d41a87ec2fa5153d4c2ff87beb6928e56e8a0dcea52659b727a832f984997584

Sharing

Copy URL Twitter E-mail

General

Target

d41a87ec2fa5153d4c2ff87beb6928e56e8a0dcea52659b727a832f984997584
Size

1.6MB
MD5

1fb3cd0fd456f7c446a95c8684f08a3e
SHA1

27677f6815120d2a91921ebcb6e1c16ed307d81a
SHA256

d41a87ec2fa5153d4c2ff87beb6928e56e8a0dcea52659b727a832f984997584
SHA512

f75e3954fe40ac7318123400153ba10499392d5696f2b33c93b7ecc075ae7af4c0f6c1a3ff87d17427ee58afa6729b7ba08f9c18a89306b570e92c4ff460d3ae
SSDEEP

24576:+284FrVRoXeuEqvDLbTL8B4UuUUC3bdRDf2AIM8hTLT/Z3QAj9dzyrdRc60:+284FrDue8XbTLw4obb2fhTLAT0

Score

N/A

Malware Config

Signatures

Files

d41a87ec2fa5153d4c2ff87beb6928e56e8a0dcea52659b727a832f984997584
.exe windows x86

cf5c5636542bd2b0628b38af05631df4

Code Sign

07:5b:f5:b2:ff:1d:54:81:f2:0b:8f:cb:b9:1e:17:ed
Certificate

Issuer

CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/07/2022, 00:00

Not After

11/07/2023, 23:59

Subject

CN=development.org

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

9b:57:85:7b:74:7e:86:d0:4a:9f:fd:41:4a:be:0f:08:e2:b3:81:4e:f3:61:ef:97:07:c9:6a:ac:a4:36:eb:a2
Signer

Actual PE Digest

9b:57:85:7b:74:7e:86:d0:4a:9f:fd:41:4a:be:0f:08:e2:b3:81:4e:f3:61:ef:97:07:c9:6a:ac:a4:36:eb:a2

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=development.org

28/09/2022, 17:20
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
PulseEvent
SetCurrentConsoleFontEx
GetProfileIntW
EndUpdateResourceW
ZombifyActCtx
GetProfileSectionA
ReleaseSRWLockExclusive
GetSystemDefaultLCID
ClearCommBreak
GlobalAlloc
Sleep
GetProcessHandleCount
CreateFileW
GetBinaryTypeW
ReleaseSemaphore
FreeLibraryAndExitThread
GetLastError
GetProcAddress
FindClose
OpenThread
MoveFileA
SetCurrentDirectoryW
FindNextChangeNotification
GlobalGetAtomNameW
GetModuleHandleA
EraseTape
GetConsoleTitleW
BuildCommDCBA
EnumDateFormatsW
ReadConsoleInputW
CommConfigDialogW
HeapSize
WriteConsoleW
GetCommandLineW
InterlockedIncrement
InterlockedDecrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WriteFile
GetModuleFileNameW
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
HeapFree
WideCharToMultiByte
GetStringTypeW
RaiseException
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
RtlUnwind
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
HeapAlloc
HeapReAlloc
LCMapStringEx
SetFilePointerEx
CloseHandle

user32

MessageBoxW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf5c5636542bd2b0628b38af05631df4

Code Sign

07:5b:f5:b2:ff:1d:54:81:f2:0b:8f:cb:b9:1e:17:edCertificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

9b:57:85:7b:74:7e:86:d0:4a:9f:fd:41:4a:be:0f:08:e2:b3:81:4e:f3:61:ef:97:07:c9:6a:ac:a4:36:eb:a2Signer

Signature Validations

Verification

28/09/2022, 17:20 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 151KB - Virtual size: 151KB

.reloc Size: 11KB - Virtual size: 11KB

07:5b:f5:b2:ff:1d:54:81:f2:0b:8f:cb:b9:1e:17:ed
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

9b:57:85:7b:74:7e:86:d0:4a:9f:fd:41:4a:be:0f:08:e2:b3:81:4e:f3:61:ef:97:07:c9:6a:ac:a4:36:eb:a2
Signer

28/09/2022, 17:20
Valid: false

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 151KB - Virtual size: 151KB

.reloc
Size: 11KB - Virtual size: 11KB