50d8408b6e73ebfd100ae74ae2650e5b699d16a1721ddafe5971a9b810b700de

Sharing

Copy URL Twitter E-mail

General

Target

50d8408b6e73ebfd100ae74ae2650e5b699d16a1721ddafe5971a9b810b700de
Size

1.5MB
MD5

e4934204a8496e036b612b50f03df0b3
SHA1

278539378df864d4e1beb7a829b724611bab3608
SHA256

50d8408b6e73ebfd100ae74ae2650e5b699d16a1721ddafe5971a9b810b700de
SHA512

72531340eb8ea1be526842ac57b4b3739119f17c417392c72ef8f7e2c5b72380d79dbf5f5f3b873a6a9819d7e27873ebd1549543ff0dd21742ab5bfaf6666759
SSDEEP

24576:pylyP18HemGjvJcKWAQ2Npl9U6jZZx10JcCXHjDJIwmM2:pUyPec6HSJ9nbqhhp2

Score

N/A

Malware Config

Signatures

Files

50d8408b6e73ebfd100ae74ae2650e5b699d16a1721ddafe5971a9b810b700de
.exe windows x86

71881c732e4edb48fb346127d681c43b

Code Sign

04:d5:ba:60:ee:d1:0b:76:5c:5a:9d:d2:5a:55:14:41:45:f3
Certificate

Issuer

CN=R3,O=Let's Encrypt,C=US

Not Before

03/09/2022, 22:15

Not After

02/12/2022, 22:15

Subject

CN=done.com

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

14:c4:b8:89:f0:69:d6:10:03:b2:2d:99:d9:7d:11:cf:b1:28:e6:21:86:cc:90:27:22:6b:82:e2:13:15:f4:8a
Signer

Actual PE Digest

14:c4:b8:89:f0:69:d6:10:03:b2:2d:99:d9:7d:11:cf:b1:28:e6:21:86:cc:90:27:22:6b:82:e2:13:15:f4:8a

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=done.com

23/09/2022, 18:28
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryW
GetDefaultCommConfigW
Sleep
CloseHandle
LockResource
CompareStringW
ReadFile
CreateFileW
LoadLibraryA
InterlockedIncrement
InterlockedExchange
VerifyVersionInfoW
OpenMutexA
CreateWaitableTimerA
SetStdHandleEx
GetDllDirectoryA
FreeConsole
GetSystemDefaultLangID
GetCurrentProcess
GetProcessHeap
GetSystemDefaultLCID
EnumSystemLanguageGroupsW
OpenMutexW
TlsGetValue
GetLastError
CreateFileA
WriteConsoleW
GetConsoleOutputCP
HeapAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetFileType
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
SetStdHandle
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA

user32

GetMenuBarInfo
GetSysColorBrush
GetSysColor

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71881c732e4edb48fb346127d681c43b

Code Sign

04:d5:ba:60:ee:d1:0b:76:5c:5a:9d:d2:5a:55:14:41:45:f3Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

14:c4:b8:89:f0:69:d6:10:03:b2:2d:99:d9:7d:11:cf:b1:28:e6:21:86:cc:90:27:22:6b:82:e2:13:15:f4:8aSigner

Signature Validations

Verification

23/09/2022, 18:28 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 89KB - Virtual size: 89KB

.reloc Size: 8KB - Virtual size: 7KB

04:d5:ba:60:ee:d1:0b:76:5c:5a:9d:d2:5a:55:14:41:45:f3
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

14:c4:b8:89:f0:69:d6:10:03:b2:2d:99:d9:7d:11:cf:b1:28:e6:21:86:cc:90:27:22:6b:82:e2:13:15:f4:8a
Signer

23/09/2022, 18:28
Valid: false

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 89KB - Virtual size: 89KB

.reloc
Size: 8KB - Virtual size: 7KB