341e5fd718a44bba6ce76c7bcb3048af814229d0125670dc1615ccc82bbac269

Sharing

Copy URL

Twitter E-mail

General

Target

341e5fd718a44bba6ce76c7bcb3048af814229d0125670dc1615ccc82bbac269
Size

22KB
MD5

80b588ea5457dd83fadbadf8f2f59c4a
SHA1

95fc10e356308b92369232fdd8b90aef0a628c1a
SHA256

341e5fd718a44bba6ce76c7bcb3048af814229d0125670dc1615ccc82bbac269
SHA512

968075d9bf2f6edb964486c40952c741e7d108328da67b2205af04c41ef1cf938666f885c826c01162dd5b07edffdd138901014f0fb00a76447a80f1cf37a5a2
SSDEEP

384:b+RN007sMtAYZByHa+RDVtp8Zqschh4WWieZWgT2tZHA:b+RN77XtAYZByHa+RDVfmQhhdeuHg

Score

N/A

Malware Config

Signatures

Files

341e5fd718a44bba6ce76c7bcb3048af814229d0125670dc1615ccc82bbac269
.exe windows x86

f13f6a9c17b24afcf95906f762f737b4

Code Sign

1b:44:63:08:ea:b6:03:76:b3:86:5a:b3:54:c3:d4:50
Certificate

Issuer

CN=wqefggq235123

Not Before

01/03/2012, 11:19

Not After

31/12/2039, 23:59

Subject

CN=wqefggq235123

Extended Key Usages

ExtKeyUsageCodeSigning

25:06:c4:64:26:ca:b9:dd:ee:1b:b7:3e:b3:31:b6:8e:db:d5:47:3b
Signer

Actual PE Digest

25:06:c4:64:26:ca:b9:dd:ee:1b:b7:3e:b3:31:b6:8e:db:d5:47:3b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=wqefggq235123

18/10/2022, 20:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
IsBadStringPtrW
LCMapStringA
MulDiv
OpenEventW
OpenMutexA
OpenProcess
OpenThread
PeekConsoleInputA
PostQueuedCompletionStatus
Process32First
Process32FirstW
QueryPerformanceCounter
QueueUserWorkItem
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputCharacterA
SetComputerNameW
SetConsoleCP
SetConsoleTitleA
HeapLock
SetThreadPriority
SetupComm
SizeofResource
SystemTimeToFileTime
TlsAlloc
TryEnterCriticalSection
UnlockFile
UnlockFileEx
VerifyVersionInfoA
VirtualQueryEx
WriteConsoleA
WritePrivateProfileSectionW
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringW
_hwrite
lstrcpyA
lstrcpyW
lstrcpyn
HeapDestroy
HeapAlloc
GlobalMemoryStatusEx
GlobalMemoryStatus
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GetWindowsDirectoryA
GetVolumePathNameA
GetVersionExA
GetThreadTimes
GetThreadSelectorEntry
GetThreadContext
GetSystemInfo
GetStringTypeExW
GetStringTypeExA
GetShortPathNameW
GetProfileIntW
GetProcessWorkingSetSize
GetProcessVersion
GetProcessShutdownParameters
GetProcessHeaps
GetProcessAffinityMask
GetModuleHandleA
GetFileAttributesExA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeA
GetDateFormatA
GetConsoleScreenBufferInfo
GetConsoleAliasesLengthW
GetConsoleAliasExesW
GetCalendarInfoW
GetACP
FreeEnvironmentStringsA
FormatMessageA
FindFirstVolumeW
ExitThread
EnumLanguageGroupLocalesW
EnumDateFormatsExW
EnumCalendarInfoExA
DnsHostnameToComputerNameW
DeleteTimerQueueEx
DebugBreak
DebugActiveProcess
CreateThread
CreateProcessW
CreateMailslotW
CreateFileW
CreateDirectoryW
CreateConsoleScreenBuffer
CommConfigDialogA
CancelIo
BackupRead
GetWindowsDirectoryW
GetProcAddress
SetLastError

