b0f2075f4c168cf1bb3795f3bdddb6cc4edf85a5aa9b2babdf4b9cf71236eb73

Sharing

Copy URL Twitter E-mail

General

Target

b0f2075f4c168cf1bb3795f3bdddb6cc4edf85a5aa9b2babdf4b9cf71236eb73
Size

24KB
MD5

9299012b4a6111a9c5b8b13010efb964
SHA1

2ed6207f950bf6b61bd14f96b6c2ed2be3a231ef
SHA256

b0f2075f4c168cf1bb3795f3bdddb6cc4edf85a5aa9b2babdf4b9cf71236eb73
SHA512

a21dbf0304cd8b84a000b26fbeab14c5061dab08578805966059cd8d287a9dcad26638bafcaf8f8b1b8350f715fc2b1818a1eb4f51d60ee916e119c23bcb84d8
SSDEEP

384:S1Rf07tXZ8bv8DjOS2m5vSlljEAcZmcVQrQkCXsL25pbahh4WWieZWKYZ:S1By8j+H26vQcAcVwQkVqrbahhdeA

Score

N/A

Malware Config

Signatures

Files

b0f2075f4c168cf1bb3795f3bdddb6cc4edf85a5aa9b2babdf4b9cf71236eb73
.exe windows x86

bbeb72bfc8b0e8e4004a3e34555de467

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

Issuer

CN=yprYsj1KNRia

Not Before

12/03/2012, 12:03

Not After

31/12/2039, 23:59

Subject

CN=yprYsj1KNRia

Extended Key Usages

ExtKeyUsageCodeSigning

0f:6d:e2:39:1d:c4:4a:9b:25:64:08:b6:c7:ea:c0:4d:5e:a7:f4:27
Signer

Actual PE Digest

0f:6d:e2:39:1d:c4:4a:9b:25:64:08:b6:c7:ea:c0:4d:5e:a7:f4:27

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=yprYsj1KNRia

28/10/2022, 15:17
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcpyn
lstrcpyA
lstrcmpA
lstrcmp
_hread
WriteFileEx
WriteConsoleW
WinExec
WaitForDebugEvent
TlsAlloc
SwitchToFiber
SetVolumeMountPointW
SetThreadIdealProcessor
SetTapePosition
SetSystemPowerState
SetPriorityClass
SetLocalTime
SetEnvironmentVariableA
SetCurrentDirectoryW
SetConsoleTitleW
SetConsoleMode
SetConsoleCtrlHandler
SetConsoleCP
SetComputerNameW
SetComputerNameExW
SetCommTimeouts
SetCommState
SetCalendarInfoA
RemoveDirectoryW
ReadConsoleInputW
PeekNamedPipe
PeekConsoleInputW
OpenThread
OpenSemaphoreW
MoveFileW
Module32Next
MapViewOfFile
LocalShrink
LoadLibraryExW
LoadLibraryExA
IsBadStringPtrA
InitializeCriticalSectionAndSpinCount
GlobalUnWire
GlobalDeleteAtom
GetTimeZoneInformation
GetModuleHandleA
GetThreadTimes
GetThreadContext
GetTempPathA
GetTapeParameters
GetStringTypeW
GetStdHandle
GetPrivateProfileIntA
GetModuleFileNameW
GetDiskFreeSpaceExW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleScreenBufferInfo
GetConsoleFontSize
GetConsoleAliasExesA
GetComputerNameExA
GetCommandLineA
GetCommProperties
GetACP
GenerateConsoleCtrlEvent
FreeLibraryAndExitThread
FreeConsole
FoldStringW
FlushConsoleInputBuffer
FindVolumeClose
FindNextFileW
FindCloseChangeNotification
FindClose
FillConsoleOutputCharacterW
ExpandEnvironmentStringsW
EscapeCommFunction
EnumTimeFormatsW
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
EnumCalendarInfoExA
DeleteFileW
DeleteFiber
CreateThread
CreateJobObjectW
CreateIoCompletionPort
CreateEventW
CompareFileTime
CommConfigDialogW
CancelTimerQueueTimer
BuildCommDCBAndTimeoutsW
BindIoCompletionCallback
AllocateUserPhysicalPages
GetProcAddress
GetTempPathW

