770e7c19a554a3e4442daee1c0e9f07ffff3bde3d6331abacafabc8173a6e0fc

Sharing

Copy URL Twitter E-mail

General

Target

770e7c19a554a3e4442daee1c0e9f07ffff3bde3d6331abacafabc8173a6e0fc
Size

445KB
MD5

850d90d0654870762d9d0073880c7085
SHA1

8d3c01516eabac9ab45d6d57ccb4c2d3f2d63fcb
SHA256

770e7c19a554a3e4442daee1c0e9f07ffff3bde3d6331abacafabc8173a6e0fc
SHA512

4891a06c045b3b3a864936a660bd0859f0b469554c00ddcb8f1a635698d3af1eb9905e9a9918628409727895b2351590d0ce72973293ce88d1090ac3cf1c211b
SSDEEP

6144:RyJwXza4frjZDiOeNfTKCYCNx6RX1r8nXxXIejPV4LVIP3be0t:RyJwXe4PVzeN7KCYCHUsXxjKGHt

Score

N/A

Malware Config

Signatures

Files

770e7c19a554a3e4442daee1c0e9f07ffff3bde3d6331abacafabc8173a6e0fc
.exe windows x86

e2ce9dcebb5d1ac84baf52079e8054c0

Code Sign

4a:a4:37:62:d9:53:77:64:b9:75:8f:fe:83:08:57:36
Certificate

Issuer

CN=DUHSLCGBWLEVDBUHQHQLZSMVQDFAYCGGSZPWQZGSUNNXTGOPLWBTMJEWPWOOXIXTLGJNPLUODIWZPIANDELAAYUWEUAXGZIVUFXYXCAENHWGJMXGQYEQSKTVVXRWUAXOAPNQGEQVDAEDVLIPLUJHVFYLPIQOKXLRXBHLLKQSWCFKBLTIUMEXUJOGEDVJFRFVAJIJMANSICLCEHEWKTPSDJINYLDYKVUHNGOVMXBMQSENNFWNWKNFPIFJZLHHLLFHEMVMVHPNSPPHODQGHEUFCVTPXHYPVEZSMYZGYDUBALWFXKOYMYDTQAUWCGTKHCXGPMQJLTRDUAZNJWFEXQFEMMPPOODMQYGKHYKGCBUNUBYPVZOHQBMDXMWZXNNYYVQLZHTSVPYVNKNFLTZMNFMPLSRAMKEDJNELVLCVUGMLCXMHLQFRYBMRTKOLGQIRGGIFNKUYDQCMKJNEGQKPZPUWRJKUVNBMBWZJNEYPISXXUSDLKJGTJUOYFXMKMMKULQJHWUUTXCKLKWWWQWPLOUWXLWNKFZHBELGEHJGPPXMOAUBQVTYRNQRDSPRQNNNCGRSYFZHOFTNNBMZCAFBJBMWFLBMUSOWWUFFKPTUJWWFKOYWZKXEDLLGZFRUIRQZUAOSZFWLCRXSBHFTGHBVITSNQVKALZJIKKQNBJNWZZCOCQLQDFJCFRNGQESXEVHLQMYIQBZSRIGSXQRMEVEKSMCZRJRPHCBQQZPHRYMJAIQMRZCBEYFPPGTCTOWQKHIFWWCYTJIFDUBRKBWCGNWWJOUYFFJZVRVIBDOFHIUOMRYMUWEFTSAXKTNSOUUATAFBFZQLNKINTCDKJBHZJTATUSIPSBHNAVIJRVNKKXFFZJCMMZMUZEVVJEQOTWPSKHWEZDVGTUZRJWSBEPBZWMYAUIWQCEWCIESGZOWOCQZTNGNZIPIVMLHQNCMPLFXTBZSJWZJITSTGGEOKPFRMQAKHVDZGUGZBRVSBZKPWVXUXSPHYLKMAJFJCQPXGJUWUZMQVCXJZGVQHGPXQBVEKAHUOTLUDSLZFOKKEEVCXRRXZOIXWKRGMGPTNTFFKRADXVRBKLPQFOIDKQFNMIYDBYSXIABWMIMUXYANSNWKXDIAWRSJRIEKVGGKSPYIPBYVRWVWGEJHKKWFPFPRDTPOJSDASMIIYOPUAHGECNAWMFVKUBPEWTBFEAHZWHKPRSYPFTXOEZYCKDQIMHUDJFFARFYBEOZVTVMVWOFCJFJMVMOTQHIJLUDOEQKNWMOUDIZOCTFZKDQESLILDSMDJZUNWWCGTEIJPBIIIFOKAAJSOYMHSLSKUAQQYTRPYJBJXBNILOQOSKEHERCCBTQMVYVPJLYLARFRQRVESFJTAAAMVDZTUBBIZOGGCLUGXNXDKPOBVJMGIZWPFOPFJFXKBLIJZKJZYAWTPRFTXZHJYQXGJBAKFFGRKZGTUJWCZDPLPCMKJXRKAQLUTKZHPKIQRHTHDOURDOEFQKEXFOJVSXAYHGZYUKOKBJIWQPPFAVHDXHHNRJOABPFCEZAIVDNMZWCLSIBVPGJGLVYBMJGKXHWBFTVOVTWAKHUXTVBEHVLPHJLYUMALDRXELNUUQTNRQYVIANPIWKGJGKFCCJBRMULLJBZBDUNPLWISTDXZN

