2f2985d889619f14097dcc289aa2a72096b50610660136307880971a2e00233d

Sharing

Copy URL Twitter E-mail

General

Target

2f2985d889619f14097dcc289aa2a72096b50610660136307880971a2e00233d
Size

77KB
MD5

54afdfef4941e38c97769b7e5cfea954
SHA1

bb11571d8980acc489f0aa1fc6654985b028729c
SHA256

2f2985d889619f14097dcc289aa2a72096b50610660136307880971a2e00233d
SHA512

a65f927e1a506d11448ac8ae393d89917906afa4c129c564e80f35f4c150d3e60192484fbf534cfc5b107ec3759293cead4ca50cbb1939d35dd7c75bcde1e6e3
SSDEEP

1536:SgKkA3PazWosY8888888888888888888888Y56+2Cl5/zaSrn3:RKZ3oKY8888888888888888888888YNf

Score

N/A

Malware Config

Signatures

Files

2f2985d889619f14097dcc289aa2a72096b50610660136307880971a2e00233d
.exe windows x86

294ce9bc28b68b69bd2f05f90c1f85a4

Code Sign

47:0d:86:bd:ba:16:26:95:44:aa:88:95:be:2c:cc:81
Certificate

Issuer

CN=25151683557949533345121171515932699693552866811531596735277776997288445981575583725665634776385554484373125827589364354986955597557875856515278268931113191

Not Before

23/01/2013, 14:11

Not After

31/12/2039, 23:59

Subject

CN=25151683557949533345121171515932699693552866811531596735277776997288445981575583725665634776385554484373125827589364354986955597557875856515278268931113191

Extended Key Usages

ExtKeyUsageCodeSigning

eb:46:9b:b3:11:86:65:17:89:a8:5c:e3:c0:a7:a8:67:25:0e:bb:80
Signer

Actual PE Digest

eb:46:9b:b3:11:86:65:17:89:a8:5c:e3:c0:a7:a8:67:25:0e:bb:80

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=25151683557949533345121171515932699693552866811531596735277776997288445981575583725665634776385554484373125827589364354986955597557875856515278268931113191

28/10/2022, 15:06
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetProcAddress
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetVersionExA
HeapCreate
HeapDestroy
HeapFree
LCMapStringA
GetEnvironmentStringsW
MultiByteToWideChar
RtlUnwind
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualProtect
WideCharToMultiByte
WriteFile
VirtualAllocEx
GetEnvironmentStrings
GetCurrentThreadId
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
LCMapStringW
DeleteCriticalSection

user32

LookupIconIdFromDirectory
MessageBoxW
PeekMessageW
ReleaseDC
SendDlgItemMessageW
SetCursor
SetDlgItemTextW
SetForegroundWindow
SystemParametersInfoW
LoadIconA
LoadStringW
LoadCursorW
GetSystemMetrics
GetSystemMenu
GetLastActivePopup
GetDlgItem
GetDC
GetClientRect
EnableMenuItem
DispatchMessageW
DestroyWindow
CreateDialogParamW
CharNextW
CopyRect

gdi32

GetStockObject
GetTextExtentPointW
GetTextExtentExPointW
GetDeviceCaps

advapi32

RegOpenKeyExA

shell32

SHGetPathFromIDListW
SHChangeNotify
SHAddToRecentDocs
FindExecutableW
SHGetSpecialFolderLocation
ShellExecuteExW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

294ce9bc28b68b69bd2f05f90c1f85a4

Code Sign

47:0d:86:bd:ba:16:26:95:44:aa:88:95:be:2c:cc:81Certificate

Extended Key Usages

eb:46:9b:b3:11:86:65:17:89:a8:5c:e3:c0:a7:a8:67:25:0e:bb:80Signer

Signature Validations

Verification

28/10/2022, 15:06 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 602B

47:0d:86:bd:ba:16:26:95:44:aa:88:95:be:2c:cc:81
Certificate

eb:46:9b:b3:11:86:65:17:89:a8:5c:e3:c0:a7:a8:67:25:0e:bb:80
Signer

28/10/2022, 15:06
Valid: false

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 602B