c051e62653ce8d0427531ff05a0503670722cf9e451c78c05c07c66b2732166c

Sharing

Copy URL

Twitter E-mail

General

Target

c051e62653ce8d0427531ff05a0503670722cf9e451c78c05c07c66b2732166c
Size

298KB
MD5

a26331eb5155d7a7833f30c8b1b33175
SHA1

68e18aaec0c3b13d2ca14118d14792715f2c5185
SHA256

c051e62653ce8d0427531ff05a0503670722cf9e451c78c05c07c66b2732166c
SHA512

b91d3be6b169dd7938ae8405d0b6df3c7605dffd4923a6ac2a25315f5f99bcb4ebc48dca372487a658a9b830614e0347beb7ff40daef21709d491627104bb610
SSDEEP

6144:K5lK88WsXdAPS4Q3nZDOfpSJ6BzaKIlohFB7z:+lK8wXdV4Q3nZe4J6BmKI6LB/

Score

N/A

Malware Config

Signatures

Files

c051e62653ce8d0427531ff05a0503670722cf9e451c78c05c07c66b2732166c
.exe windows x86

fd2bc81375c8eea9c300470fb3633ece

Code Sign

72:ad:2f:55:34:83:dc:5a:be:26:99:20:0f:02:73:75
Certificate

Issuer

CN=ddhbdfdab3jkgddcjii3fchcd3ijfgdlhhhjjahchh3ca3il2lfbgj113c3amajjdad3hllc3mm1ai1fjm2ckcjj2edl2fkljkibjai2fbk33gkacgcahjflibejhmi1hcd3c3lb3kbbi1lhkhj2igdd3dc1demkei1afeiblmk3jgec333giik2ci21acfgbi3mgclaflllcfbehkkcheifi1efahjfmcae2ffaclikggc3ekbegmc3d2beilfgkggjh32lbdggkmaac1kcjie1aj3a22kf1deea3el1if2gehaiegegh3ag1gbkidibl2bhimfjcggfemhh3jkhfkbgj3ejm3g11f33jckegifdjmhladggbgj2lamjdf2bligmhiki2hh3jg2jicachhmdfmaj3b3iig1gbg1kab1ldekcjedlkjmhfik1lhdjgkdg1lmhg21m2dcbgfade1gg1ejlmb3dhbli1mkiiiaikkl1d3mcj1eg3bclm2icadmlgghbbgej2cgedla1gilhmm1gagmldjcalkbbj1mkmacblakaaeafgehlefj2gkmmdd321dajmkil2emidmbgadcjabff2l3dc3j1gjkiba33c12dfelk2edb3dhfa2e23ealbbmkejlj2lkfgefle2gijla1bikk32c3jlkei2l1gcabl1f2fkig1c1hjhbdmbl1lf12ifmkdbf2de1ehm2ebfli3lbjjhdbfldfiegjkfcghgjh3ja1hi22jcfad22ddk3ed13ae1eehhfmcdkbfhmdaimm21meekgmafjljdmhmaiahk1a2cek1ilghclchef2kicfcccagbe3ga22kbddhkkgeaedk3kbikebibacaak1fbicldcfjhglda2i1alkheh1ehgemmhilkic1mfe1ebckek2al3e2g3cblg1eidkcgdmbib21ga3ibjlfcflmhmcjali12dfd23ldjclebaeehgalf22kflmihaeb3kkgljbhhe31f1iahkjefa2gbfikdh3fbf3feb3ja2gfd2gd2ild2f3liahkcf1gdbjlmll2kgihkii2mcgk12hii2ifdgbjjeedic1fbkjcgkmlhghm123ik3cjbiel1clhje1biidceedm31c1h1dmk1gei2aebm2fbckdgkaf1lbliaibdh3a1accbaab13lh 5233233

Not Before

10/12/2012, 15:46

Not After

31/12/2039, 23:59

Subject

CN=ddhbdfdab3jkgddcjii3fchcd3ijfgdlhhhjjahchh3ca3il2lfbgj113c3amajjdad3hllc3mm1ai1fjm2ckcjj2edl2fkljkibjai2fbk33gkacgcahjflibejhmi1hcd3c3lb3kbbi1lhkhj2igdd3dc1demkei1afeiblmk3jgec333giik2ci21acfgbi3mgclaflllcfbehkkcheifi1efahjfmcae2ffaclikggc3ekbegmc3d2beilfgkggjh32lbdggkmaac1kcjie1aj3a22kf1deea3el1if2gehaiegegh3ag1gbkidibl2bhimfjcggfemhh3jkhfkbgj3ejm3g11f33jckegifdjmhladggbgj2lamjdf2bligmhiki2hh3jg2jicachhmdfmaj3b3iig1gbg1kab1ldekcjedlkjmhfik1lhdjgkdg1lmhg21m2dcbgfade1gg1ejlmb3dhbli1mkiiiaikkl1d3mcj1eg3bclm2icadmlgghbbgej2cgedla1gilhmm1gagmldjcalkbbj1mkmacblakaaeafgehlefj2gkmmdd321dajmkil2emidmbgadcjabff2l3dc3j1gjkiba33c12dfelk2edb3dhfa2e23ealbbmkejlj2lkfgefle2gijla1bikk32c3jlkei2l1gcabl1f2fkig1c1hjhbdmbl1lf12ifmkdbf2de1ehm2ebfli3lbjjhdbfldfiegjkfcghgjh3ja1hi22jcfad22ddk3ed13ae1eehhfmcdkbfhmdaimm21meekgmafjljdmhmaiahk1a2cek1ilghclchef2kicfcccagbe3ga22kbddhkkgeaedk3kbikebibacaak1fbicldcfjhglda2i1alkheh1ehgemmhilkic1mfe1ebckek2al3e2g3cblg1eidkcgdmbib21ga3ibjlfcflmhmcjali12dfd23ldjclebaeehgalf22kflmihaeb3kkgljbhhe31f1iahkjefa2gbfikdh3fbf3feb3ja2gfd2gd2ild2f3liahkcf1gdbjlmll2kgihkii2mcgk12hii2ifdgbjjeedic1fbkjcgkmlhghm123ik3cjbiel1clhje1biidceedm31c1h1dmk1gei2aebm2fbckdgkaf1lbliaibdh3a1accbaab13lh 5233233