Not Before

21/12/2012, 17:51

Not After

31/12/2039, 23:59

Subject

CN=DUHSLCGBWLEVDBUHQHQLZSMVQDFAYCGGSZPWQZGSUNNXTGOPLWBTMJEWPWOOXIXTLGJNPLUODIWZPIANDELAAYUWEUAXGZIVUFXYXCAENHWGJMXGQYEQSKTVVXRWUAXOAPNQGEQVDAEDVLIPLUJHVFYLPIQOKXLRXBHLLKQSWCFKBLTIUMEXUJOGEDVJFRFVAJIJMANSICLCEHEWKTPSDJINYLDYKVUHNGOVMXBMQSENNFWNWKNFPIFJZLHHLLFHEMVMVHPNSPPHODQGHEUFCVTPXHYPVEZSMYZGYDUBALWFXKOYMYDTQAUWCGTKHCXGPMQJLTRDUAZNJWFEXQFEMMPPOODMQYGKHYKGCBUNUBYPVZOHQBMDXMWZXNNYYVQLZHTSVPYVNKNFLTZMNFMPLSRAMKEDJNELVLCVUGMLCXMHLQFRYBMRTKOLGQIRGGIFNKUYDQCMKJNEGQKPZPUWRJKUVNBMBWZJNEYPISXXUSDLKJGTJUOYFXMKMMKULQJHWUUTXCKLKWWWQWPLOUWXLWNKFZHBELGEHJGPPXMOAUBQVTYRNQRDSPRQNNNCGRSYFZHOFTNNBMZCAFBJBMWFLBMUSOWWUFFKPTUJWWFKOYWZKXEDLLGZFRUIRQZUAOSZFWLCRXSBHFTGHBVITSNQVKALZJIKKQNBJNWZZCOCQLQDFJCFRNGQESXEVHLQMYIQBZSRIGSXQRMEVEKSMCZRJRPHCBQQZPHRYMJAIQMRZCBEYFPPGTCTOWQKHIFWWCYTJIFDUBRKBWCGNWWJOUYFFJZVRVIBDOFHIUOMRYMUWEFTSAXKTNSOUUATAFBFZQLNKINTCDKJBHZJTATUSIPSBHNAVIJRVNKKXFFZJCMMZMUZEVVJEQOTWPSKHWEZDVGTUZRJWSBEPBZWMYAUIWQCEWCIESGZOWOCQZTNGNZIPIVMLHQNCMPLFXTBZSJWZJITSTGGEOKPFRMQAKHVDZGUGZBRVSBZKPWVXUXSPHYLKMAJFJCQPXGJUWUZMQVCXJZGVQHGPXQBVEKAHUOTLUDSLZFOKKEEVCXRRXZOIXWKRGMGPTNTFFKRADXVRBKLPQFOIDKQFNMIYDBYSXIABWMIMUXYANSNWKXDIAWRSJRIEKVGGKSPYIPBYVRWVWGEJHKKWFPFPRDTPOJSDASMIIYOPUAHGECNAWMFVKUBPEWTBFEAHZWHKPRSYPFTXOEZYCKDQIMHUDJFFARFYBEOZVTVMVWOFCJFJMVMOTQHIJLUDOEQKNWMOUDIZOCTFZKDQESLILDSMDJZUNWWCGTEIJPBIIIFOKAAJSOYMHSLSKUAQQYTRPYJBJXBNILOQOSKEHERCCBTQMVYVPJLYLARFRQRVESFJTAAAMVDZTUBBIZOGGCLUGXNXDKPOBVJMGIZWPFOPFJFXKBLIJZKJZYAWTPRFTXZHJYQXGJBAKFFGRKZGTUJWCZDPLPCMKJXRKAQLUTKZHPKIQRHTHDOURDOEFQKEXFOJVSXAYHGZYUKOKBJIWQPPFAVHDXHHNRJOABPFCEZAIVDNMZWCLSIBVPGJGLVYBMJGKXHWBFTVOVTWAKHUXTVBEHVLPHJLYUMALDRXELNUUQTNRQYVIANPIWKGJGKFCCJBRMULLJBZBDUNPLWISTDXZN

