:00:1a:c9

  Certificate

  Issuer

  CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

  Not Before

  10-07-2022 14:38

  Not After

  09-08-2022 14:38

  Subject

  CN=Reason Cybersecurity Inc.,O=Reason Cybersecurity Inc.,L=New York,ST=NY,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  33:00:00:00:04:96:50:4b:d2:db:ee:cb:88:00:00:00:00:00:04

  Certificate

  Issuer

  CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

  Not Before

  13-04-2021 17:31

  Not After

  13-04-2026 17:31

  Subject

  CN=Microsoft ID Verified CS AOC CA 02,O=Microsoft Corporation,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07

  Certificate

  Issuer

  CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

  Not Before

  01-04-2021 20:05

  Not After

  01-04-2036 20:15

  Subject

  CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  84:95:44:64:b0:50:1c:4f:4e:cd:af:54:98:a4:44:c8:52:eb:19:58:c9:99:e1:60:e8:0a:06:06:63:bd:9f:59

  Signer

  Actual PE Digest

  84:95:44:64:b0:50:1c:4f:4e:cd:af:54:98:a4:44:c8:52:eb:19:58:c9:99:e1:60:e8:0a:06:06:63:bd:9f:59

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Reason Cybersecurity Inc.,O=Reason Cybersecurity Inc.,L=New York,ST=NY,C=US

  23-09-2022 10:36

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorDllMain

  Sections

  .text

  Size: 891KB - Virtual size: 891KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