134801658f9ab0749c98044f2375f82d[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

134801658f9ab0749c98044f2375f82d.exe
Size

91KB
MD5

134801658f9ab0749c98044f2375f82d
SHA1

3a5b265481d1401ad3132fcf2fa8a2773fd2a7ad
SHA256

98b71364c59171da0e9d98e40caec2ade8668da7389d63cb353124bcfd8ae925
SHA512

4ef54a6b89857ec43bce7939a965bf21b18cab515bca469486ccd46f3d0132ca9151487c4a60ff418a519920ed4c91cef87cd8047f9b76d6576cbc41ea7807ab
SSDEEP

1536:Lwk+aEMSm08AhxhcfCeY0B5lDKXP7LxwT4Gzd2zupIAgzub:LLSmz4xtF45yLWT4824zgk

Score

N/A

Malware Config

Signatures

Files

134801658f9ab0749c98044f2375f82d.exe
.exe windows x86

7d5cc6b3dd3ca20781846b837232cd43

Code Sign

33:00:00:04:90:0e:61:14:98:12:78:23:70:00:00:00:00:04:90
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:47

Not After

11/05/2023, 20:47

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4
Signer

Actual PE Digest

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

02/11/2022, 14:00
Valid: false

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4
Signer

Actual PE Digest

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

02/11/2022, 14:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapCreate

user32

GetSystemMetrics
GetMenu
GetSystemMenu
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
TrackPopupMenu
GetMenuInfo
InsertMenuItemA
SetMenuItemInfoA
GetMenuDefaultItem
DragDetect
DrawIcon
DrawTextExA
TabbedTextOutA
GetTabbedTextExtentA
SetActiveWindow
PaintDesktop
SetForegroundWindow
GetDC
GetDCEx
GetWindowDC
GetWindowRgn
InvalidateRect
ValidateRgn
RedrawWindow
ScrollDC
SetScrollPos
EnableScrollBar
GetPropA
RemovePropA
DestroyAcceleratorTable
SetWindowTextA
GetClientRect
GetWindowRect
SetWindowContextHelpId
GetMenuContextHelpId
MessageBoxA
SetCursor
GetCursorPos
GetClipCursor
HideCaret
GetCaretPos
ClientToScreen
MapWindowPoints
ChildWindowFromPoint
ClipCursor
GetSysColor
GetSysColorBrush
SetRect
InflateRect
IsRectEmpty
EqualRect
GetWindowLongA
SetWindowLongA
SetProcessDefaultLayout
GetParent
FindWindowA
FindWindowExA
GetTopWindow
CheckMenuRadioItem
LoadCursorA
DestroyCursor
LoadIconA
DestroyIcon
CopyIcon
IsDialogMessageA
MapDialogRect
CascadeWindows
GetScrollBarInfo
RealGetWindowClassA
GetListBoxInfo
TranslateAcceleratorA
LoadAcceleratorsA
EnableWindow
KillTimer
SetTimer
SetCapture
GetActiveWindow
SetFocus
IsCharUpperA
CharNextA
CharLowerBuffA
CharLowerA
CharUpperA
OemToCharW
DefDlgProcA
GetDlgCtrlID
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamA
CreateDialogParamA
BringWindowToTop
AnyPopup
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsMenu
IsWindow
GetClassInfoA
UnregisterClassA
RegisterClassA
CallWindowProcA
PostQuitMessage
PostMessageA
SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
DrawAnimatedRects
ToUnicodeEx
ActivateKeyboardLayout
wsprintfA
wvsprintfA
EnumPropsA

gdi32

DeleteObject
DrawEscape
GetObjectA
SelectClipPath
PathToRegion
AbortPath
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
EnumMetaFile
PlayMetaFileRecord
GdiTransparentBlt
UpdateColors
SetTextAlign
SetTextColor
SetStretchBltMode
SetPixelV
SetPixel
SetPaletteEntries
GetLayout
SetMapMode
SetDIBitsToDevice
SetBitmapBits
SetBkMode
SelectObject
RemoveFontResourceA
PolyPolygon
PatBlt
OffsetRgn
GetWindowOrgEx
GetViewportExtEx
GetGlyphIndicesA
GetFontLanguageInfo
GetStockObject
GetPaletteEntries
GetMetaRgn
GetClipBox
GetBrushOrgEx
GetBoundsRect
GetBkColor
GetAspectRatioFilterEx
ExtFloodFill
EqualRgn
EnumFontsW
EnumFontFamiliesExA
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d5cc6b3dd3ca20781846b837232cd43

Code Sign

33:00:00:04:90:0e:61:14:98:12:78:23:70:00:00:00:00:04:90Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cfCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4Signer

Signature Validations

Verification

02/11/2022, 14:00 Valid: false

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4Signer

Signature Validations

Verification

02/11/2022, 14:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 792B

.CRT Size: 512B - Virtual size: 28B

.rsrc Size: 55KB - Virtual size: 54KB

33:00:00:04:90:0e:61:14:98:12:78:23:70:00:00:00:00:04:90
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4
Signer

02/11/2022, 14:00
Valid: false

ad:48:fd:4d:f5:47:bd:e9:e1:2a:87:ba:3c:0d:38:dd:28:9b:52:01:cf:f1:97:98:a0:e5:18:58:38:0d:4b:c4
Signer

02/11/2022, 14:00
Valid: false

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 792B

.CRT
Size: 512B - Virtual size: 28B

.rsrc
Size: 55KB - Virtual size: 54KB