b590755acda9cbf46b1ba91143fae6c19ae0d5051ad79f3af1b6822eb2ed1b0e

Sharing

Copy URL Twitter E-mail

General

Target

b590755acda9cbf46b1ba91143fae6c19ae0d5051ad79f3af1b6822eb2ed1b0e
Size

653KB
MD5

66ed60e8faf5f0d319f05ea4d2c92520
SHA1

cbf5e16649d24364144efc35860949b6af1200e4
SHA256

b590755acda9cbf46b1ba91143fae6c19ae0d5051ad79f3af1b6822eb2ed1b0e
SHA512

cdd7fcb4de0c070144ab38ef3390ad0aa6db8dd7c7661ee72ee73605afdad5e5d913b9180b1024af19674bc0894152d1ba2f2e7630037bdedd2d05ea9f3e9098
SSDEEP

6144:EmhVmwxqXPWjxT01m0wBIPcH0+uyD/zllGTEpFd+hfQcfXCKPYNs7uAr5TP:EqRxA82mVe8Xl1FofpCKF7uApP

Score

N/A

Malware Config

Signatures

Files

b590755acda9cbf46b1ba91143fae6c19ae0d5051ad79f3af1b6822eb2ed1b0e
.exe windows x86

e685ee455d6af50506c95b69bf4b5ae0

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bb
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

27/07/2015, 00:00

Not After

26/07/2016, 23:59

Subject

CN=UNIX,O=UNIX,POSTALCODE=394036,STREET=6A Sredne-Moskovskaya ul.,L=Voronezh,ST=Voronezh Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:5a:aa:b7:d2:f5:a6:b3:34:06:2d:e8:ef:36:eb:27:51:0e:a2:0b
Signer

Actual PE Digest

2e:5a:aa:b7:d2:f5:a6:b3:34:06:2d:e8:ef:36:eb:27:51:0e:a2:0b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=UNIX,O=UNIX,POSTALCODE=394036,STREET=6A Sredne-Moskovskaya ul.,L=Voronezh,ST=Voronezh Region,C=RU

29/09/2022, 19:03
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetLastError
DeleteFileA
VirtualProtect
GetProcAddress
RemoveDirectoryW
LoadLibraryExA
CloseHandle
GetModuleHandleA
TlsGetValue
GetFileSizeEx
CreateThread
OpenMutexA
VirtualAlloc
TerminateThread
RemoveDirectoryA
ResetEvent
GetCommandLineA
OpenEventW
OpenSemaphoreW
Sleep
GetLocaleInfoA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStartupInfoA
GetVersionExA
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar
GetSystemInfo

user32

DestroyWindow
GetDesktopWindow
CreateDesktopA
EnableWindow
LoadIconW
IsWindowVisible
LoadBitmapW

ws2_32

select

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 352KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e685ee455d6af50506c95b69bf4b5ae0

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bbCertificate

Extended Key Usages

Key Usages

2e:5a:aa:b7:d2:f5:a6:b3:34:06:2d:e8:ef:36:eb:27:51:0e:a2:0bSigner

Signature Validations

Verification

29/09/2022, 19:03 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 224KB - Virtual size: 221KB

.data Size: 352KB - Virtual size: 355KB

.rsrc Size: 24KB - Virtual size: 23KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

81:53:c1:d6:95:bb:4a:ac:0a:94:5d:ea:72:15:e8:bb
Certificate

2e:5a:aa:b7:d2:f5:a6:b3:34:06:2d:e8:ef:36:eb:27:51:0e:a2:0b
Signer

29/09/2022, 19:03
Valid: false

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 224KB - Virtual size: 221KB

.data
Size: 352KB - Virtual size: 355KB

.rsrc
Size: 24KB - Virtual size: 23KB