db5bcad90794e4fb4e99b6fd3a287d682c8f1c202f41a88897d02d99afea8812

Sharing

Copy URL Twitter E-mail

General

Target

db5bcad90794e4fb4e99b6fd3a287d682c8f1c202f41a88897d02d99afea8812
Size

321KB
MD5

84a0a4a2b840913e3e0946c6d932da31
SHA1

cb74bcca3b5d98c5026a654eec8c83c7c30b8701
SHA256

db5bcad90794e4fb4e99b6fd3a287d682c8f1c202f41a88897d02d99afea8812
SHA512

38eaa2424fe750b3d451bb4af1034e26bf977d45ee27ed00add6c5c030fae1c900f07cdad554f66ccca3135a5b628f45c95428ed71f9c50cdbac7854b3f1d565
SSDEEP

6144:YT+FQodd7pswMHScIOq1G/PSRnC2CkErfow:bFhdWycBqwSRC2gcw

Score

N/A

Malware Config

Signatures

Files

db5bcad90794e4fb4e99b6fd3a287d682c8f1c202f41a88897d02d99afea8812
.exe windows x86

09856ea049ee0244c3e890c703547110

Code Sign

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bf
Certificate

Issuer

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

Not Before

13/07/2012, 07:49

Not After

31/12/2039, 23:59

Subject

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

Extended Key Usages

ExtKeyUsageCodeSigning

1b:70:2e:d9:e4:97:6c:dc:81:1d:b5:55:9c:27:ef:58:e2:00:33:b5
Signer

Actual PE Digest

1b:70:2e:d9:e4:97:6c:dc:81:1d:b5:55:9c:27:ef:58:e2:00:33:b5

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

28/10/2022, 15:07
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
GetModuleHandleA
GetProcAddress

user32

LoadIconA

advapi32

RegOpenKeyW
RegCloseKey

Sections

.text
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09856ea049ee0244c3e890c703547110

Code Sign

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bfCertificate

Extended Key Usages

1b:70:2e:d9:e4:97:6c:dc:81:1d:b5:55:9c:27:ef:58:e2:00:33:b5Signer

Signature Validations

Verification

28/10/2022, 15:07 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 273KB - Virtual size: 272KB

.data Size: 40KB - Virtual size: 40KB

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 220B

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bf
Certificate

1b:70:2e:d9:e4:97:6c:dc:81:1d:b5:55:9c:27:ef:58:e2:00:33:b5
Signer

28/10/2022, 15:07
Valid: false

.text
Size: 273KB - Virtual size: 272KB

.data
Size: 40KB - Virtual size: 40KB

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 220B