msvcrt

memset

user32

wvsprintfA
wsprintfW
keybd_event
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TrackPopupMenu
ToAscii
TileChildWindows
SubtractRect
ShowOwnedPopups
SetWinEventHook
SendInput
SendIMEMessageExA
ReleaseCapture
RegisterClassA
RealGetWindowClassA
OpenIcon
OffsetRect
OemToCharW
MsgWaitForMultipleObjectsEx
MoveWindow
MonitorFromRect
MonitorFromPoint
ModifyMenuA
MessageBoxIndirectW
MessageBoxA
MapVirtualKeyExA
MapDialogRect
LookupIconIdFromDirectoryEx
LockWorkStation
LoadIconA
LoadCursorA
IsMenu
InSendMessageEx
ImpersonateDdeClientWindow
IMPGetIMEA
GetWindowTextLengthW
GetUserObjectInformationW
GetTabbedTextExtentA
GetSysColorBrush
GetPropW
GetMonitorInfoW
GetMessageW
GetMessageTime
GetMessageA
GetMenuBarInfo
GetLastInputInfo
GetKeyboardLayout
GetKeyNameTextA
GetInputState
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetCursor
GetClipboardFormatNameA
GetClassInfoW
GetClassInfoExW
GetAltTabInfo
FlashWindow
FindWindowExW
FindWindowExA
FindWindowA
EnumWindows
EnumThreadWindows
EnumDesktopsA
EnableScrollBar
DrawTextW
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyAcceleratorTable
DdeQueryStringA
DdeInitializeA
DdeImpersonateClient
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamW
CreateCaret
CopyIcon
CloseWindowStation
ClientToScreen
CheckMenuRadioItem
CharUpperBuffW
CharPrevExA
CharNextW
ChangeMenuW
ChangeMenuA
CascadeChildWindows
CallWindowProcA
CallNextHookEx
AppendMenuW
GetMenuItemCount

gdi32

AddFontResourceTracking
ArcTo
BitBlt
CLIPOBJ_bEnum
CloseEnhMetaFile
CreateBitmap
CreateColorSpaceW
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateFontIndirectW
CreateMetaFileA
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DeleteColorSpace
DeleteDC
EngEraseSurface
EngLoadModule
EngLockSurface
EngQueryEMFInfo
EngStretchBlt
ExtCreateRegion
FONTOBJ_pvTrueTypeFontFile
FillRgn
FlattenPath
GdiCleanCacheDC
GdiConvertBitmapV5
GdiConvertFont
GdiDescribePixelFormat
GdiEntry10
GdiEntry4
GdiEntry5
GdiFixUpHandle
GdiGetLocalDC
GdiResetDCEMF
GdiSetAttrs
GdiSetLastError
GdiValidateHandle
GetBitmapBits
GetCharWidth32A
GetCharacterPlacementW
GetColorSpace
GetDCOrgEx
GetDIBColorTable
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileDescriptionW
GetEnhMetaFilePaletteEntries
GetFontUnicodeRanges
GetGlyphIndicesA
GetKerningPairs
GetMetaRgn
GetNearestPaletteIndex
GetObjectA
GetOutlineTextMetricsW
GetPaletteEntries
GetPath
GetPixel
GetStringBitmapW
GetTextMetricsW
GetWindowOrgEx
GetWorldTransform
InvertRgn
ModifyWorldTransform
OffsetViewportOrgEx
PatBlt
Pie
PlgBlt
PolyBezierTo
PolyDraw
PolyPolyline
RemoveFontResourceExW
RemoveFontResourceW
ResetDCA
RestoreDC
RoundRect
STROBJ_vEnumStart
SaveDC
SetBkColor
SetDCBrushColor
SetLayoutWidth
SetMapMode
SetMetaRgn
SetPixelV
SetROP2
SetRectRgn
SetSystemPaletteUse
XFORMOBJ_iGetXform
XLATEOBJ_hGetColorTransform
bMakePathNameW
AddFontResourceA

advapi32

RegOpenKeyExW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbeb72bfc8b0e8e4004a3e34555de467

Code Sign

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aaCertificate

Extended Key Usages

0f:6d:e2:39:1d:c4:4a:9b:25:64:08:b6:c7:ea:c0:4d:5e:a7:f4:27Signer

Signature Validations

Verification

28/10/2022, 15:17 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

2c:97:e6:33:fd:29:aa:4b:d0:85:0e:65:dd:02:aa
Certificate

0f:6d:e2:39:1d:c4:4a:9b:25:64:08:b6:c7:ea:c0:4d:5e:a7:f4:27
Signer

28/10/2022, 15:17
Valid: false

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB