619c29315668b82da92d363a7af1d779c989785cc675797e0232857b23018c44

Sharing

Copy URL Twitter E-mail

General

Target

619c29315668b82da92d363a7af1d779c989785cc675797e0232857b23018c44
Size

408KB
MD5

0cc23a02188382a754e804ec74255ad0
SHA1

cd48f5e43e307bfb382b7aece984bacfd6764ee1
SHA256

619c29315668b82da92d363a7af1d779c989785cc675797e0232857b23018c44
SHA512

42d38d6c921d22adab7a559dfb175405409993ecb775f9ad7ee4a42c79fe5d81d3950f5ffb638e1904da0450009c358eada9754e3ada0af3b9dfb15af270cac7
SSDEEP

6144:aNSGe7msdbqM7luP0d0FlI+cC/dihoYPUs+DGgYmuFOd05A:LGe7mU2Olhd0Fl3/dihdUsDrmld05A

Score

N/A

Malware Config

Signatures

Files

619c29315668b82da92d363a7af1d779c989785cc675797e0232857b23018c44
.exe windows x86

e39e6673b99e6df59b1bf5665e906bf6

Code Sign

01
Certificate

Issuer

CN=HERE,OU=YOU,O=LLLLOVE,L=DASTA,ST=RRAS,C=TT

Not Before

11/03/2014, 20:18

Not After

10/03/2016, 20:18

Subject

CN=I LOVE YOU,OU=THANK YOU,O=SHARE YOUR LOVE,L=LOVE IS HERE,ST=FAST,C=DD

9d:18:cc:f1:af:93:b5:a2:52:bc:5d:a2:d9:f3:18:c3:79:e3:61:e6
Signer

Actual PE Digest

9d:18:cc:f1:af:93:b5:a2:52:bc:5d:a2:d9:f3:18:c3:79:e3:61:e6

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=I LOVE YOU,OU=THANK YOU,O=SHARE YOUR LOVE,L=LOVE IS HERE,ST=FAST,C=DD

04/11/2022, 15:42
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

comdlg32

GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

gdi32

CreateFontA
GetTextExtentPoint32A
EndDoc
EndPage
DeleteObject
CreateCompatibleBitmap
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
SetTextColor
CreateHatchBrush
CreateSolidBrush
CreatePen
IntersectClipRect
SelectClipRgn
ExtTextOutW
SetBkMode
GetTextExtentPoint32W
GetTextMetricsA
CreateFontIndirectA
Rectangle
SetPixel
Polyline
Ellipse
GetStockObject
Polygon
SetMapMode
StartDocA
StartPage
GetDeviceCaps

user32

LoadIconA
MessageBeep
TranslateMessage
BeginPaint
IntersectRect
EndPaint
PostQuitMessage
ReleaseCapture
SetCapture
DefWindowProcA
CreateMenu
AppendMenuA
SetMenu
GetKeyboardState
EnableMenuItem
CheckMenuItem
DrawMenuBar
CheckDlgButton
DefDlgProcA
LoadCursorA
RegisterClassA
EnableWindow
ShowWindow
IsDialogMessageA
DispatchMessageA
GetMessageA
SetForegroundWindow
DestroyWindow
SendMessageA
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
GetWindowLongA
CreateWindowExA
SetWindowLongA
SystemParametersInfoA
GetClientRect
AdjustWindowRectEx
GetMenu
SetRect
GetMenuItemCount
GetMenuItemRect
UnionRect
SetWindowPos
GetWindowRect
WinHelpA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetTimer
KillTimer
OffsetRect
InvalidateRect
GetSysColor
GetDC
ReleaseDC
SetWindowTextA
MessageBoxA
DestroyMenu

kernel32

RaiseException
SetEndOfFile
InterlockedExchange
RtlUnwind
CreateFileA
SetStdHandle
HeapSize
SetFilePointer
GetLocaleInfoA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
GetCPInfo
CompareStringA
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FlushFileBuffers
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
ReadFile
WriteFile
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
GetModuleHandleA
ExitProcess
HeapReAlloc
HeapFree
HeapAlloc
MulDiv
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
FormatMessageA
GetLastError
GetLocalTime
MultiByteToWideChar
GetTickCount

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e39e6673b99e6df59b1bf5665e906bf6

Code Sign

01Certificate

9d:18:cc:f1:af:93:b5:a2:52:bc:5d:a2:d9:f3:18:c3:79:e3:61:e6Signer

Signature Validations

Verification

04/11/2022, 15:42 Valid: false

Headers

File Characteristics

Imports

comctl32

comdlg32

gdi32

user32

kernel32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 301KB - Virtual size: 301KB

01
Certificate

9d:18:cc:f1:af:93:b5:a2:52:bc:5d:a2:d9:f3:18:c3:79:e3:61:e6
Signer

04/11/2022, 15:42
Valid: false

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 301KB - Virtual size: 301KB