311a507e73eba005da70818a39fbd6246426484cc2f0814188a0f44cefbe5320

Sharing

Copy URL

Twitter E-mail

General

Target

311a507e73eba005da70818a39fbd6246426484cc2f0814188a0f44cefbe5320
Size

108KB
MD5

a13d37f191bdcf659299bc7286b3b2b9
SHA1

8e4598dbcecb33525078056172caa38f3b9b61f2
SHA256

311a507e73eba005da70818a39fbd6246426484cc2f0814188a0f44cefbe5320
SHA512

d941a567e81bbda874121d3b2002b4c27ab74b4b72799090a154da5d3d4f2b7905633547b6dcde1600c51a29ffee33ae8344341beeab50b8ef9dca40de00ca0e
SSDEEP

1536:E8f2iJ9d3RPwNiX6ZC8qHlLYHroQH3M6wL0a6Oa2qebmwG:Ei3R40X6ZfqH1YHdM6wv96

Score

N/A

Malware Config

Signatures

Files

311a507e73eba005da70818a39fbd6246426484cc2f0814188a0f44cefbe5320
.exe windows x86

1ad5f863176085678314f32bd0129dca

Code Sign

74:17:55:a4:29:60:2e:ab:4d:cf:83:2c:87:45:1c:b3
Certificate

Issuer

CN=fffff

Not Before

20-06-2013 16:31

Not After

31-12-2039 23:59

Subject

CN=fffff

Extended Key Usages

ExtKeyUsageCodeSigning

19:17:1c:3e:e7:05:c4:b6:83:3b:a5:ca:51:5a:a8:7e:57:56:25:24
Signer

Actual PE Digest

19:17:1c:3e:e7:05:c4:b6:83:3b:a5:ca:51:5a:a8:7e:57:56:25:24

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=fffff

18-10-2022 20:45
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetACP
VirtualAllocEx
GetCurrentProcess
GetTickCount
Sleep
GetComputerNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
DeleteCriticalSection
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetFileAttributesW
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileStringW
SetCurrentDirectoryW
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
CreateThread
FindFirstFileW
FindClose
GetLocaleInfoW
SetLastError
GetLastError
DeleteFileW
CreateDirectoryW
CreateFileW
GetCurrentThread
GetDateFormatW
GetTimeFormatW
GetTapeParameters
ReleaseMutex
CreateMutexW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
ReleaseSemaphore
CreateSemaphoreW
LocalFree
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW
FormatMessageW
CreateProcessW
GlobalFree
LockResource
LoadResource
FindResourceW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
SetFileAttributesW
GetFileInformationByHandle
GetExitCodeThread
GetEnvironmentVariableW
WriteFile
ReadFile
DeviceIoControl
FlushFileBuffers
GetVolumePathNameW
GetUserDefaultLCID
MultiByteToWideChar
SetEvent
CreateEventW
HeapFree
HeapAlloc
GetProcessHeap
SetFilePointer
GetSystemTime
CloseHandle
GetWindowsDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
GetCurrentDirectoryA
GetCurrentDirectoryW
CompareStringW
GetNumberFormatW
SetErrorMode
SetEndOfFile
SetTapePosition
GetTapePosition
EraseTape
WriteTapemark
GetTapeStatus
SetTapeParameters
PrepareTape
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
ExitThread
MoveFileExW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
BackupRead
BackupWrite
CreateHardLinkW
BackupSeek
GetFileSize
LockFile
SetFileShortNameW
SetFileTime
LocalFileTimeToFileTime
GetCompressedFileSizeW
RemoveDirectoryW
WideCharToMultiByte
LoadLibraryA

