fcc228ed0772d3b78c673a61b4657a76782d0bafdec5b3ecfa0f24df9997c098

Sharing

Copy URL Twitter E-mail

General

Target

fcc228ed0772d3b78c673a61b4657a76782d0bafdec5b3ecfa0f24df9997c098
Size

75KB
MD5

83c86be3a893d3a1ffda23351b235ad0
SHA1

6ee0a44efc5496624f88b1d77af076d47bf42ffd
SHA256

fcc228ed0772d3b78c673a61b4657a76782d0bafdec5b3ecfa0f24df9997c098
SHA512

6c1f2d9c91dbe88d9a1595b804aadf1cc1eb7cf4cdf072976acac4a6382b291df13c1c9d63b7346a4017bb66e5861a5c2d807daad03f5f1e87c7330bcfed302b
SSDEEP

1536:CVTvvwFiAXNoRkiV5v0e+viqsVtyG3rhwWQvWjbvu+6Dc2QkVUdvq8:CVTv+LaqsvaWQvWHROcf+Udi8

Score

N/A

Malware Config

Signatures

Files

fcc228ed0772d3b78c673a61b4657a76782d0bafdec5b3ecfa0f24df9997c098
.exe windows x64

bc848ef67267e4b960c972b2ffbf89d7

Code Sign

09:e1:dc:9b:1f:56:4b:8f:41:84:12:44:6b:c1:16:74
Certificate

Issuer

CN=Ouzavapegeh

Not Before

20/04/2014, 07:07

Not After

31/12/2039, 23:59

Subject

CN=Ouzavapegeh

a3:0a:79:c2:67:27:96:f2:3c:fe:e4:ed:eb:33:d9:6f:3a:8c:16:d8
Signer

Actual PE Digest

a3:0a:79:c2:67:27:96:f2:3c:fe:e4:ed:eb:33:d9:6f:3a:8c:16:d8

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Ouzavapegeh

28/10/2022, 15:04
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
KeQueryActiveProcessors
ExFreePoolWithTag
RtlCopyLuid
RtlValidSecurityDescriptor
RtlInitUnicodeString
ExGetSharedWaiterCount
MmGetPhysicalAddress
KeQueryTimeIncrement
ExGetExclusiveWaiterCount
FsRtlNormalizeNtstatus
FsRtlDoesNameContainWildCards
KeBugCheckEx

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc848ef67267e4b960c972b2ffbf89d7

Code Sign

09:e1:dc:9b:1f:56:4b:8f:41:84:12:44:6b:c1:16:74Certificate

a3:0a:79:c2:67:27:96:f2:3c:fe:e4:ed:eb:33:d9:6f:3a:8c:16:d8Signer

Signature Validations

Verification

28/10/2022, 15:04 Valid: false

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 20KB

.pdata Size: 512B - Virtual size: 336B

INIT Size: 1024B - Virtual size: 616B

.reloc Size: 10KB - Virtual size: 9KB

09:e1:dc:9b:1f:56:4b:8f:41:84:12:44:6b:c1:16:74
Certificate

a3:0a:79:c2:67:27:96:f2:3c:fe:e4:ed:eb:33:d9:6f:3a:8c:16:d8
Signer

28/10/2022, 15:04
Valid: false

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 20KB

.pdata
Size: 512B - Virtual size: 336B

INIT
Size: 1024B - Virtual size: 616B

.reloc
Size: 10KB - Virtual size: 9KB