97c68a041a91ab7257c2ea5444536e1dcab2f9350b9f42080b4d1117d4e8e10d

Sharing

Copy URL Twitter E-mail

General

Target

97c68a041a91ab7257c2ea5444536e1dcab2f9350b9f42080b4d1117d4e8e10d
Size

361KB
MD5

72dc74b97b59347f737ec82c48c988c8
SHA1

6bd51dc6a098f2bbf5223428533c26845974d25d
SHA256

97c68a041a91ab7257c2ea5444536e1dcab2f9350b9f42080b4d1117d4e8e10d
SHA512

27bd09c3ce69e22b23bd2382228406254fa90b485703b38b26554825c8bb41f7fcf50d5b49df151e6c5b52e525d38bf8787396bf838b7fb3daa9c5af4294849e
SSDEEP

6144:VoGUnromIWcIC/b76r+wMXv2GqGfU2qTCDF6oI2+tdEfVRPL9xV:V1nTu+kGs2qaNItdORT9xV

Score

N/A

Malware Config

Signatures

Files

97c68a041a91ab7257c2ea5444536e1dcab2f9350b9f42080b4d1117d4e8e10d
.exe windows x86

e5343039bb297b649d3d7398fbb715b2

Code Sign

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25
Certificate

Issuer

CN=5JCU

Not Before

08/06/2012, 08:28

Not After

31/12/2039, 23:59

Subject

CN=5JCU

Extended Key Usages

ExtKeyUsageCodeSigning

da:75:bd:08:a8:1b:d4:14:47:70:6d:5c:d0:59:c0:30:3c:7e:b3:18
Signer

Actual PE Digest

da:75:bd:08:a8:1b:d4:14:47:70:6d:5c:d0:59:c0:30:3c:7e:b3:18

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=5JCU

29/09/2022, 18:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
CloseHandle
VirtualAllocEx

gdi32

GetStockObject

advapi32

RegCloseKey

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5343039bb297b649d3d7398fbb715b2

Code Sign

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25Certificate

Extended Key Usages

da:75:bd:08:a8:1b:d4:14:47:70:6d:5c:d0:59:c0:30:3c:7e:b3:18Signer

Signature Validations

Verification

29/09/2022, 18:52 Valid: false

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 315KB - Virtual size: 315KB

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 192B

28:d3:eb:57:67:3a:c1:9b:4a:8e:19:84:35:aa:02:25
Certificate

da:75:bd:08:a8:1b:d4:14:47:70:6d:5c:d0:59:c0:30:3c:7e:b3:18
Signer

29/09/2022, 18:52
Valid: false

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 315KB - Virtual size: 315KB

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 192B