696f59c181cb0559ac78f6d68e68e2769af07ca15d2d0aec902707ad9951a288

Sharing

Copy URL Twitter E-mail

General

Target

696f59c181cb0559ac78f6d68e68e2769af07ca15d2d0aec902707ad9951a288
Size

325KB
MD5

08c75fceaf65814abf2fc656e934a566
SHA1

38b1fd883ce7e5fbfdfdc07e014746f9bc711172
SHA256

696f59c181cb0559ac78f6d68e68e2769af07ca15d2d0aec902707ad9951a288
SHA512

0c6ddce421996266b0394d1e7f91ef735d3a69204b5213305ebfbc3c208058d303eb1b8108ab5a6e4dc0c83d2ea3933f41f180ffdf3f8e9ffd80133882121fb3
SSDEEP

6144:ie3NlYQGajwev0lW9RM2k1Pt+LCJ8kOp4x1mMwO9eGGxMbaCw3ovUxc:j3XtRjw8KWY2kT+LBXpDMjefxOaCw3o5

Score

N/A

Malware Config

Signatures

Files

696f59c181cb0559ac78f6d68e68e2769af07ca15d2d0aec902707ad9951a288
.exe windows x86

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

Issuer

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Not Before

23/01/2013, 18:13

Not After

31/12/2039, 23:59

Subject

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Extended Key Usages

ExtKeyUsageCodeSigning

00:ad:ae:ee:b0:84:d0:9c:3d:4b:34:05:54:2a:f1:a9:e3:d0:65:44
Signer

Actual PE Digest

00:ad:ae:ee:b0:84:d0:9c:3d:4b:34:05:54:2a:f1:a9:e3:d0:65:44

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

04/11/2022, 15:41
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryExA

user32

PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
GetClientRect

gdi32

DeleteEnhMetaFile
CloseEnhMetaFile
LineTo
CreateEnhMetaFileA
Rectangle
MoveToEx
PlayEnhMetaFile

Sections

.text
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6Certificate

Extended Key Usages

00:ad:ae:ee:b0:84:d0:9c:3d:4b:34:05:54:2a:f1:a9:e3:d0:65:44Signer

Signature Validations

Verification

04/11/2022, 15:41 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 315KB - Virtual size: 314KB

.data Size: 1KB - Virtual size: 1KB

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

00:ad:ae:ee:b0:84:d0:9c:3d:4b:34:05:54:2a:f1:a9:e3:d0:65:44
Signer

04/11/2022, 15:41
Valid: false

.text
Size: 315KB - Virtual size: 314KB

.data
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB