General

Malware Config

Signatures

Files

• f99b7e79cb5352202f3a68f84dc84621583c9cfcdb3bbbe8f17c8764cd4300bb

  .exe windows x86

  9a95255ebe51a1db5c645c976a93f0d6

  
  

  Code Sign

  70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  29-01-1996 00:00

  Not After

  01-08-2028 23:59

  Subject

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  16-07-2004 00:00

  Not After

  15-07-2014 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  0f:c5:0c:01:52:ab:6d:16:2b:83:2a:c3:52:8b:10:f1

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Not Before

  12-10-2006 00:00

  Not After

  11-10-2009 23:59

  Subject

  CN=LogMeIn\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=LogMeIn\, Inc.,ST=Massachusetts,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  99:32:e8:2b:da:20:ef:cb:34:e0:bd:83:b6:13:0a:5f:1b:93:8a:ab

  Signer

  Actual PE Digest

  99:32:e8:2b:da:20:ef:cb:34:e0:bd:83:b6:13:0a:5f:1b:93:8a:ab

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=LogMeIn\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=LogMeIn\, Inc.,ST=Massachusetts,C=US

  29-09-2022 18:52

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  HeapFree

  CloseHandle

  WriteFile

  ReadFile

  HeapAlloc

  GetProcessHeap

  SetFilePointer

  GetFileSize

  CreateFileA

  lstrcatA

  GetWindowsDirectoryA

  GetShortPathNameA

  RemoveDirectoryA

  Sleep

  DeleteFileA

  FindClose

  FindNextFileA

  lstrcpynA

  lstrcmpA

  FindFirstFileA

  lstrlenA

  GetProcAddress

  GetModuleHandleA

  GetVersion

  FormatMessageA

  GetLastError

  SetLastError

  SetCurrentDirectoryA

  CreateDirectoryA

  GetTempFileNameA

  GetTempPathA

  LockResource

  LoadResource

  SizeofResource

  FindResourceA

  FreeResource

  GetFileAttributesA

  GetExitCodeProcess

  WaitForSingleObject

  CreateProcessA

  GetStdHandle

  ExitProcess

  GetStartupInfoA

  GetCommandLineA

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  RtlUnwind

  user32

  wvsprintfA

  MessageBoxA

  wsprintfA

  Sections

  .text

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 940B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 813KB - Virtual size: 813KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