4a99cd58cc05fcd32afec371e35fcc156a4fa7a0ddf05649ee328f20570efa4d

Sharing

Copy URL Twitter E-mail

General

Target

4a99cd58cc05fcd32afec371e35fcc156a4fa7a0ddf05649ee328f20570efa4d
Size

115KB
MD5

1d0ed6be1f77eb873c1d54801532e6a5
SHA1

c085d8c048063ac6ec90ce416aa49fcf01967e44
SHA256

4a99cd58cc05fcd32afec371e35fcc156a4fa7a0ddf05649ee328f20570efa4d
SHA512

2fbd573c21919c9becc424f5074b049736bbad80d6fda57d7163df0d10ad759f52e7657f49e4713c052069af52918b634723ee9f2cb76d798da22877991b2b19
SSDEEP

3072:VNK3y+fXGRLmDE1p7lUhrBqUzIX4iQvkjp:VNK3y+fXGBaEvezM9

Score

N/A

Malware Config

Signatures

Files

4a99cd58cc05fcd32afec371e35fcc156a4fa7a0ddf05649ee328f20570efa4d
.exe windows x86

57b7136ac10688456dacceb5aba8af4e

Code Sign

5b:92:2b:bd:64:20:41:8e:4d:0f:00:28:f9:ef:2a:19
Certificate

Issuer

CN=yqC94FrNWxZChIUYw7OvJDtVe12iV5H4lTiU94rIyKssmSuOLxCSWv4PxVL4QLHH5f8JoT2WUraIN3RWdg1dk4chBwNeThFdQuo8usGjSpRj8UabCax1tHXkrXIc2VOb9oWFZh39Dh1cKtHRdTsRU6yBshNq9nxKQxnUpaTlNqHlZXUTyXCn5clgufXp1vlxhgRx6eciq1FJ6XqGFzAbjgQWKoMFkvWL7Hi9mQ2WVZlrch1cWKxXPNLST5vKFRb7vKasnHFMa7Kul2zSfikpNDVNXrZgxi2OV8GagIxMmRD2uAdLKMsghOlXolNMmQHGmh

Not Before

11/11/2012, 12:35

Not After

31/12/2039, 23:59

Subject

CN=yqC94FrNWxZChIUYw7OvJDtVe12iV5H4lTiU94rIyKssmSuOLxCSWv4PxVL4QLHH5f8JoT2WUraIN3RWdg1dk4chBwNeThFdQuo8usGjSpRj8UabCax1tHXkrXIc2VOb9oWFZh39Dh1cKtHRdTsRU6yBshNq9nxKQxnUpaTlNqHlZXUTyXCn5clgufXp1vlxhgRx6eciq1FJ6XqGFzAbjgQWKoMFkvWL7Hi9mQ2WVZlrch1cWKxXPNLST5vKFRb7vKasnHFMa7Kul2zSfikpNDVNXrZgxi2OV8GagIxMmRD2uAdLKMsghOlXolNMmQHGmh

Extended Key Usages

ExtKeyUsageCodeSigning

69:4f:41:c6:f1:fb:5c:a6:1f:6b:7d:20:12:c1:fa:a7:fd:39:28:84
Signer

Actual PE Digest

69:4f:41:c6:f1:fb:5c:a6:1f:6b:7d:20:12:c1:fa:a7:fd:39:28:84

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=yqC94FrNWxZChIUYw7OvJDtVe12iV5H4lTiU94rIyKssmSuOLxCSWv4PxVL4QLHH5f8JoT2WUraIN3RWdg1dk4chBwNeThFdQuo8usGjSpRj8UabCax1tHXkrXIc2VOb9oWFZh39Dh1cKtHRdTsRU6yBshNq9nxKQxnUpaTlNqHlZXUTyXCn5clgufXp1vlxhgRx6eciq1FJ6XqGFzAbjgQWKoMFkvWL7Hi9mQ2WVZlrch1cWKxXPNLST5vKFRb7vKasnHFMa7Kul2zSfikpNDVNXrZgxi2OV8GagIxMmRD2uAdLKMsghOlXolNMmQHGmh

06/10/2022, 18:39
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetCommandLineA
lstrlenW
MultiByteToWideChar
CreateEventA
GetCurrentThreadId
lstrcatA
lstrlenA
lstrcmpiA
lstrcpyA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
UnmapViewOfFile
CloseHandle
ReleaseMutex
SetEvent
WaitForSingleObject
CreateProcessA
lstrcpynA
GetCurrentProcessId
DuplicateHandle
GetCurrentProcess
CreateMutexA
MapViewOfFile
CreateFileMappingA
WaitForMultipleObjects
GetModuleFileNameW
OpenProcess
GetLastError
SetUnhandledExceptionFilter
LocalFree
GetModuleHandleA
ExitThread
GetStartupInfoA
SetErrorMode
TerminateProcess
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetCPInfo

msvcrt

memcpy

advapi32

TraceMessage
OpenProcessToken
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
AdjustTokenPrivileges
LookupPrivilegeValueW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegEnumValueW
RegOpenKeyExA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57b7136ac10688456dacceb5aba8af4e

Code Sign

5b:92:2b:bd:64:20:41:8e:4d:0f:00:28:f9:ef:2a:19Certificate

Extended Key Usages

69:4f:41:c6:f1:fb:5c:a6:1f:6b:7d:20:12:c1:fa:a7:fd:39:28:84Signer

Signature Validations

Verification

06/10/2022, 18:39 Valid: false

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 109KB - Virtual size: 108KB

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 348B

5b:92:2b:bd:64:20:41:8e:4d:0f:00:28:f9:ef:2a:19
Certificate

69:4f:41:c6:f1:fb:5c:a6:1f:6b:7d:20:12:c1:fa:a7:fd:39:28:84
Signer

06/10/2022, 18:39
Valid: false

.text
Size: 109KB - Virtual size: 108KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 348B