Extended Key Usages

ExtKeyUsageCodeSigning

c1:59:91:90:9a:9e:68:c1:1b:10:4b:1b:89:3d:19:27:c2:2f:19:dd
Signer

Actual PE Digest

c1:59:91:90:9a:9e:68:c1:1b:10:4b:1b:89:3d:19:27:c2:2f:19:dd

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=DUHSLCGBWLEVDBUHQHQLZSMVQDFAYCGGSZPWQZGSUNNXTGOPLWBTMJEWPWOOXIXTLGJNPLUODIWZPIANDELAAYUWEUAXGZIVUFXYXCAENHWGJMXGQYEQSKTVVXRWUAXOAPNQGEQVDAEDVLIPLUJHVFYLPIQOKXLRXBHLLKQSWCFKBLTIUMEXUJOGEDVJFRFVAJIJMANSICLCEHEWKTPSDJINYLDYKVUHNGOVMXBMQSENNFWNWKNFPIFJZLHHLLFHEMVMVHPNSPPHODQGHEUFCVTPXHYPVEZSMYZGYDUBALWFXKOYMYDTQAUWCGTKHCXGPMQJLTRDUAZNJWFEXQFEMMPPOODMQYGKHYKGCBUNUBYPVZOHQBMDXMWZXNNYYVQLZHTSVPYVNKNFLTZMNFMPLSRAMKEDJNELVLCVUGMLCXMHLQFRYBMRTKOLGQIRGGIFNKUYDQCMKJNEGQKPZPUWRJKUVNBMBWZJNEYPISXXUSDLKJGTJUOYFXMKMMKULQJHWUUTXCKLKWWWQWPLOUWXLWNKFZHBELGEHJGPPXMOAUBQVTYRNQRDSPRQNNNCGRSYFZHOFTNNBMZCAFBJBMWFLBMUSOWWUFFKPTUJWWFKOYWZKXEDLLGZFRUIRQZUAOSZFWLCRXSBHFTGHBVITSNQVKALZJIKKQNBJNWZZCOCQLQDFJCFRNGQESXEVHLQMYIQBZSRIGSXQRMEVEKSMCZRJRPHCBQQZPHRYMJAIQMRZCBEYFPPGTCTOWQKHIFWWCYTJIFDUBRKBWCGNWWJOUYFFJZVRVIBDOFHIUOMRYMUWEFTSAXKTNSOUUATAFBFZQLNKINTCDKJBHZJTATUSIPSBHNAVIJRVNKKXFFZJCMMZMUZEVVJEQOTWPSKHWEZDVGTUZRJWSBEPBZWMYAUIWQCEWCIESGZOWOCQZTNGNZIPIVMLHQNCMPLFXTBZSJWZJITSTGGEOKPFRMQAKHVDZGUGZBRVSBZKPWVXUXSPHYLKMAJFJCQPXGJUWUZMQVCXJZGVQHGPXQBVEKAHUOTLUDSLZFOKKEEVCXRRXZOIXWKRGMGPTNTFFKRADXVRBKLPQFOIDKQFNMIYDBYSXIABWMIMUXYANSNWKXDIAWRSJRIEKVGGKSPYIPBYVRWVWGEJHKKWFPFPRDTPOJSDASMIIYOPUAHGECNAWMFVKUBPEWTBFEAHZWHKPRSYPFTXOEZYCKDQIMHUDJFFARFYBEOZVTVMVWOFCJFJMVMOTQHIJLUDOEQKNWMOUDIZOCTFZKDQESLILDSMDJZUNWWCGTEIJPBIIIFOKAAJSOYMHSLSKUAQQYTRPYJBJXBNILOQOSKEHERCCBTQMVYVPJLYLARFRQRVESFJTAAAMVDZTUBBIZOGGCLUGXNXDKPOBVJMGIZWPFOPFJFXKBLIJZKJZYAWTPRFTXZHJYQXGJBAKFFGRKZGTUJWCZDPLPCMKJXRKAQLUTKZHPKIQRHTHDOURDOEFQKEXFOJVSXAYHGZYUKOKBJIWQPPFAVHDXHHNRJOABPFCEZAIVDNMZWCLSIBVPGJGLVYBMJGKXHWBFTVOVTWAKHUXTVBEHVLPHJLYUMALDRXELNUUQTNRQYVIANPIWKGJGKFCCJBRMULLJBZBDUNPLWISTDXZN