user32

LoadIconA
LoadCursorA
LoadCursorW
PeekMessageW
EnableWindow
SendMessageW
PostMessageW
GetCapture
SetActiveWindow
GetAsyncKeyState
GetDlgItem
AppendMenuW
wvsprintfW
LoadStringW
GetKeyState
GetWindowRect
ScreenToClient
EnableMenuItem
DeleteMenu
SetClassLongW
IsCharAlphaW
IsCharAlphaNumericW
GetCursorPos
WindowFromPoint
ChildWindowFromPoint
GetSysColor
KillTimer
IsWindowVisible
InvalidateRect
ReleaseDC
GetDC
GetClientRect
LoadBitmapW
DefWindowProcW
PostQuitMessage
CreateDialogParamW
ShowWindow
DestroyWindow
UnregisterClassW
MonitorFromWindow
GetMonitorInfoW
GetFocus
LoadMenuW
GetWindowThreadProcessId
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadImageW
GetMenu
RemoveMenu
GetSubMenu
CreateIconFromResource
LoadIconW
DrawFocusRect
InflateRect
CopyRect
GetActiveWindow
InvalidateRgn
MapDialogRect
SetWindowPos
ExitWindowsEx
SendDlgItemMessageW
SetParent
GetIconInfo
CreateIconIndirect
DestroyIcon
LockSetForegroundWindow
UpdateWindow
SetWindowLongW
ClientToScreen
SetCursor
MessageBoxW
BringWindowToTop
SystemParametersInfoW
FlashWindow
GetDesktopWindow
IsIconic
GetMenuItemID
SetTimer
IsWindow
GetWindowTextLengthW
SetWindowTextW
wsprintfW
GetNextDlgGroupItem
GetWindowTextW
GetWindow
GetWindowLongW
GetParent
GetSystemMetrics
GetMenuItemCount

gdi32

GetObjectW
Polygon
CombineRgn
CreateRectRgn
DeleteObject
GetTextExtentPoint32W
BitBlt
PatBlt
Rectangle
GetMapMode
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectW

msvcrt

realloc
malloc
free
wcsncpy
wcscmp
_wcsicmp
swscanf
wcsstr
_wcslwr
_ftol
wcschr
calloc
wcscat
_wcsupr
memmove
_CxxThrowException
wprintf
wcsncat
_snwprintf
wcspbrk
wcsncmp
_except_handler3
_local_unwind2
_wcsnicmp
_purecall
wcscpy
wcsrchr
wcslen
__CxxFrameHandler
swprintf
_wtoi
isalpha
localtime
_tzset
mktime
_putenv
_errno
fseek
_fdopen
_open_osfhandle
_wcsrev
_wcsdup
fflush
fread
_filelength
_getpid
_mbscpy
_mbslen
_wfopen
wcstok
_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_vsnwprintf
isspace
fclose
ftell
time
clearerr
fwrite

advapi32

RegOpenKeyW
RegOpenKeyExA
QueryServiceStatus
OpenServiceW
StartServiceW
GetUserNameW
RegisterEventSourceW
ReportEventW
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
SetSecurityDescriptorDacl
RegDeleteValueW
AddAccessAllowedAce
RegQueryValueExA
ReadEncryptedFileRaw
WriteEncryptedFileRaw
EnumDependentServicesW
ControlService
OpenEncryptedFileRawW
CloseEncryptedFileRaw
EncryptFileW
DecryptFileW
RegRestoreKeyW
RegLoadKeyW
RegFlushKey
RegUnLoadKeyW
RegReplaceKeyW
RegConnectRegistryW
InitializeAcl
GetAce
EqualSid
DeleteAce
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
LookupAccountSidW
GetTokenInformation
OpenThreadToken
RegSaveKeyW
SetFileSecurityW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data44
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ad5f863176085678314f32bd0129dca

Code Sign

74:17:55:a4:29:60:2e:ab:4d:cf:83:2c:87:45:1c:b3Certificate

Extended Key Usages

19:17:1c:3e:e7:05:c4:b6:83:3b:a5:ca:51:5a:a8:7e:57:56:25:24Signer

Signature Validations

Verification

18-10-2022 20:45 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 1024B - Virtual size: 581B

.data Size: 9KB - Virtual size: 9KB

.data44 Size: 57KB - Virtual size: 57KB

74:17:55:a4:29:60:2e:ab:4d:cf:83:2c:87:45:1c:b3
Certificate

19:17:1c:3e:e7:05:c4:b6:83:3b:a5:ca:51:5a:a8:7e:57:56:25:24
Signer

18-10-2022 20:45
Valid: false

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 1024B - Virtual size: 581B

.data
Size: 9KB - Virtual size: 9KB

.data44
Size: 57KB - Virtual size: 57KB