malware_smoke_359163455

Sharing

Copy URL Twitter E-mail

General

Target

malware_smoke_359163455
Size

1.2MB
MD5

9b516eb4c342228f2c39b7b0a4096570
SHA1

1b4471db873292414488b2adab71e8e5d076a5b0
SHA256

2bfd891138c7a58a74eab7ad9492b107a675245afd6f0b76d4fb9876be037459
SHA512

2ca8019d0049fd0d21600f0db8813e02874fbeb5b4e7d4e551711900505c1835d02edd6709c28c367f39a3bfacbfab24ac47c3c7f8e8028eb483cf2916cd0ae7
SSDEEP

24576:Dz2NRTtYd39wCZ4SmCH0ysWbL+ApVWJHpjQplpNJ6FnDiXzdzh:DzETSdNwA4SjsxADEtQpl/22Xht

Score

N/A

Malware Config

Signatures

Files

malware_smoke_359163455
.exe windows x86

5211f42fc337737c910e490a48cd2ad0

Code Sign

16:c4:e9:c5:ee:69:79:90:44:35:62:0f:03:66:54:03
Certificate

Issuer

CN=Woodstock EU

Not Before

01/10/2020, 10:00

Not After

02/10/2030, 10:00

Subject

CN=Woodstock EU

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:22:fa:0d:fe:c5:b6:a1:ea:a8:a1:32:e9:4d:c3:33:b5:4a:a4:e4:a0:4e:b9:19:c3:eb:6d:76:d7:45:9a:10
Signer

Actual PE Digest

4d:22:fa:0d:fe:c5:b6:a1:ea:a8:a1:32:e9:4d:c3:33:b5:4a:a4:e4:a0:4e:b9:19:c3:eb:6d:76:d7:45:9a:10

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Woodstock EU

03/10/2022, 12:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

EndDialog

advapi32

RegisterEventSourceW

mscoree

_CorExeMain

comctl32

InitCommonControls

shell32

SHGetDiskFreeSpaceA

Sections

.bss
Size: - Virtual size: 240KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 758KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5211f42fc337737c910e490a48cd2ad0

Code Sign

16:c4:e9:c5:ee:69:79:90:44:35:62:0f:03:66:54:03Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

4d:22:fa:0d:fe:c5:b6:a1:ea:a8:a1:32:e9:4d:c3:33:b5:4a:a4:e4:a0:4e:b9:19:c3:eb:6d:76:d7:45:9a:10Signer

Signature Validations

Verification

03/10/2022, 12:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

mscoree

comctl32

shell32

Sections

.bss Size: - Virtual size: 240KB

.itext Size: 512B - Virtual size: 4KB

.rsrc Size: 758KB - Virtual size: 758KB

.data Size: 94KB - Virtual size: 96KB

16:c4:e9:c5:ee:69:79:90:44:35:62:0f:03:66:54:03
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

4d:22:fa:0d:fe:c5:b6:a1:ea:a8:a1:32:e9:4d:c3:33:b5:4a:a4:e4:a0:4e:b9:19:c3:eb:6d:76:d7:45:9a:10
Signer

03/10/2022, 12:52
Valid: false

.bss
Size: - Virtual size: 240KB

.itext
Size: 512B - Virtual size: 4KB

.rsrc
Size: 758KB - Virtual size: 758KB

.data
Size: 94KB - Virtual size: 96KB