c2aa62f240dc1afbb22b6978ccf51d555a9325edbd351c2a0e68b8171bae455f

Sharing

Copy URL Twitter E-mail

General

Target

c2aa62f240dc1afbb22b6978ccf51d555a9325edbd351c2a0e68b8171bae455f
Size

59KB
MD5

08ae78fbfda8fd996991016399e65d0c
SHA1

c5e4a3ccc629e41b7d45038d9e16905d5fe88d08
SHA256

c2aa62f240dc1afbb22b6978ccf51d555a9325edbd351c2a0e68b8171bae455f
SHA512

057341974c065120521598c7cdf087673a88911ebab0566dc660ba24949b33b7a9f99c8a32c0216d876d20ac51e3dd83b20de350a2317f3f129e54b418ff123c
SSDEEP

768:V9JJOW7vgB8vXg00UayB5XsCRQe3g+nEdPc9O6W+z4hJD0cphpKpSpEv4CkDP:VnJOW7vJvXg4TBpJRJ3g+c0jCD0fv+

Score

N/A

Malware Config

Signatures

Files

c2aa62f240dc1afbb22b6978ccf51d555a9325edbd351c2a0e68b8171bae455f
.exe windows x86

2e48e8e955e58b8d71b07309e717e70e

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

Issuer

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Not Before

03/12/2012, 15:08

Not After

31/12/2039, 23:59

Subject

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Extended Key Usages

ExtKeyUsageCodeSigning

a6:f9:a4:78:62:a8:0c:fa:07:5e:29:c0:ea:88:51:3f:88:f4:28:fa
Signer

Actual PE Digest

a6:f9:a4:78:62:a8:0c:fa:07:5e:29:c0:ea:88:51:3f:88:f4:28:fa

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

04/11/2022, 15:42
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
ExitProcess
CreateFileW
ReadFile
VirtualAlloc
GetLastError
GetModuleHandleW
CloseHandle
GetFileAttributesW
lstrlenW
GetProcAddress
GlobalAlloc
CreateProcessW
LoadLibraryW
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetPrivateProfileIntW
SetCurrentDirectoryW
GetCurrentDirectoryW
LocalFree
LocalAlloc
LoadLibraryA
FreeLibrary
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GlobalFree
SetErrorMode
GetCommandLineW
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
FormatMessageW
MulDiv
GetCurrentProcess
GetVersionExW
TerminateProcess
GetExitCodeThread
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetSystemDirectoryW
lstrcatW
SearchPathW
GetPrivateProfileStringW
lstrcmpiW
lstrcpyW
lstrcpynW

user32

GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA
SetFocus
CreateWindowExW
MoveWindow
GetClientRect
GetWindowRect
wsprintfW
GetDlgItem
EndDialog
DestroyWindow
SetWindowLongW
EndPaint
GetSysColor
GetParent
BeginPaint
GetWindowLongW
DefWindowProcW
RegisterClassW
LoadCursorW
LoadStringW
MessageBoxW
PostMessageW
ShowWindow
WinHelpW
ChildWindowFromPoint
ScreenToClient
DestroyIcon
DialogBoxParamW
LoadIconW
FindWindowW
CharUpperBuffW
CharLowerBuffW
IsDlgButtonChecked
GetDlgItemTextW
CheckRadioButton
InvalidateRect
SetDlgItemTextW
EnableWindow
SendMessageW
SetClassLongW
CheckDlgButton

gdi32

GetStockObject
SetTextAlign
SelectObject
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW

msvcrt

memcpy
_vsnprintf
_mbsrchr
_mbslen
__lconv_init
setlocale
_mbsinc
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_strnicmp
_stricmp
_except_handler3
strtoul
_ftol
strncpy
strchr
strrchr
_mbschr
_c_exit
_wcsicmp
isleadbyte
memmove
towlower
atoi
isspace
free
wcsncpy
strncmp

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e48e8e955e58b8d71b07309e717e70e

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42Certificate

Extended Key Usages

a6:f9:a4:78:62:a8:0c:fa:07:5e:29:c0:ea:88:51:3f:88:f4:28:faSigner

Signature Validations

Verification

04/11/2022, 15:42 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 772B

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

a6:f9:a4:78:62:a8:0c:fa:07:5e:29:c0:ea:88:51:3f:88:f4:28:fa
Signer

04/11/2022, 15:42
Valid: false

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 772B