msvcrt

memset

advapi32

RegOpenKeyA

oleaut32

VarI1FromDate
VarI2FromI1
VarI4FromR4
VarI4FromR8
VarI4FromUI2
VarImp
VarMul
VarNeg
VarPow
VarR4FromDisp
VarR4FromI1
VarR4FromI4
VarR4FromR8
VarR4FromUI1
VarR4FromUI2
VarR8FromDate
VarR8FromI2
VarR8FromStr
VarR8Pow
VarSu
VarUI1FromDec
VarUI1FromStr
VarUI1FromUI4
VarUI2FromDate
VarUI2FromI1
VarUI2FromI2
VarUI2FromR4
VarUI2FromStr
VarUI4FromDec
VarUI4FromI4
VariantCopyInd
VectorFromBstr
VarI1FromCy
VarFormatNumber
VarFormatCurrency
VarDecSu
VarDecInt
VarDecFromUI4
VarDecFromUI2
VarDecFromStr
VarDecFromI2
VarDecFromCy
VarDecDiv
VarDateFromUI4
VarDateFromUI1
VarDateFromR4
VarDateFromDisp
VarDateFromCy
VarCyRound
VarCyMulI4
VarCyFromUI2
VarCyFromDisp
VarCyCmp
VarBstrFromI4
VarBstrFromDisp
VarBstrFromDate
VarBstrFromCy
VarBoolFromR4
VarBoolFromI1
VarBoolFromDisp
VarBoolFromDate
VarBoolFromCy
VARIANT_UserUnmarshal
UnRegisterTypeLi
SysFreeString
SafeArrayGetRecordInfo
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayCreateVectorEx
SafeArrayAccessData
RevokeActiveObject
RegisterActiveObject
OleLoadPicture
OleCreatePropertyFrameIndirect
LoadRegTypeLi
LPSAFEARRAY_Size
LHashValOfNameSysA
LHashValOfNameSys
GetRecordInfoFromTypeInfo
GetErrorInfo
CreateTypeLib2
CreateStdDispatch
SetErrorInfo

imm32

ImmDestroyContext
ImmDestroyIMCC
ImmDestroySoftKeyboard
ImmDisableIME
ImmEnumInputContext
ImmEnumRegisterWordW
ImmEscapeA
ImmEscapeW
ImmGenerateMessage
ImmGetCandidateListA
ImmGetCandidateListCountA
ImmGetCandidateWindow
ImmGetCompositionFontW
ImmGetCompositionStringA
ImmGetCompositionWindow
ImmGetContext
ImmGetConversionListA
ImmGetDefaultIMEWnd
ImmGetDescriptionA
ImmGetDescriptionW
ImmGetGuideLineW
ImmGetIMCCLockCount
ImmGetIMCCSize
ImmGetIMEFileNameA
ImmCreateIMCC
ImmGetImeMenuItemsW
ImmGetOpenStatus
ImmGetProperty
ImmGetRegisterWordStyleA
ImmGetStatusWindowPos
ImmInstallIMEA
ImmInstallIMEW
ImmIsUIMessageA
ImmIsUIMessageW
ImmLockIMC
ImmLockIMCC
ImmNotifyIME
ImmRegisterWordA
ImmRegisterWordW
ImmReleaseContext
ImmRequestMessageA
ImmRequestMessageW
ImmSetCandidateWindow
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionStringA
ImmSetCompositionWindow
ImmSetHotKey
ImmShowSoftKeyboard
ImmSimulateHotKey
ImmGetIMEFileNameW
ImmUnregisterWordA
ImmUnregisterWordW
ImmAssociateContext

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f13f6a9c17b24afcf95906f762f737b4

Code Sign

1b:44:63:08:ea:b6:03:76:b3:86:5a:b3:54:c3:d4:50Certificate

Extended Key Usages

25:06:c4:64:26:ca:b9:dd:ee:1b:b7:3e:b3:31:b6:8e:db:d5:47:3bSigner

Signature Validations

Verification

18/10/2022, 20:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

imm32

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 124B

.text3 Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

1b:44:63:08:ea:b6:03:76:b3:86:5a:b3:54:c3:d4:50
Certificate

25:06:c4:64:26:ca:b9:dd:ee:1b:b7:3e:b3:31:b6:8e:db:d5:47:3b
Signer

18/10/2022, 20:53
Valid: false

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 124B

.text3
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB