General

Malware Config

Signatures

Files

• file.exe

  .exe windows x86

  
  

  Code Sign

  1f:0f:a5:d4:fc:6f:07:8f:49:d0:15:ca:d1:47:a3:7e

  Certificate

  Issuer

  CN=ᗫ€ÉᖘĈọỚℓ ǭŲaήŦa ƊǬ850-♏-℣2ĺ (Aテ⏆ 2.31 850Ꮃ ᶂùᏁᏁ ČaხᏝĖ ʍaήaᎶĖ♏ėŇ干 קಎʍ 120ᶆ♍ Ḟaή AĆテÌ✔È ҏƒċ 80 ᶃổȴđ) ᏒĖT

  Not Before

  03-10-2022 12:30

  Not After

  04-10-2032 12:30

  Subject

  CN=ᗫ€ÉᖘĈọỚℓ ǭŲaήŦa ƊǬ850-♏-℣2ĺ (Aテ⏆ 2.31 850Ꮃ ᶂùᏁᏁ ČaხᏝĖ ʍaήaᎶĖ♏ėŇ干 קಎʍ 120ᶆ♍ Ḟaή AĆテÌ✔È ҏƒċ 80 ᶃổȴđ) ᏒĖT

  90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  11-05-2022 00:00

  Not After

  10-08-2033 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  fe:23:6d:2f:5c:43:e2:9d:80:af:6b:84:91:08:23:11:5a:e0:aa:ca:76:e2:8b:f9:d9:be:a9:41:76:79:a1:c0

  Signer

  Actual PE Digest

  fe:23:6d:2f:5c:43:e2:9d:80:af:6b:84:91:08:23:11:5a:e0:aa:ca:76:e2:8b:f9:d9:be:a9:41:76:79:a1:c0

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=ᗫ€ÉᖘĈọỚℓ ǭŲaήŦa ƊǬ850-♏-℣2ĺ (Aテ⏆ 2.31 850Ꮃ ᶂùᏁᏁ ČaხᏝĖ ʍaήaᎶĖ♏ėŇ干 קಎʍ 120ᶆ♍ Ḟaή AĆテÌ✔È ҏƒċ 80 ᶃổȴđ) ᏒĖT

  03-10-2022 12:42

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Sections

  Size: 96KB - Virtual size: 202KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  Size: 25KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: 2KB - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  Size: 9KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 617KB - Virtual size: 616KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .themida

  Size: - Virtual size: 5.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .boot

  Size: 2.5MB - Virtual size: 2.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