7f7ffa7537820329427b9a55149081ea930a209536166163787817c675a4d4af

Sharing

Copy URL

Twitter E-mail

General

Target

7f7ffa7537820329427b9a55149081ea930a209536166163787817c675a4d4af
Size

339KB
MD5

90eafe9e457828e746d0d8ae9146ffaf
SHA1

4953560bc1182ec5d60698163d8be0597c3ff526
SHA256

7f7ffa7537820329427b9a55149081ea930a209536166163787817c675a4d4af
SHA512

8996c3bb1edc2842c0d802d4bfd956f798545b0c49cdf5782ae340d895984908a58febd2d1c3bf785a9cfe0ea4f46e67d21ffbdb5aa83b498e718e39d3f4a8e0
SSDEEP

6144:NkDptg1n2ViUpLBHYK0GuiksInuULEKxgkmYk+8enu:kptI3oLBH9XuikjFvukmchu

Score

N/A

Malware Config

Signatures

Files

7f7ffa7537820329427b9a55149081ea930a209536166163787817c675a4d4af
.exe windows x86

fb2a9b0a6b0c87efeec424b89f23fd23

Code Sign

0d:69:bb:2c:f9:ec:b5:4b:be:aa:4c:c7:6c:76:07:64
Certificate

Issuer

CN=aHXLqgYVEkLQl6c4RXoTHFNll1TbnylqaNw4S75rdPfqpdSk81S3C3JhP23aU9RoFTt6tnvpeB98NcfxFRYoZZ5vT17TxwYD63TLPse64Kotfcbe7WDjSAT4EXnUSVcYf4BYr5omw9zZlBKtturfgaqyyEHMyV7Kly2FJdjwMtShC6aU9sGDZm24vFE4ZlxPZSgP37qusbdUwDMFXEgZS4fhPlrpCgrCeg2sCmlFww7znsaqaCLOBsLmdMVsG3S4uBKzzJQ1qvKSp5WnoHqGK2q1LWDUpoaDCDvgXnRZXVZz

Not Before

31-10-2012 09:49

Not After

31-12-2039 23:59

Subject

CN=aHXLqgYVEkLQl6c4RXoTHFNll1TbnylqaNw4S75rdPfqpdSk81S3C3JhP23aU9RoFTt6tnvpeB98NcfxFRYoZZ5vT17TxwYD63TLPse64Kotfcbe7WDjSAT4EXnUSVcYf4BYr5omw9zZlBKtturfgaqyyEHMyV7Kly2FJdjwMtShC6aU9sGDZm24vFE4ZlxPZSgP37qusbdUwDMFXEgZS4fhPlrpCgrCeg2sCmlFww7znsaqaCLOBsLmdMVsG3S4uBKzzJQ1qvKSp5WnoHqGK2q1LWDUpoaDCDvgXnRZXVZz

Extended Key Usages

ExtKeyUsageCodeSigning

d2:53:06:06:1f:21:30:b0:5f:05:49:9b:91:32:b6:dd:24:c6:d0:f8
Signer

Actual PE Digest

d2:53:06:06:1f:21:30:b0:5f:05:49:9b:91:32:b6:dd:24:c6:d0:f8

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=aHXLqgYVEkLQl6c4RXoTHFNll1TbnylqaNw4S75rdPfqpdSk81S3C3JhP23aU9RoFTt6tnvpeB98NcfxFRYoZZ5vT17TxwYD63TLPse64Kotfcbe7WDjSAT4EXnUSVcYf4BYr5omw9zZlBKtturfgaqyyEHMyV7Kly2FJdjwMtShC6aU9sGDZm24vFE4ZlxPZSgP37qusbdUwDMFXEgZS4fhPlrpCgrCeg2sCmlFww7znsaqaCLOBsLmdMVsG3S4uBKzzJQ1qvKSp5WnoHqGK2q1LWDUpoaDCDvgXnRZXVZz

18-10-2022 20:51
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
GetModuleHandleW
GetProcAddress
VirtualAllocEx
CreateFileW
GetCPInfo
LocalUnlock
GlobalUnlock
GlobalLock
GetLastError
SetLastError
GetModuleHandleA
GetStartupInfoA
GetFileInformationByHandle
CreateFileMappingW
GlobalFree
GetLocaleInfoW
MulDiv
lstrcpyW
lstrcpynW
LocalFree
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
lstrcmpW
LocalAlloc
lstrlenW
FormatMessageW
CompareStringW
LocalLock
FoldStringW
LoadLibraryA
lstrcmpiW
IsDBCSLeadByte
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
GetLocalTime
SetEndOfFile
WideCharToMultiByte
MapViewOfFile
GetUserDefaultLangID
LocalSize
DeleteFileW
WriteFile
MultiByteToWideChar
UnmapViewOfFile
CloseHandle
GetACP
LocalReAlloc

msvcrt

memcpy
_initterm
__getmainargs
__p__commode
__setusermatherr
_adjust_fdiv
_controlfp
__p__fmode
__set_app_type
_acmdln
exit
_XcptFilter
_exit
_except_handler3
time
localtime
wcsncpy
iswctype
_wtol
wcsncmp

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgExW
ReplaceTextW
GetFileTitleW
ChooseFontW
PageSetupDlgW
CommDlgExtendedError

advapi32

RegOpenKeyExA
RegCloseKey
IsTextUnicode
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA

shell32

DragQueryFileW
DragFinish
ShellAboutW
DragAcceptFiles

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb2a9b0a6b0c87efeec424b89f23fd23

Code Sign

0d:69:bb:2c:f9:ec:b5:4b:be:aa:4c:c7:6c:76:07:64Certificate

Extended Key Usages

d2:53:06:06:1f:21:30:b0:5f:05:49:9b:91:32:b6:dd:24:c6:d0:f8Signer

Signature Validations

Verification

18-10-2022 20:51 Valid: false

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

advapi32

shell32

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 328KB - Virtual size: 328KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 504B

0d:69:bb:2c:f9:ec:b5:4b:be:aa:4c:c7:6c:76:07:64
Certificate

d2:53:06:06:1f:21:30:b0:5f:05:49:9b:91:32:b6:dd:24:c6:d0:f8
Signer

18-10-2022 20:51
Valid: false

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 328KB - Virtual size: 328KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 504B