cf4b92d43353ab673f0dc4e1732da113d99ccc7e5f2dd93b9a82e63672480bd9

Sharing

Copy URL Twitter E-mail

General

Target

cf4b92d43353ab673f0dc4e1732da113d99ccc7e5f2dd93b9a82e63672480bd9
Size

58KB
MD5

92acca2f7ef92fbb30e652ea84d8b67f
SHA1

c6d5b973993b5919f2abfc5fa92826e053eb4c1e
SHA256

cf4b92d43353ab673f0dc4e1732da113d99ccc7e5f2dd93b9a82e63672480bd9
SHA512

0ba836bd442286b0ee7b9e2c9c8f3a4f0b175844032dc80e360a8f3ea4fe9a71729cfd438bab3c71c6348e9d77c9170e2ad8c12d94ba81496bfa5b284cceb44f
SSDEEP

768:DPIpmAMeUsJuhyzx3TFe/w0ffRU/m/ybVFcvzpIbaBUCbVf8uIXzKAjHslK1ycDF:DQpJPDEw0fum/CszWEVPCOk

Score

N/A

Malware Config

Signatures

Files

cf4b92d43353ab673f0dc4e1732da113d99ccc7e5f2dd93b9a82e63672480bd9
.exe windows x86

5fa0ca4845583b09bb649ce85018225d

Code Sign

4a:7b:a7:ae:bc:75:9a:47:ba:6b:5d:9e:5a:30:47:91
Certificate

Issuer

CN=2612347613

Not Before

05/03/2012, 08:51

Not After

31/12/2039, 23:59

Subject

CN=2612347613

Extended Key Usages

ExtKeyUsageCodeSigning

95:bd:94:70:36:3b:0f:c7:6b:39:f9:8e:c5:b4:aa:ff:9c:c9:bc:ba
Signer

Actual PE Digest

95:bd:94:70:36:3b:0f:c7:6b:39:f9:8e:c5:b4:aa:ff:9c:c9:bc:ba

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=2612347613

28/10/2022, 15:07
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32ListFirst
Heap32Next
HeapWalk
InterlockedDecrement
IsDBCSLeadByteEx
IsSystemResumeAutomatic
LocalFlags
LocalSize
OpenFile
OpenMutexW
PeekNamedPipe
PurgeComm
ReadFileScatter
RequestWakeupLatency
ResetWriteWatch
SetComputerNameExW
SetCurrentDirectoryA
SetLocaleInfoW
SetProcessWorkingSetSize
SetSystemPowerState
GlobalUnlock
SetThreadContext
SetThreadIdealProcessor
SetUnhandledExceptionFilter
SetVolumeLabelA
SignalObjectAndWait
SystemTimeToFileTime
TerminateThread
UnlockFile
UnlockFileEx
UnregisterWait
UpdateResourceW
VirtualFree
VirtualUnlock
WideCharToMultiByte
WriteConsoleOutputAttribute
WriteConsoleOutputW
WritePrivateProfileStringA
WritePrivateProfileStructA
WriteProfileSectionW
GlobalUnfix
GlobalMemoryStatusEx
GetVolumeInformationA
GetUserDefaultUILanguage
GetThreadTimes
GetThreadSelectorEntry
GetTempPathA
GetTapePosition
GetSystemWindowsDirectoryA
GetSystemTimeAsFileTime
GetSystemDefaultLangID
GetPrivateProfileStructW
GetPrivateProfileStringA
CreateFileA
GetPrivateProfileSectionA
GetModuleHandleA
GetLogicalDrives
GetFullPathNameA
GetExitCodeThread
GetEnvironmentStringsW
GetCurrentDirectoryW
GetCurrentConsoleFont
GetConsoleScreenBufferInfo
GetConsoleAliasExesLengthW
FreeResource
FindNextVolumeMountPointW
FindNextFileW
FindFirstFileA
FindCloseChangeNotification
FindAtomW
EscapeCommFunction
EnumTimeFormatsW
EnumSystemLanguageGroupsW
EnumLanguageGroupLocalesW
EndUpdateResourceW
DisconnectNamedPipe
DeleteTimerQueueTimer
DeleteFileW
DeleteFileA
DebugBreak
CreateWaitableTimerW
CreatePipe
CreateHardLinkA
CreateFileW
CreateDirectoryA
CreateConsoleScreenBuffer
CopyFileW
CopyFileExA
ConvertThreadToFiber
CancelIo
BuildCommDCBW
BuildCommDCBA
Beep
BackupRead
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
SetThreadAffinityMask

user32

GetSystemMetrics

advapi32

RegOpenKeyExA

shell32

SHCreateDirectoryExW
Shell_NotifyIcon
ShellHookProc
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
ShellAboutW
ShellAboutA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadInProc
SHIsFileAvailableOffline
SHInvokePrinterCommandW
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragQueryFile
DragQueryFileA
DuplicateIcon
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHLoadNonloadedIconOverlayIdentifiers
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHInvokePrinterCommandA

shlwapi

StrChrIA
StrChrW
StrCmpNA
StrStrIA
StrRStrIW
StrRStrIA
StrRChrW
StrRChrIW
StrRChrIA
StrRChrA
StrCmpNIW
StrCmpNIA

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
DrawStatusText
ord5
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_SetScrollInfo
FlatSB_SetScrollProp
FlatSB_SetScrollRange
FlatSB_ShowScrollBar
GetMUILanguage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_GetImageRect
ImageList_LoadImage
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_SetImageCount
InitCommonControlsEx
InitMUILanguage
InitializeFlatSB
ord14
ord2
PropertySheet
PropertySheetA
PropertySheetW
ord3
ImageList_Draw
UninitializeFlatSB
_TrackMouseEvent
ord8

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fa0ca4845583b09bb649ce85018225d

Code Sign

4a:7b:a7:ae:bc:75:9a:47:ba:6b:5d:9e:5a:30:47:91Certificate

Extended Key Usages

95:bd:94:70:36:3b:0f:c7:6b:39:f9:8e:c5:b4:aa:ff:9c:c9:bc:baSigner

Signature Validations

Verification

28/10/2022, 15:07 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 512B - Virtual size: 204B

.d1 Size: 1024B - Virtual size: 1000B

.d2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 33KB

4a:7b:a7:ae:bc:75:9a:47:ba:6b:5d:9e:5a:30:47:91
Certificate

95:bd:94:70:36:3b:0f:c7:6b:39:f9:8e:c5:b4:aa:ff:9c:c9:bc:ba
Signer

28/10/2022, 15:07
Valid: false

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 512B - Virtual size: 204B

.d1
Size: 1024B - Virtual size: 1000B

.d2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 33KB