d9c22e3a3e7c8cbbca088b0fb1db9004f45e20c3725ae8609b20c9883a9681f0

Sharing

Copy URL Twitter E-mail

General

Target

d9c22e3a3e7c8cbbca088b0fb1db9004f45e20c3725ae8609b20c9883a9681f0
Size

330KB
MD5

230ae0d72e139cb7f4f331c446449f60
SHA1

adc868d199d37431c045c2c4899e5a28399937c9
SHA256

d9c22e3a3e7c8cbbca088b0fb1db9004f45e20c3725ae8609b20c9883a9681f0
SHA512

6164673b4dea3841dc0ef0a7ccead99f806a1ee6877e6f924d3b5fe6dc9171f52edb53ba5ede79dde9e27889c01c0458737b91fc530f6fc2499b9090eabeaec4
SSDEEP

6144:NUh2kvEeVWz/Td/CJ8CWydwC0E/nv7PyMla6v:OhFVW9aJHuBE/vDyIa6v

Score

N/A

Malware Config

Signatures

Files

d9c22e3a3e7c8cbbca088b0fb1db9004f45e20c3725ae8609b20c9883a9681f0
.exe windows x86

6b05067de9f249b7b0e755305a4fc777

Code Sign

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/02/2015, 00:00

Not After

25/02/2016, 23:59

Subject

CN=Consortium Group ltd,O=Consortium Group ltd,POSTALCODE=00152,STREET=CORNER OF GR.MARLBOROUGH UN GR.GEORGE STR.+STREET=3RD FLOOR\, C&h TOWERS\,,L=ROSEAU,ST=ROSEAU,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cf:b1:31:bb:4b:1e:03:1e:dd:0f:41:3d:b4:26:9b:b5:08:d7:08:c7
Signer

Actual PE Digest

cf:b1:31:bb:4b:1e:03:1e:dd:0f:41:3d:b4:26:9b:b5:08:d7:08:c7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Consortium Group ltd,O=Consortium Group ltd,POSTALCODE=00152,STREET=CORNER OF GR.MARLBOROUGH UN GR.GEORGE STR.+STREET=3RD FLOOR\, C&h TOWERS\,,L=ROSEAU,ST=ROSEAU,C=DM

03/10/2022, 12:53
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

wininet

InternetCloseHandle
HttpEndRequestA
InternetOpenA

kernel32

GetProcAddress
lstrcmpiA
CloseHandle
GetModuleHandleA
GetVersionExA
GetStartupInfoA
GetCommandLineA
GetTickCount
GetVersion
SetErrorMode
WriteFile
ExitProcess
VirtualAlloc
CreateFileA
GetModuleHandleW
ReadFile
GetLastError
DeleteFileW
GetCurrentProcess
GetUserDefaultLangID
SetEndOfFile
GetACP
GetCurrentProcessId
CreateDirectoryW
GetSystemTimeAsFileTime
CreateFileMappingA
SetCurrentDirectoryW
GetCurrentThreadId
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetOEMCP
LoadLibraryA
GetTempPathW
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
CreateThread
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
HeapFree

user32

ShowWindow
CharNextW
RegisterClassExA
MessageBoxA
CreateWindowExA
GetSystemMetrics

gdi32

Rectangle

advapi32

RegCloseKey

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b05067de9f249b7b0e755305a4fc777

Code Sign

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4Certificate

Extended Key Usages

Key Usages

cf:b1:31:bb:4b:1e:03:1e:dd:0f:41:3d:b4:26:9b:b5:08:d7:08:c7Signer

Signature Validations

Verification

03/10/2022, 12:53 Valid: false

Headers

File Characteristics

Imports

comctl32

wininet

kernel32

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 268KB - Virtual size: 267KB

.data Size: 28KB - Virtual size: 24KB

.rsrc Size: 28KB - Virtual size: 27KB

1f:f6:d9:ed:57:4e:c2:a0:99:38:9b:4b:de:6c:6d:c4
Certificate

cf:b1:31:bb:4b:1e:03:1e:dd:0f:41:3d:b4:26:9b:b5:08:d7:08:c7
Signer

03/10/2022, 12:53
Valid: false

.text
Size: 268KB - Virtual size: 267KB

.data
Size: 28KB - Virtual size: 24KB

.rsrc
Size: 28KB - Virtual size: 27KB