a75bb9b1efc221ebc9fec6225b6d72d8b373c43e91e5e8ef5a8729a4a2545968

Sharing

Copy URL Twitter E-mail

General

Target

a75bb9b1efc221ebc9fec6225b6d72d8b373c43e91e5e8ef5a8729a4a2545968
Size

322KB
MD5

03e0968934bea3cd474ef6a90a5cac83
SHA1

7645eaf2da2988938e538ab9d180b09d43aa7153
SHA256

a75bb9b1efc221ebc9fec6225b6d72d8b373c43e91e5e8ef5a8729a4a2545968
SHA512

aa2e87fcfe3cd77c4819cb61b9e359d15ccd4a887d5f249571dd7a15e13c229df83704e8650ca572a89431d289bd5dfea8dab2d91cdd3b2a66e254be2745de76
SSDEEP

6144:/39fMsMtHPvWpewtLIaQXdWpALNzrfvdMpa1:NMFPvsLsLVr/

Score

N/A

Malware Config

Signatures

Files

a75bb9b1efc221ebc9fec6225b6d72d8b373c43e91e5e8ef5a8729a4a2545968
.exe windows x86

321b9f956134c5cdf45a1bcf58933745

Code Sign

25:39:70:f7:03:28:33:86:4c:2c:3d:16:71:5a:6f:22
Certificate

Issuer

CN=2!935961!543867965484963!38!127666243!73!1421!8!25949!!99593992!!8987!22872222526863721422965796744873642!18!931849263938882!441!527!13!3183!2845778!1!2739439243954986538362!32964334433111835758873674

Not Before

13/11/2012, 07:02

Not After

31/12/2039, 23:59

Subject

CN=2!935961!543867965484963!38!127666243!73!1421!8!25949!!99593992!!8987!22872222526863721422965796744873642!18!931849263938882!441!527!13!3183!2845778!1!2739439243954986538362!32964334433111835758873674

Extended Key Usages

ExtKeyUsageCodeSigning

cb:f6:e5:e7:f6:b4:70:65:b6:35:cf:6a:63:6f:5e:69:52:86:0d:d5
Signer

Actual PE Digest

cb:f6:e5:e7:f6:b4:70:65:b6:35:cf:6a:63:6f:5e:69:52:86:0d:d5

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=2!935961!543867965484963!38!127666243!73!1421!8!25949!!99593992!!8987!22872222526863721422965796744873642!18!931849263938882!441!527!13!3183!2845778!1!2739439243954986538362!32964334433111835758873674

04/11/2022, 15:44
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GetShortPathNameA
GetVersionExW
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetStartupInfoA
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FindClose
SetCurrentDirectoryA
SetCurrentDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
lstrlenW
GetLastError
GetProcAddress
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
CloseHandle
InterlockedIncrement
InterlockedDecrement
CreateFileW
WriteFile
GetComputerNameW
GetFileType
InitializeCriticalSection
DeleteCriticalSection
GetCommandLineW
GetStartupInfoW
OutputDebugStringW
LoadLibraryA

user32

LoadStringA
LoadStringW
RegisterWindowMessageA
SendMessageA
GetDesktopWindow
PostMessageW
LoadIconW
SetForegroundWindow
KillTimer
SetTimer
ReleaseDC
GetDC
GetClientRect
SendMessageW
EnableWindow

gdi32

GetTextExtentPoint32W

msvcrt

_wcsicmp
wcsstr
mbstowcs
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
wcslen

advapi32

RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegCloseKey
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
CopySid
GetLengthSid
IsValidSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
OpenProcessToken
MakeSelfRelativeSD
GetTokenInformation
InitializeSecurityDescriptor
RegOpenKeyW

shell32

SHGetPathFromIDListA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoTaskMemFree

shlwapi

PathRemoveBlanksW

Sections

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

321b9f956134c5cdf45a1bcf58933745

Code Sign

25:39:70:f7:03:28:33:86:4c:2c:3d:16:71:5a:6f:22Certificate

Extended Key Usages

cb:f6:e5:e7:f6:b4:70:65:b6:35:cf:6a:63:6f:5e:69:52:86:0d:d5Signer

Signature Validations

Verification

04/11/2022, 15:44 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

ole32

shlwapi

Sections

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 612B

25:39:70:f7:03:28:33:86:4c:2c:3d:16:71:5a:6f:22
Certificate

cb:f6:e5:e7:f6:b4:70:65:b6:35:cf:6a:63:6f:5e:69:52:86:0d:d5
Signer

04/11/2022, 15:44
Valid: false

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 612B