mal[.]payload[.]new[.]q-pw-BV1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

mal.payload.new.q-pw-BV1.zip
Size

864KB
MD5

dbe682f57a28fc97e77f84dedcaab452
SHA1

20cd5b5686af4248607734eb95e22705378feb9f
SHA256

9fd92fed123d0246a53dcf9662b832fdba861600922c37985c4029c846aae231
SHA512

f3126964176faac5926fd84049ce033e9f35d4c2b93d9634538710da4152d4bfa9d88fc20c4c6ea01d924a4d57909b00acfb027755b3aca6bb53cb45094b0d4b
SSDEEP

24576:RjiGpReVE4dDcJgtvM150m+Q6FT9oKMEj1atXqBfgPz:RxpRudDcJsm+QGZ2uIpmoPz

Score

N/A

Malware Config

Signatures

Files

mal.payload.new.q-pw-BV1.zip
.zip

Password: BV1
CO4748.zip
.zip

Password: BV1
CO4748.iso
.iso

Password: BV1
CO.lnk
.lnk
judicature/butting.txt
judicature/prophet.cmd
.cmd .vbs
judicature/velvety.png
.png
judicature/without.dat
.dll windows x86

Password: BV1

Code Sign

25:d0:47:6a:fb:cd:07:98:44:a4:de:3d:60:ad:eb:cb
Certificate

Issuer

CN=HLERBUOWZPFLKGSQIB

Not Before

28/10/2022, 11:40

Not After

31/12/2039, 23:59

Subject

CN=HLERBUOWZPFLKGSQIB

Extended Key Usages

ExtKeyUsageCodeSigning

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a2:d5:46:ec:33:d7:ed:49:cf:d5:de:27:11:d1:95:7f:b4:44:7c:c5
Signer

Actual PE Digest

a2:d5:46:ec:33:d7:ed:49:cf:d5:de:27:11:d1:95:7f:b4:44:7c:c5

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=HLERBUOWZPFLKGSQIB

28/10/2022, 15:17
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: BV1

Password: BV1

Password: BV1

Password: BV1

Code Sign

25:d0:47:6a:fb:cd:07:98:44:a4:de:3d:60:ad:eb:cbCertificate

Extended Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

a2:d5:46:ec:33:d7:ed:49:cf:d5:de:27:11:d1:95:7f:b4:44:7c:c5Signer

Signature Validations

Verification

28/10/2022, 15:17 Valid: false

Headers

File Characteristics

Sections

CODE Size: 1.2MB - Virtual size: 1.2MB

DATA Size: 15KB - Virtual size: 14KB

BSS Size: - Virtual size: 3KB

.idata Size: 10KB - Virtual size: 9KB

.reloc Size: 98KB - Virtual size: 97KB

.rsrc Size: 221KB - Virtual size: 221KB

25:d0:47:6a:fb:cd:07:98:44:a4:de:3d:60:ad:eb:cb
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

a2:d5:46:ec:33:d7:ed:49:cf:d5:de:27:11:d1:95:7f:b4:44:7c:c5
Signer

28/10/2022, 15:17
Valid: false

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 15KB - Virtual size: 14KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 10KB - Virtual size: 9KB

.reloc
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 221KB - Virtual size: 221KB