244c65d33272dec3964703c06662a1d33a0dab6d9b8b28cf5dfe691cf421559e

Sharing

Copy URL Twitter E-mail

General

Target

244c65d33272dec3964703c06662a1d33a0dab6d9b8b28cf5dfe691cf421559e
Size

35KB
MD5

0041be81a30daeaded6a86db40822370
SHA1

aaba8ce21c05ddb7745b3e88ea53cd2832e876ea
SHA256

244c65d33272dec3964703c06662a1d33a0dab6d9b8b28cf5dfe691cf421559e
SHA512

aa6c54ea90fecea97b6bfee45c81e64478ad33f75306a264f7f5821e7a654e7cf0e256f3da1525057cecb8c118fb5189ced8d1787f4abea1766c8664b5842a72
SSDEEP

768:jMHk8Re/AgDJfPaSoQdM8SRK9Ucn/TKMXyF:jMdsdJfPaFiMNK9I

Score

N/A

Malware Config

Signatures

Files

244c65d33272dec3964703c06662a1d33a0dab6d9b8b28cf5dfe691cf421559e
.exe windows x86

c3e0acd3c0cea0bfc85054daca995d8c

Code Sign

70:8f:04:46:ac:d3:ed:b0:4a:fe:69:fe:58:e9:f5:4d
Certificate

Issuer

CN=a

Not Before

12/02/2013, 05:39

Not After

31/12/2039, 23:59

Subject

CN=a

Extended Key Usages

ExtKeyUsageCodeSigning

3a:20:9f:0c:b2:cd:e0:72:74:d7:a7:ba:80:71:90:c3:84:39:f6:0e
Signer

Actual PE Digest

3a:20:9f:0c:b2:cd:e0:72:74:d7:a7:ba:80:71:90:c3:84:39:f6:0e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=a

28/10/2022, 15:08
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
VirtualAlloc

user32

TranslateMessage
SetForegroundWindow
SetCursorPos
SetCapture
ReleaseCapture
RegisterWindowMessageA
PostQuitMessage
PostMessageA
PeekMessageA
LoadIconA
IsIconic
GetMessageA
GetMenu
GetCursorPos
FindWindowA
EndPaint
DispatchMessageA

gdi32

StretchDIBits
GetStockObject
SetTextColor
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreatePalette
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetLayout
GetObjectA
GetPaletteEntries
SetSystemPaletteUse
GetSystemPaletteEntries
RealizePalette
ResizePalette
SelectObject
SelectPalette
SetBkMode
SetLayout
SetPaletteEntries

advapi32

RegQueryInfoKeyA
GetUserNameA
RegCloseKey
SetFileSecurityW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
GetFileSecurityW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyA
RegCreateKeyExW
RegCreateKeyExA

msvcrt

memcpy

Sections

.textRR
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3e0acd3c0cea0bfc85054daca995d8c

Code Sign

70:8f:04:46:ac:d3:ed:b0:4a:fe:69:fe:58:e9:f5:4dCertificate

Extended Key Usages

3a:20:9f:0c:b2:cd:e0:72:74:d7:a7:ba:80:71:90:c3:84:39:f6:0eSigner

Signature Validations

Verification

28/10/2022, 15:08 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.textRR Size: 1024B - Virtual size: 546B

.text Size: 24KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 132B

.rdata3 Size: 512B - Virtual size: 100B

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 1024B - Virtual size: 976B

70:8f:04:46:ac:d3:ed:b0:4a:fe:69:fe:58:e9:f5:4d
Certificate

3a:20:9f:0c:b2:cd:e0:72:74:d7:a7:ba:80:71:90:c3:84:39:f6:0e
Signer

28/10/2022, 15:08
Valid: false

.textRR
Size: 1024B - Virtual size: 546B

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 132B

.rdata3
Size: 512B - Virtual size: 100B

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 1024B - Virtual size: 976B