9a293eca4f1d74ef30185cddbf9f11ba7673744890686939847300583d3579a2

Sharing

Copy URL Twitter E-mail

General

Target

9a293eca4f1d74ef30185cddbf9f11ba7673744890686939847300583d3579a2
Size

275KB
MD5

2ab6982c829f89a8c56063940f90ee90
SHA1

1ec65b081ecd0241e70d59ace947aeb703a77028
SHA256

9a293eca4f1d74ef30185cddbf9f11ba7673744890686939847300583d3579a2
SHA512

3f0b0537dc91905b3afc0503e75c9fc7bd3c737d9bb821e6d677224e53cb4081b8a7dec6905679ed9df0d8db18ed36c73d0cc917980bd65b7391de6fa6ebe058
SSDEEP

6144:pjxT29GXlRsGg8UZvVtTTBf/XYVA3XUMIJ:FxmGLgVZvVVBf/XY6kTJ

Score

N/A

Malware Config

Signatures

Files

9a293eca4f1d74ef30185cddbf9f11ba7673744890686939847300583d3579a2
.exe windows x86

ca0fdf45fde53df050f29221c7570f7f

Code Sign

3c:2e:38:1a:0d:d6:90:4d:b2:08:3f:7a:98:f9:34:36
Certificate

Issuer

CN=T-Install

Not Before

06/04/2014, 13:54

Not After

31/12/2039, 23:59

Subject

CN=T-Installer

32:cf:de:7e:b6:e2:43:7c:e7:24:cb:14:db:95:f9:71:55:e6:95:e8
Signer

Actual PE Digest

32:cf:de:7e:b6:e2:43:7c:e7:24:cb:14:db:95:f9:71:55:e6:95:e8

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=T-Installer

04/11/2022, 15:44
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
Sleep
GetFileSize
GetTickCount
MapViewOfFile
GetTempPathA
GetVersionExW
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
HeapAlloc
HeapFree
GetProcessHeap
FindClose
CloseHandle
GetFullPathNameW
CreateFileA
FindFirstFileA
VirtualProtect
VirtualFree
VirtualAlloc
GetProcAddress
FreeLibrary
CreateFileW
WriteConsoleW
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetOEMCP
GetACP
IsValidCodePage
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
RtlUnwind
HeapReAlloc
RaiseException
GetSystemTimeAsFileTime
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsProcessorFeaturePresent
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
IsDebuggerPresent
GetConsoleMode
VirtualQuery
HeapSize
GetCurrentThreadId

gdi32

SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
GetObjectW

user32

MessageBoxW
DestroyWindow
GetMonitorInfoW
MonitorFromPoint
LoadCursorW
GetDesktopWindow
GetWindowRect
ReleaseDC
GetDC
UpdateWindow
SetTimer
UpdateLayeredWindow
ShowWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0fdf45fde53df050f29221c7570f7f

Code Sign

3c:2e:38:1a:0d:d6:90:4d:b2:08:3f:7a:98:f9:34:36Certificate

32:cf:de:7e:b6:e2:43:7c:e7:24:cb:14:db:95:f9:71:55:e6:95:e8Signer

Signature Validations

Verification

04/11/2022, 15:44 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 14KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 42KB - Virtual size: 42KB

3c:2e:38:1a:0d:d6:90:4d:b2:08:3f:7a:98:f9:34:36
Certificate

32:cf:de:7e:b6:e2:43:7c:e7:24:cb:14:db:95:f9:71:55:e6:95:e8
Signer

04/11/2022, 15:44
Valid: false

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 14KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 42KB - Virtual size: 42KB