b3d2d1d7ade529af610dc714cbb849d4cdb0b5911312380af91bd2c83d972514

Sharing

Copy URL Twitter E-mail

General

Target

b3d2d1d7ade529af610dc714cbb849d4cdb0b5911312380af91bd2c83d972514
Size

75KB
MD5

49ea47877970e2d46e21612adc222a4c
SHA1

85814ed18bcc2457e8b1280099fadab9309b0bfa
SHA256

b3d2d1d7ade529af610dc714cbb849d4cdb0b5911312380af91bd2c83d972514
SHA512

958cf938526dc074d761713f01284c31ada530c5ece60cdb4548b708524d30f7af54c6b80aa936764bb5f53af82955223bec00c0d3da662a0ecc772fcf3c9e45
SSDEEP

1536:QvF5W0junOJBKV9akrjPcbCNd2gb45inYlC30XEuG:KuBjPcWNWi460XzG

Score

N/A

Malware Config

Signatures

Files

b3d2d1d7ade529af610dc714cbb849d4cdb0b5911312380af91bd2c83d972514
.exe windows x64

bc848ef67267e4b960c972b2ffbf89d7

Code Sign

03:d3:bd:ba:d4:c2:57:87:48:85:4a:76:4a:8a:ee:59
Certificate

Issuer

CN=Osyvofileriluyf

Not Before

19/04/2014, 06:10

Not After

31/12/2039, 23:59

Subject

CN=Osyvofileriluyf

11:99:4d:6a:dc:2e:40:44:94:32:89:3a:9b:57:b1:14:17:64:aa:2f
Signer

Actual PE Digest

11:99:4d:6a:dc:2e:40:44:94:32:89:3a:9b:57:b1:14:17:64:aa:2f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Osyvofileriluyf

06/10/2022, 18:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
KeQueryActiveProcessors
ExFreePoolWithTag
RtlCopyLuid
RtlValidSecurityDescriptor
RtlInitUnicodeString
ExGetSharedWaiterCount
MmGetPhysicalAddress
KeQueryTimeIncrement
ExGetExclusiveWaiterCount
FsRtlNormalizeNtstatus
FsRtlDoesNameContainWildCards
KeBugCheckEx

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc848ef67267e4b960c972b2ffbf89d7

Code Sign

03:d3:bd:ba:d4:c2:57:87:48:85:4a:76:4a:8a:ee:59Certificate

11:99:4d:6a:dc:2e:40:44:94:32:89:3a:9b:57:b1:14:17:64:aa:2fSigner

Signature Validations

Verification

06/10/2022, 18:35 Valid: false

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 20KB

.pdata Size: 512B - Virtual size: 324B

INIT Size: 1024B - Virtual size: 616B

.reloc Size: 11KB - Virtual size: 10KB

03:d3:bd:ba:d4:c2:57:87:48:85:4a:76:4a:8a:ee:59
Certificate

11:99:4d:6a:dc:2e:40:44:94:32:89:3a:9b:57:b1:14:17:64:aa:2f
Signer

06/10/2022, 18:35
Valid: false

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 20KB

.pdata
Size: 512B - Virtual size: 324B

INIT
Size: 1024B - Virtual size: 616B

.reloc
Size: 11KB - Virtual size: 10KB