Extended Key Usages

ExtKeyUsageCodeSigning

55:b5:3d:31:7c:6c:6f:ba:9c:f9:5c:40:f8:b2:9a:46:c1:39:5a:8d
Signer

Actual PE Digest

55:b5:3d:31:7c:6c:6f:ba:9c:f9:5c:40:f8:b2:9a:46:c1:39:5a:8d

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=ddhbdfdab3jkgddcjii3fchcd3ijfgdlhhhjjahchh3ca3il2lfbgj113c3amajjdad3hllc3mm1ai1fjm2ckcjj2edl2fkljkibjai2fbk33gkacgcahjflibejhmi1hcd3c3lb3kbbi1lhkhj2igdd3dc1demkei1afeiblmk3jgec333giik2ci21acfgbi3mgclaflllcfbehkkcheifi1efahjfmcae2ffaclikggc3ekbegmc3d2beilfgkggjh32lbdggkmaac1kcjie1aj3a22kf1deea3el1if2gehaiegegh3ag1gbkidibl2bhimfjcggfemhh3jkhfkbgj3ejm3g11f33jckegifdjmhladggbgj2lamjdf2bligmhiki2hh3jg2jicachhmdfmaj3b3iig1gbg1kab1ldekcjedlkjmhfik1lhdjgkdg1lmhg21m2dcbgfade1gg1ejlmb3dhbli1mkiiiaikkl1d3mcj1eg3bclm2icadmlgghbbgej2cgedla1gilhmm1gagmldjcalkbbj1mkmacblakaaeafgehlefj2gkmmdd321dajmkil2emidmbgadcjabff2l3dc3j1gjkiba33c12dfelk2edb3dhfa2e23ealbbmkejlj2lkfgefle2gijla1bikk32c3jlkei2l1gcabl1f2fkig1c1hjhbdmbl1lf12ifmkdbf2de1ehm2ebfli3lbjjhdbfldfiegjkfcghgjh3ja1hi22jcfad22ddk3ed13ae1eehhfmcdkbfhmdaimm21meekgmafjljdmhmaiahk1a2cek1ilghclchef2kicfcccagbe3ga22kbddhkkgeaedk3kbikebibacaak1fbicldcfjhglda2i1alkheh1ehgemmhilkic1mfe1ebckek2al3e2g3cblg1eidkcgdmbib21ga3ibjlfcflmhmcjali12dfd23ldjclebaeehgalf22kflmihaeb3kkgljbhhe31f1iahkjefa2gbfikdh3fbf3feb3ja2gfd2gd2ild2f3liahkcf1gdbjlmll2kgihkii2mcgk12hii2ifdgbjjeedic1fbkjcgkmlhghm123ik3cjbiel1clhje1biidceedm31c1h1dmk1gei2aebm2fbckdgkaf1lbliaibdh3a1accbaab13lh 5233233

28/10/2022, 15:04
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
VerSetConditionMask
GetCommandLineW
WideCharToMultiByte
VerifyVersionInfoW
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
OpenProcess
GetTimeFormatW
GetTickCount
GetSystemTimeAsFileTime
GetStdHandle
GetModuleHandleA
GetCurrentThreadId
VirtualAllocEx

gdi32

GetStockObject

advapi32

LookupAccountSidW
RegOpenKeyA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegConnectRegistryW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
GetTokenInformation
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

PathIsURLW
PathIsFileSpecW

msvcrt

wcstok
memcpy
wcstol
wcstod
_XcptFilter
__CxxFrameHandler
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_vsnwprintf
_wcsicmp
_wcsnicmp
_wgetcwd
_wmakepath
_wsplitpath
_wtoi
_wtol
calloc
exit
fflush
fprintf
free
malloc
memmove
realloc
setlocale
sprintf
strtok
swscanf
wcschr
wcslen
wcsncmp
wcsncpy
wcsstr

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd2bc81375c8eea9c300470fb3633ece

Code Sign

72:ad:2f:55:34:83:dc:5a:be:26:99:20:0f:02:73:75Certificate

Extended Key Usages

55:b5:3d:31:7c:6c:6f:ba:9c:f9:5c:40:f8:b2:9a:46:c1:39:5a:8dSigner

Signature Validations

Verification

28/10/2022, 15:04 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 260KB - Virtual size: 260KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

72:ad:2f:55:34:83:dc:5a:be:26:99:20:0f:02:73:75
Certificate

55:b5:3d:31:7c:6c:6f:ba:9c:f9:5c:40:f8:b2:9a:46:c1:39:5a:8d
Signer

28/10/2022, 15:04
Valid: false

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 260KB - Virtual size: 260KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB