a1d6ffa8a9cdacf9077042a831c617caaf53a3f77a1c33584b562934b9c84a5f

Sharing

Copy URL Twitter E-mail

General

Target

a1d6ffa8a9cdacf9077042a831c617caaf53a3f77a1c33584b562934b9c84a5f
Size

292KB
MD5

0c5ebf692376b79902e6f55ca7199690
SHA1

815c19937ce1c28d2aa0f96923acf4a78d4f8356
SHA256

a1d6ffa8a9cdacf9077042a831c617caaf53a3f77a1c33584b562934b9c84a5f
SHA512

900b7e361667b7309e18fec3f06e8904fca05136f357c512b6a49c79cc1a0cb1c02a454541edd7f083a906b2c4b1c2611b9c665adfe59519f94f3f0bb877d465
SSDEEP

6144:JT+FQoHd7YswMHScIOq1G/PoRnC2CkErfoc:UFhHtycBqwoRC2gcc

Score

N/A

Malware Config

Signatures

Files

a1d6ffa8a9cdacf9077042a831c617caaf53a3f77a1c33584b562934b9c84a5f
.exe windows x86

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8e
Certificate

Issuer

CN=829915296348636797555212219712666822675899223796878297237912889199175292879833164624961537337353648646919121742494647685797136953259976244853433765316

Not Before

11/07/2012, 07:51

Not After

31/12/2039, 23:59

Subject

CN=829915296348636797555212219712666822675899223796878297237912889199175292879833164624961537337353648646919121742494647685797136953259976244853433765316

Extended Key Usages

ExtKeyUsageCodeSigning

d1:b9:6d:54:7c:e9:e9:3b:4e:a8:d5:17:fd:80:c0:be:ea:ec:f5:8e
Signer

Actual PE Digest

d1:b9:6d:54:7c:e9:e9:3b:4e:a8:d5:17:fd:80:c0:be:ea:ec:f5:8e

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=829915296348636797555212219712666822675899223796878297237912889199175292879833164624961537337353648646919121742494647685797136953259976244853433765316

04/11/2022, 15:41
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetModuleHandleA
GetProcAddress
CloseHandle
GetWindowsDirectoryW
CreateFileW
VirtualAllocEx

user32

LoadIconA

advapi32

RegOpenKeyW
RegCloseKey

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60fd1f8a4d62b3c300aa0a0b884a4c8f

Code Sign

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8eCertificate

Extended Key Usages

d1:b9:6d:54:7c:e9:e9:3b:4e:a8:d5:17:fd:80:c0:be:ea:ec:f5:8eSigner

Signature Validations

Verification

04/11/2022, 15:41 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 273KB - Virtual size: 273KB

.data Size: 10KB - Virtual size: 10KB

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 220B

42:3e:41:af:0b:fa:e9:84:4e:e5:3c:aa:11:28:28:8e
Certificate

d1:b9:6d:54:7c:e9:e9:3b:4e:a8:d5:17:fd:80:c0:be:ea:ec:f5:8e
Signer

04/11/2022, 15:41
Valid: false

.text
Size: 273KB - Virtual size: 273KB

.data
Size: 10KB - Virtual size: 10KB

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 220B