28/10/2022, 15:02
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

user32

GetWindowRect
IsDlgButtonChecked
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
GetWindowLongA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetWindowLongA
ShowWindow
wsprintfA
GetSystemMetrics
GetParent
GetDlgItemTextA
GetDlgItem
GetDC
EnableWindow
CheckRadioButton
CheckDlgButton
CharPrevA
CharNextA
CallWindowProcA
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA

gdi32

PlayEnhMetaFile
GetObjectA
GetDeviceCaps
DeleteObject
CreateFontIndirectA
CreateEnhMetaFileA
Rectangle
MoveToEx
LineTo
CloseEnhMetaFile
DeleteEnhMetaFile
GetEnhMetaFileA
GetStockObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyW

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2ce9dcebb5d1ac84baf52079e8054c0

Code Sign

4a:a4:37:62:d9:53:77:64:b9:75:8f:fe:83:08:57:36Certificate

Extended Key Usages

c1:59:91:90:9a:9e:68:c1:1b:10:4b:1b:89:3d:19:27:c2:2f:19:ddSigner

Signature Validations

Verification

28/10/2022, 15:02 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

comctl32

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 377KB - Virtual size: 376KB

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 41KB - Virtual size: 40KB

4a:a4:37:62:d9:53:77:64:b9:75:8f:fe:83:08:57:36
Certificate

c1:59:91:90:9a:9e:68:c1:1b:10:4b:1b:89:3d:19:27:c2:2f:19:dd
Signer

28/10/2022, 15:02
Valid: false

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 377KB - Virtual size: 376KB

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 41KB - Virtual size: 40KB